[{"data":1,"prerenderedAt":1089},["ShallowReactive",2],{"/en-us/the-source/security/beyond-shift-left-engineering-supply-chain-safety-at-scale/":3,"footer-en-us":58,"the-source-banner-en-us":364,"the-source-navigation-en-us":376,"the-source-newsletter-en-us":404,"article-site-categories-en-us":415,"beyond-shift-left-engineering-supply-chain-safety-at-scale-article-hero-category-en-us":417,"beyond-shift-left-engineering-supply-chain-safety-at-scale-the-source-gated-asset-en-us":440,"beyond-shift-left-engineering-supply-chain-safety-at-scale-category-en-us":456,"beyond-shift-left-engineering-supply-chain-safety-at-scale-the-source-resources-en-us":468,"beyond-shift-left-engineering-supply-chain-safety-at-scale-article-hero-author-en-us":499},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"config":8,"seo":15,"content":20,"type":50,"slug":51,"category":5,"_id":52,"_type":53,"title":7,"_source":54,"_file":55,"_stem":56,"_extension":57},"/en-us/the-source/security/beyond-shift-left-engineering-supply-chain-safety-at-scale","security",false,"",{"layout":9,"template":10,"articleType":11,"author":12,"featured":13,"gatedAsset":14},"the-source","TheSourceArticle","Regular","josh-lemos",true,"application-security-in-the-digital-age",{"title":16,"description":17,"ogImage":18,"config":19},"Beyond “shift left”: Engineering supply chain safety at scale","Learn why the traditional “shift left” approach falls short and how supply chain safety can transform your software security approach at scale.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751464122/kxhyozwsjf8ik6ssm3id.jpg",{"ignoreTitleCharLimit":13},{"title":16,"date":21,"description":17,"timeToRead":22,"heroImage":18,"keyTakeaways":23,"articleBody":27,"faq":28},"2025-03-27","3 min read",[24,25,26],"Most DevSecOps implementations are just DevOps with bolted-on security tools. True software supply chain safety requires engineering security directly into development processes, with tools serving as verification rather than primary protection.","Success in software supply chain safety depends on four pillars: infrastructure guardrails, language security features, automated dependency management, and security function abstraction through service mesh.","Align security and development team incentives through shared metrics and security champions. Focus on building systems that make secure development the path of least resistance rather than adding friction.","Your organization has probably already recognized the value of DevSecOps: removing silos between development, security, and operations teams. You’ve integrated security tools into your CI/CD pipeline, developers are scanning their code, and you have a dedicated security team reviewing findings. So why are you still struggling with security vulnerabilities, team burnout, and the constant tension between development velocity and security requirements? The truth is, most DevSecOps implementations today amount to little more than DevOps with security tools bolted on. It’s time to fundamentally change how we approach software supply chain security.\n\n## The promise and reality of the shift left\nThe journey to modern DevSecOps began with good intentions. As organizations moved to the cloud and adopted DevOps practices, security teams attempted to “shift left” by pushing security responsibilities earlier in the development cycle. However, this often meant taking the same noisy security tools - static analysis, dynamic testing, and software composition analysis - and simply making them the developers’ problem.\n\nThe results are predictable: With unrealistic security-to-developer ratios, [security teams are overwhelmed](https://about.gitlab.com/the-source/security/security-its-more-than-culture-addressing-the-root-cause-of-common-security/) by the volume of findings from improperly tuned tools. Developers, already under pressure to deliver features quickly, face constant interruptions from release-gating security tools, with unacceptable false positive rates. The promised integration of security into development workflows has instead created new bottlenecks and friction points.\n\n## Why traditional approaches miss the mark\nThe fundamental flaw in many DevSecOps implementations is treating security as an add-on rather than a core platform engineering capability. Organizations implement basic continuous integration practices with security tools attached, but fail to address the underlying challenges:\n\n- Security tools produce overwhelming noise without proper tuning and context\n- Workflow interruptions and governance processes create frustrating slowdowns\n- Security and development teams operate in silos with misaligned incentives\n- Traditional security metrics fail to demonstrate meaningful risk reduction\n\nShifting security left isn’t enough. We need to transform how we think about security entirely.\n\n## Engineering for supply chain safety\nInstead of focusing on security as a state free from threats, we should embrace safety as our guiding principle - creating systems inherently protected from and unlikely to cause danger. **Supply chain safety** means implementing systematic safeguards throughout the software development lifecycle that protect both the code you write and the dependencies you consume. It encompasses everything from the infrastructure your applications run on to the third-party packages you integrate, ensuring that each component is verified, validated, and continuously monitored for potential risks. This approach builds on the success patterns we’ve seen in other areas of software security, like the adoption of memory-safe languages and ubiquitous Transport Layer Security (TLS) encryption.\n\nHere’s how you can implement supply chain safety effectively:\n1. **Infrastructure guardrails**: Leverage [platform engineering](https://about.gitlab.com/the-source/platform/driving-business-results-with-platform-engineering/) to create pre-hardened templates that enforce security controls by default. This ensures teams inherit security best practices without additional cognitive load.\n1. **Language and framework security**: Take advantage of built-in security features in modern programming languages and frameworks. From automated memory management to deserialization filters, these features can prevent entire classes of vulnerabilities.\n1. **Automated dependency management**: Implement dependency proxies that automatically scan, validate, and cache third-party packages. Define clear policies for package verification and maintain a curated list of approved dependencies.\n1. **Security function abstraction**: Use service mesh and security sidecars to handle cross-cutting security concerns like authentication and authorization. This removes the burden of implementing security controls from individual service code.\n\n## Making it work: The human element\nTechnical solutions alone aren’t enough - success requires addressing the human factors that often derail security initiatives. Start by aligning incentives between security and development teams through shared goals and metrics that reward software resiliency improvements. Build a network of security champions within development teams who can act as bridges between security and engineering.\n\nCreate targeted training programs that focus on the security enablement features you’ve built, demonstrating how they reduce operational burden rather than add to it. Regular cross-team collaboration ensures both groups understand and support each other’s needs.\n\n## Moving forward\nThe path to true supply chain safety requires a fundamental shift in approaching security. Instead of bolting on security tools and hoping for the best, [build security directly into your engineering processes and practices](https://about.gitlab.com/the-source/security/strengthen-your-cybersecurity-strategy-with-secure-by-design/). You should layer in security tools for assurance and verification only after establishing strong engineering foundations.\n\nStart by evaluating your current DevSecOps implementation. Are you truly integrating security into your engineering practices, or just adding security tools to your pipeline? Focus first on building the infrastructure and platform capabilities that make secure development the path of least resistance. Remember, the goal isn’t to make developers think more about security - it’s about engineering safety from the ground up to help teams build secure software naturally through well-designed systems and processes.",[29,32,35,38,41,44,47],{"header":30,"content":31},"Why isn’t “shift left” enough to improve software security?","While shifting security earlier in the development cycle is a well-intentioned step, it often results in security tools being handed off to developers without adequate tuning or context. This creates noise, slows workflows, and introduces friction rather than improving safety or resilience.",{"header":33,"content":34},"What’s the difference between software security and software safety?","Security often focuses on reacting to threats, whereas safety is about proactively designing systems that are resistant to risk by default. A safety-driven approach builds protections into the software supply chain from the ground up, not just at the edges.",{"header":36,"content":37},"How does supply chain safety improve developer experience?","Supply chain safety reduces the operational burden on developers by integrating security controls into infrastructure and workflows. Pre-hardened templates, secure-by-default configurations, and abstracted security functions reduce the need for manual intervention.",{"header":39,"content":40},"What role do development frameworks and languages play in this approach?","Modern languages and frameworks offer built-in protections, such as memory management and deserialization controls. Leveraging these features helps eliminate entire categories of vulnerabilities without needing to create custom security logic.",{"header":42,"content":43},"How can organizations reduce risk from third-party dependencies?","Using automated tools like dependency proxies and curated package lists allows teams to validate, scan, and control third-party components. This helps ensure that all integrated packages meet security standards before reaching production.",{"header":45,"content":46},"What is the importance of aligning security and development teams?","Security outcomes improve when both teams share goals, metrics, and mutual understanding. Creating a network of champions and offering enablement training helps foster collaboration and encourages adoption of secure engineering practices.",{"header":48,"content":49},"How can engineering teams get started with supply chain safety?","Begin by assessing your current workflows. Prioritize infrastructure and platform investments that embed security into the development lifecycle. Focus on creating systems that naturally support secure behavior, and use tools to reinforce, not replace, these foundations.","article","beyond-shift-left-engineering-supply-chain-safety-at-scale","content:en-us:the-source:security:beyond-shift-left-engineering-supply-chain-safety-at-scale:index.yml","yaml","content","en-us/the-source/security/beyond-shift-left-engineering-supply-chain-safety-at-scale/index.yml","en-us/the-source/security/beyond-shift-left-engineering-supply-chain-safety-at-scale/index","yml",{"_path":59,"_dir":60,"_draft":6,"_partial":6,"_locale":7,"data":61,"_id":360,"_type":53,"title":361,"_source":54,"_file":362,"_stem":363,"_extension":57},"/shared/en-us/main-footer","en-us",{"text":62,"source":63,"edit":69,"contribute":74,"config":79,"items":84,"minimal":352},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":64,"config":65},"View page source",{"href":66,"dataGaName":67,"dataGaLocation":68},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":70,"config":71},"Edit this page",{"href":72,"dataGaName":73,"dataGaLocation":68},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":75,"config":76},"Please contribute",{"href":77,"dataGaName":78,"dataGaLocation":68},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":80,"facebook":81,"youtube":82,"linkedin":83},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[85,112,184,252,314],{"title":86,"links":87,"subMenu":93},"Platform",[88],{"text":89,"config":90},"DevSecOps platform",{"href":91,"dataGaName":92,"dataGaLocation":68},"/platform/","devsecops platform",[94],{"title":95,"links":96},"Pricing",[97,102,107],{"text":98,"config":99},"View plans",{"href":100,"dataGaName":101,"dataGaLocation":68},"/pricing/","view plans",{"text":103,"config":104},"Why Premium?",{"href":105,"dataGaName":106,"dataGaLocation":68},"/pricing/premium/","why premium",{"text":108,"config":109},"Why Ultimate?",{"href":110,"dataGaName":111,"dataGaLocation":68},"/pricing/ultimate/","why ultimate",{"title":113,"links":114},"Solutions",[115,120,124,129,134,139,144,149,154,159,164,169,174,179],{"text":116,"config":117},"Digital transformation",{"href":118,"dataGaName":119,"dataGaLocation":68},"/topics/digital-transformation/","digital transformation",{"text":121,"config":122},"Application Security Testing",{"href":123,"dataGaName":121,"dataGaLocation":68},"/solutions/application-security-testing/",{"text":125,"config":126},"Automated software delivery",{"href":127,"dataGaName":128,"dataGaLocation":68},"/solutions/delivery-automation/","automated software delivery",{"text":130,"config":131},"Agile development",{"href":132,"dataGaName":133,"dataGaLocation":68},"/solutions/agile-delivery/","agile delivery",{"text":135,"config":136},"Cloud transformation",{"href":137,"dataGaName":138,"dataGaLocation":68},"/topics/cloud-native/","cloud transformation",{"text":140,"config":141},"SCM",{"href":142,"dataGaName":143,"dataGaLocation":68},"/solutions/source-code-management/","source code management",{"text":145,"config":146},"CI/CD",{"href":147,"dataGaName":148,"dataGaLocation":68},"/solutions/continuous-integration/","continuous integration & delivery",{"text":150,"config":151},"Value stream management",{"href":152,"dataGaName":153,"dataGaLocation":68},"/solutions/value-stream-management/","value stream management",{"text":155,"config":156},"GitOps",{"href":157,"dataGaName":158,"dataGaLocation":68},"/solutions/gitops/","gitops",{"text":160,"config":161},"Enterprise",{"href":162,"dataGaName":163,"dataGaLocation":68},"/enterprise/","enterprise",{"text":165,"config":166},"Small business",{"href":167,"dataGaName":168,"dataGaLocation":68},"/small-business/","small business",{"text":170,"config":171},"Public sector",{"href":172,"dataGaName":173,"dataGaLocation":68},"/solutions/public-sector/","public sector",{"text":175,"config":176},"Education",{"href":177,"dataGaName":178,"dataGaLocation":68},"/solutions/education/","education",{"text":180,"config":181},"Financial services",{"href":182,"dataGaName":183,"dataGaLocation":68},"/solutions/finance/","financial services",{"title":185,"links":186},"Resources",[187,192,197,202,207,212,217,222,227,232,237,242,247],{"text":188,"config":189},"Install",{"href":190,"dataGaName":191,"dataGaLocation":68},"/install/","install",{"text":193,"config":194},"Quick start guides",{"href":195,"dataGaName":196,"dataGaLocation":68},"/get-started/","quick setup checklists",{"text":198,"config":199},"Learn",{"href":200,"dataGaName":201,"dataGaLocation":68},"https://university.gitlab.com/","learn",{"text":203,"config":204},"Product documentation",{"href":205,"dataGaName":206,"dataGaLocation":68},"https://docs.gitlab.com/","docs",{"text":208,"config":209},"Blog",{"href":210,"dataGaName":211,"dataGaLocation":68},"/blog/","blog",{"text":213,"config":214},"Customer success stories",{"href":215,"dataGaName":216,"dataGaLocation":68},"/customers/","customer success stories",{"text":218,"config":219},"Remote",{"href":220,"dataGaName":221,"dataGaLocation":68},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":223,"config":224},"GitLab Services",{"href":225,"dataGaName":226,"dataGaLocation":68},"/services/","services",{"text":228,"config":229},"TeamOps",{"href":230,"dataGaName":231,"dataGaLocation":68},"/teamops/","teamops",{"text":233,"config":234},"Community",{"href":235,"dataGaName":236,"dataGaLocation":68},"/community/","community",{"text":238,"config":239},"Forum",{"href":240,"dataGaName":241,"dataGaLocation":68},"https://forum.gitlab.com/","forum",{"text":243,"config":244},"Events",{"href":245,"dataGaName":246,"dataGaLocation":68},"/events/","events",{"text":248,"config":249},"Partners",{"href":250,"dataGaName":251,"dataGaLocation":68},"/partners/","partners",{"title":253,"links":254},"Company",[255,260,265,270,275,280,285,289,294,299,304,309],{"text":256,"config":257},"About",{"href":258,"dataGaName":259,"dataGaLocation":68},"/company/","company",{"text":261,"config":262},"Jobs",{"href":263,"dataGaName":264,"dataGaLocation":68},"/jobs/","jobs",{"text":266,"config":267},"Leadership",{"href":268,"dataGaName":269,"dataGaLocation":68},"/company/team/e-group/","leadership",{"text":271,"config":272},"Team",{"href":273,"dataGaName":274,"dataGaLocation":68},"/company/team/","team",{"text":276,"config":277},"Handbook",{"href":278,"dataGaName":279,"dataGaLocation":68},"https://handbook.gitlab.com/","handbook",{"text":281,"config":282},"Investor relations",{"href":283,"dataGaName":284,"dataGaLocation":68},"https://ir.gitlab.com/","investor relations",{"text":286,"config":287},"Sustainability",{"href":288,"dataGaName":286,"dataGaLocation":68},"/sustainability/",{"text":290,"config":291},"Diversity, inclusion and belonging (DIB)",{"href":292,"dataGaName":293,"dataGaLocation":68},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":295,"config":296},"Trust Center",{"href":297,"dataGaName":298,"dataGaLocation":68},"/security/","trust center",{"text":300,"config":301},"Newsletter",{"href":302,"dataGaName":303,"dataGaLocation":68},"/company/contact/","newsletter",{"text":305,"config":306},"Press",{"href":307,"dataGaName":308,"dataGaLocation":68},"/press/","press",{"text":310,"config":311},"Modern Slavery Transparency Statement",{"href":312,"dataGaName":313,"dataGaLocation":68},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"title":315,"links":316},"Contact Us",[317,322,327,332,337,342,347],{"text":318,"config":319},"Contact an expert",{"href":320,"dataGaName":321,"dataGaLocation":68},"/sales/","sales",{"text":323,"config":324},"Get help",{"href":325,"dataGaName":326,"dataGaLocation":68},"/support/","get help",{"text":328,"config":329},"Customer portal",{"href":330,"dataGaName":331,"dataGaLocation":68},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":333,"config":334},"Status",{"href":335,"dataGaName":336,"dataGaLocation":68},"https://status.gitlab.com/","status",{"text":338,"config":339},"Terms of use",{"href":340,"dataGaName":341,"dataGaLocation":68},"/terms/","terms of use",{"text":343,"config":344},"Privacy statement",{"href":345,"dataGaName":346,"dataGaLocation":68},"/privacy/","privacy statement",{"text":348,"config":349},"Cookie preferences",{"dataGaName":350,"dataGaLocation":68,"id":351,"isOneTrustButton":13},"cookie preferences","ot-sdk-btn",{"items":353},[354,356,358],{"text":338,"config":355},{"href":340,"dataGaName":341,"dataGaLocation":68},{"text":343,"config":357},{"href":345,"dataGaName":346,"dataGaLocation":68},{"text":348,"config":359},{"dataGaName":350,"dataGaLocation":68,"id":351,"isOneTrustButton":13},"content:shared:en-us:main-footer.yml","Main Footer","shared/en-us/main-footer.yml","shared/en-us/main-footer",{"_path":365,"_dir":366,"_draft":6,"_partial":6,"_locale":7,"visibility":13,"id":367,"title":368,"button":369,"_id":373,"_type":53,"_source":54,"_file":374,"_stem":375,"_extension":57},"/shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18","banner","The Economics of Software Innovation","The Economics of Software Innovation—AI’s $750 Billion Opportunity",{"config":370,"text":372},{"href":371},"https://about.gitlab.com/software-innovation-report/","Get the research report","content:shared:en-us:the-source:banner:the-economics-of-software-innovation-2025-08-18.yml","shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18.yml","shared/en-us/the-source/banner/the-economics-of-software-innovation-2025-08-18",{"_path":377,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"logo":378,"subscribeLink":383,"navItems":387,"_id":400,"_type":53,"title":401,"_source":54,"_file":402,"_stem":403,"_extension":57},"/shared/en-us/the-source/navigation",{"altText":379,"config":380},"the source logo",{"src":381,"href":382},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":384,"config":385},"Subscribe",{"href":386},"#subscribe",[388,392,396],{"text":389,"config":390},"Artificial Intelligence",{"href":391},"/the-source/ai/",{"text":393,"config":394},"Security & Compliance",{"href":395},"/the-source/security/",{"text":397,"config":398},"Platform & Infrastructure",{"href":399},"/the-source/platform/","content:shared:en-us:the-source:navigation.yml","Navigation","shared/en-us/the-source/navigation.yml","shared/en-us/the-source/navigation",{"_path":405,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"title":406,"description":407,"submitMessage":408,"formData":409,"_id":412,"_type":53,"_source":54,"_file":413,"_stem":414,"_extension":57},"/shared/en-us/the-source/newsletter","The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":410},{"formId":411,"formName":303,"hideRequiredLabel":13},1077,"content:shared:en-us:the-source:newsletter.yml","shared/en-us/the-source/newsletter.yml","shared/en-us/the-source/newsletter",{"categoryNames":416},{"ai":389,"platform":397,"security":393},{"_path":418,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":419,"config":420,"seo":421,"content":424,"slug":5,"_id":437,"_type":53,"title":7,"_source":54,"_file":438,"_stem":439,"_extension":57},"/en-us/the-source/security","category",{"layout":9},{"title":393,"description":422,"ogImage":423},"Get up to speed on how organizations can ensure they're staying on top of evolving security threats and compliance requirements.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463273/aplkxrvwpii26xao5yhi.png",[425,430],{"componentName":426,"type":426,"componentContent":427},"TheSourceCategoryHero",{"title":393,"description":422,"image":428},{"config":429},{"src":423},{"componentName":431,"type":431,"componentContent":432},"TheSourceCategoryMainSection",{"config":433},{"gatedAssets":434},[435,436,14],"source-lp-guide-to-dynamic-sboms","source-lp-devsecops-the-key-to-modern-security-resilience","content:en-us:the-source:security:index.yml","en-us/the-source/security/index.yml","en-us/the-source/security/index",{"_path":441,"_dir":442,"_draft":6,"_partial":6,"_locale":7,"config":443,"title":445,"description":446,"link":447,"_id":453,"_type":53,"_source":54,"_file":454,"_stem":455,"_extension":57},"/shared/en-us/the-source/gated-assets/application-security-in-the-digital-age","gated-assets",{"id":14,"formId":444},1002,"Application security in the digital age","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are grappling with increasing attack surfaces and changing attitudes towards security and AI.",{"text":448,"config":449},"Read the report",{"href":450,"dataGaName":451,"dataGaLocation":452},"https://about.gitlab.com/developer-survey/2024/security-compliance","Application Security in the Digital Age","thesource","content:shared:en-us:the-source:gated-assets:application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age.yml","shared/en-us/the-source/gated-assets/application-security-in-the-digital-age",{"_path":418,"_dir":9,"_draft":6,"_partial":6,"_locale":7,"type":419,"config":457,"seo":458,"content":459,"slug":5,"_id":437,"_type":53,"title":7,"_source":54,"_file":438,"_stem":439,"_extension":57},{"layout":9},{"title":393,"description":422,"ogImage":423},[460,464],{"componentName":426,"type":426,"componentContent":461},{"title":393,"description":422,"image":462},{"config":463},{"src":423},{"componentName":431,"type":431,"componentContent":465},{"config":466},{"gatedAssets":467},[435,436,14],[469,473,486],{"_path":441,"_dir":442,"_draft":6,"_partial":6,"_locale":7,"config":470,"title":445,"description":446,"link":471,"_id":453,"_type":53,"_source":54,"_file":454,"_stem":455,"_extension":57},{"id":14,"formId":444},{"text":448,"config":472},{"href":450,"dataGaName":451,"dataGaLocation":452},{"_path":474,"_dir":442,"_draft":6,"_partial":6,"_locale":7,"config":475,"title":476,"description":477,"link":478,"_id":483,"_type":53,"_source":54,"_file":484,"_stem":485,"_extension":57},"/shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience",{"id":436},"DevSecOps: The key to modern security resilience","Learn how embedding security in development can slash incident response time by 720x and save millions in security costs annually.",{"text":479,"config":480},"Download the guide",{"href":481,"dataGaName":482,"dataGaLocation":452},"https://about.gitlab.com/the-source/security/devsecops-the-key-to-modern-security-resilience/","DevSecOps the key to modern security resilience","content:shared:en-us:the-source:gated-assets:source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience.yml","shared/en-us/the-source/gated-assets/source-lp-devsecops-the-key-to-modern-security-resilience",{"_path":487,"_dir":442,"_draft":6,"_partial":6,"_locale":7,"config":488,"title":489,"description":490,"link":491,"_id":496,"_type":53,"_source":54,"_file":497,"_stem":498,"_extension":57},"/shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",{"id":435},"Guide to dynamic SBOMs: An integral element of modern software development","Learn how to gain visibility into previously unidentified organizational risks with a software bill of materials (SBOM).",{"text":492,"config":493},"Read the guide",{"href":494,"dataGaName":495,"dataGaLocation":452},"https://about.gitlab.com/the-source/security/guide-to-dynamic-sboms/","Guide to Dynamic SBOMs","content:shared:en-us:the-source:gated-assets:source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms.yml","shared/en-us/the-source/gated-assets/source-lp-guide-to-dynamic-sboms",[500,525,541,559,575,595,616,638,654,673,695,713,734,750,769,786,804,824,842,861,882,902,918,934,954,972,993,1011,1030,1046,1067],{"_path":501,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":503,"seo":504,"content":506,"type":520,"slug":521,"_id":522,"_type":53,"title":505,"_source":54,"_file":523,"_stem":524,"_extension":57},"/en-us/the-source/authors/amanda-rueda","authors",{"layout":9},{"title":505},"Amanda Rueda",[507,518],{"type":508,"componentName":508,"componentContent":509},"TheSourceAuthorHero",{"config":510,"name":505,"role":513,"bio":514,"headshot":515},{"gitlabHandle":511,"linkedInProfileUrl":512},"amandarueda","https://www.linkedin.com/in/amandamrueda/","Senior Product Manager","Amanda Rueda is a Senior Product Manager at GitLab, specializing in strategic product vision, agile planning, and leveraging AI to enhance workflows and user experiences. Amanda is a thought leader in agile planning and product management workflows, and enjoys building GitLab features that drive team collaboration, transparent project management, and high-performing teams.",{"altText":505,"config":516},{"src":517},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463383/osecw1pzbxvb7fhqhiky.png",{"componentName":519,"type":519},"TheSourceArticlesList","author","amanda-rueda","content:en-us:the-source:authors:amanda-rueda.yml","en-us/the-source/authors/amanda-rueda.yml","en-us/the-source/authors/amanda-rueda",{"_path":526,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":527,"seo":528,"content":530,"type":520,"slug":537,"_id":538,"_type":53,"title":529,"_source":54,"_file":539,"_stem":540,"_extension":57},"/en-us/the-source/authors/andre-michael-braun",{"layout":9},{"title":529},"Andre Michael Braun",[531,536],{"type":508,"componentName":508,"componentContent":532},{"name":529,"headshot":533},{"altText":529,"config":534},{"src":535},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463336/yl27k7wdlnkzsizwknn1.jpg",{"componentName":519,"type":519},"andre-michael-braun","content:en-us:the-source:authors:andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun.yml","en-us/the-source/authors/andre-michael-braun",{"_path":542,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":543,"seo":544,"content":546,"type":520,"slug":555,"_id":556,"_type":53,"title":545,"_source":54,"_file":557,"_stem":558,"_extension":57},"/en-us/the-source/authors/andrew-haschka",{"layout":9},{"title":545},"Andrew Haschka",[547,554],{"type":508,"componentName":508,"componentContent":548},{"name":545,"role":549,"bio":550,"headshot":551},"Field CTO, Asia Pacific & Japan","Andrew Haschka is the CTO for Asia Pacific & Japan at GitLab, acting as the trusted advisor to GitLab partners and customers. Andrew takes a consultative approach to address common and unique business requirements. He provides subject matter expertise and industry experience throughout the customer’s modernisation journey, working with product management and engineering teams to evolve product features to meet market demand.",{"altText":545,"config":552},{"src":553},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463349/z1qnc4uxmqgg3hnm3da4.png",{"componentName":519,"type":519},"andrew-haschka","content:en-us:the-source:authors:andrew-haschka.yml","en-us/the-source/authors/andrew-haschka.yml","en-us/the-source/authors/andrew-haschka",{"_path":560,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":561,"seo":562,"content":564,"type":520,"slug":571,"_id":572,"_type":53,"title":563,"_source":54,"_file":573,"_stem":574,"_extension":57},"/en-us/the-source/authors/ayoub-fandi",{"layout":9},{"title":563},"Ayoub Fandi",[565,570],{"componentName":508,"type":508,"componentContent":566},{"name":563,"headshot":567},{"altText":563,"config":568},{"src":569},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463329/wyp554loeyoibx3ozren.jpg",{"componentName":519,"type":519},"ayoub-fandi","content:en-us:the-source:authors:ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi.yml","en-us/the-source/authors/ayoub-fandi",{"_path":576,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":577,"seo":578,"content":580,"type":520,"slug":591,"_id":592,"_type":53,"title":579,"_source":54,"_file":593,"_stem":594,"_extension":57},"/en-us/the-source/authors/bob-stevens",{"layout":9},{"title":579},"Bob Stevens",[581,590],{"componentName":508,"type":508,"componentContent":582},{"config":583,"name":579,"role":586,"headshot":587},{"gitlabHandle":584,"linkedInProfileUrl":585},"bstevens1","https://www.linkedin.com/in/bob-stevens-1237564/","Public Sector Area Vice President, GitLab",{"altText":579,"config":588},{"src":589},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687939/mv3lhtimdzr8jmfqmbk1.jpg",{"componentName":519,"type":519},"bob-stevens","content:en-us:the-source:authors:bob-stevens.yml","en-us/the-source/authors/bob-stevens.yml","en-us/the-source/authors/bob-stevens",{"_path":596,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":597,"seo":598,"content":600,"type":520,"slug":612,"_id":613,"_type":53,"title":599,"_source":54,"_file":614,"_stem":615,"_extension":57},"/en-us/the-source/authors/brian-wald",{"layout":9},{"title":599},"Brian Wald",[601,611],{"componentName":508,"type":508,"componentContent":602},{"config":603,"name":599,"role":606,"bio":607,"headshot":608},{"gitlabHandle":604,"linkedInProfileUrl":605},"brianwald","https://www.linkedin.com/in/brianwald/","Head of Global Field CTO org","Brian Wald is Head of Global Field CTO org at GitLab. He leads a dynamic team of Field CTOs dedicated to transforming enterprise software development practices.",{"altText":599,"config":609},{"src":610},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463417/fugpbux9miqbdx3wewtu.jpg",{"componentName":519,"type":519},"brian-wald","content:en-us:the-source:authors:brian-wald.yml","en-us/the-source/authors/brian-wald.yml","en-us/the-source/authors/brian-wald",{"_path":617,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":618,"seo":619,"content":621,"type":520,"slug":634,"_id":635,"_type":53,"title":620,"_source":54,"_file":636,"_stem":637,"_extension":57},"/en-us/the-source/authors/bryan-ross",{"layout":9},{"title":620},"Bryan Ross",[622,633],{"componentName":508,"type":508,"componentContent":623},{"config":624,"name":620,"role":628,"bio":629,"headshot":630},{"gitlabHandle":625,"twitterXProfileUrl":626,"linkedInProfileUrl":627},"bryanrossuk","https://twitter.com/bryanrossuk","https://www.linkedin.com/in/bryanross","Field CTO","With over 15 years of industry experience as a senior IT leader, Bryan helps customers realize business value from IT faster. Equally comfortable speaking with executives and engineers alike, he bridges the gap between technical and business stakeholders through compelling storytelling and real-world examples. With a knack for delivering authentic, impactful messages, he enjoys helping others at the intersection of technology, people and process.",{"altText":620,"config":631},{"src":632},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463324/mvdyvskii4hltdrgqxom.jpg",{"componentName":519,"type":519},"bryan-ross","content:en-us:the-source:authors:bryan-ross.yml","en-us/the-source/authors/bryan-ross.yml","en-us/the-source/authors/bryan-ross",{"_path":639,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":640,"seo":641,"content":643,"type":520,"slug":650,"_id":651,"_type":53,"title":642,"_source":54,"_file":652,"_stem":653,"_extension":57},"/en-us/the-source/authors/chandler-gibbons",{"layout":9},{"title":642},"Chandler Gibbons",[644,649],{"componentName":508,"type":508,"componentContent":645},{"name":642,"headshot":646},{"altText":642,"config":647},{"src":648},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463362/o7g9fqtqtjvegfwniuxh.jpg",{"componentName":519,"type":519},"chandler-gibbons","content:en-us:the-source:authors:chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons.yml","en-us/the-source/authors/chandler-gibbons",{"_path":655,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":656,"seo":657,"content":659,"type":520,"slug":669,"_id":670,"_type":53,"title":658,"_source":54,"_file":671,"_stem":672,"_extension":57},"/en-us/the-source/authors/dave-steer",{"layout":9},{"title":658},"Dave Steer",[660,668],{"componentName":508,"type":508,"componentContent":661},{"config":662,"name":658,"role":664,"headshot":665},{"gitlabHandle":663},"dsteer","Vice President, Product Marketing",{"altText":658,"config":666},{"src":667},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463457/zbtapdkglu3yb9suaq7w.png",{"componentName":519,"type":519},"dave-steer","content:en-us:the-source:authors:dave-steer.yml","en-us/the-source/authors/dave-steer.yml","en-us/the-source/authors/dave-steer",{"_path":674,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":675,"seo":676,"content":678,"type":520,"slug":690,"_id":691,"_type":53,"title":692,"_source":54,"_file":693,"_stem":694,"_extension":57},"/en-us/the-source/authors/ddesanto",{"layout":9},{"title":677},"David DeSanto",[679,689],{"componentName":508,"type":508,"componentContent":680},{"config":681,"name":677,"role":684,"bio":685,"headshot":686},{"gitlabHandle":682,"linkedInProfileUrl":683},"david","https://www.linkedin.com/in/ddesanto/","Chief Product Officer","David DeSanto is the Chief Product Officer at GitLab Inc., where he leads GitLab’s product division to define and execute GitLab's product vision and roadmap. David is responsible for ensuring the company builds, ships, and supports the platform that reinforces GitLab's leadership in the DevSecOps platform market.",{"altText":677,"config":687},{"src":688},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463446/bgnljs84zcsxj0t6nvix.png",{"componentName":519,"type":519},"ddesanto","content:en-us:the-source:authors:ddesanto.yml","Ddesanto","en-us/the-source/authors/ddesanto.yml","en-us/the-source/authors/ddesanto",{"_path":696,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":697,"seo":698,"content":700,"type":520,"slug":708,"_id":709,"_type":53,"title":710,"_source":54,"_file":711,"_stem":712,"_extension":57},"/en-us/the-source/authors/derek-debellis",{"layout":9},{"title":699},"Derek DeBellis",[701,707],{"componentName":508,"type":508,"componentContent":702},{"name":699,"role":703,"headshot":704},"Lead Researcher, Google's DORA team ",{"altText":699,"config":705},{"src":706},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463385/sbnjwfaguszi5g2smzr7.png",{"componentName":519,"type":519},"derek-debellis","content:en-us:the-source:authors:derek-debellis.yml","Derek Debellis","en-us/the-source/authors/derek-debellis.yml","en-us/the-source/authors/derek-debellis",{"_path":714,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":715,"seo":716,"content":718,"type":520,"slug":730,"_id":731,"_type":53,"title":717,"_source":54,"_file":732,"_stem":733,"_extension":57},"/en-us/the-source/authors/emilio-salvador",{"layout":9},{"title":717},"Emilio Salvador",[719,729],{"componentName":508,"type":508,"componentContent":720},{"config":721,"name":717,"role":724,"bio":725,"headshot":726},{"gitlabHandle":722,"linkedInProfileUrl":723},"esalvadorp","https://www.linkedin.com/in/emiliosp/","Vice President, Strategy and Developer Relations","Emilio Salvador is vice president of strategy and developer relations at GitLab. A technology executive with more than 20 years of experience, Emilio has held roles at Amazon and Microsoft, and most recently led strategy and operations for the Developer Advocacy and Experience team at Google. He holds an MBA from MIT Sloan School of Management.",{"altText":717,"config":727},{"src":728},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463402/g0snp3uisjm4tj3pkqcw.jpg",{"componentName":519,"type":519},"emilio-salvador","content:en-us:the-source:authors:emilio-salvador.yml","en-us/the-source/authors/emilio-salvador.yml","en-us/the-source/authors/emilio-salvador",{"_path":735,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":736,"seo":737,"content":739,"type":520,"slug":746,"_id":747,"_type":53,"title":738,"_source":54,"_file":748,"_stem":749,"_extension":57},"/en-us/the-source/authors/erika-feldman",{"layout":9},{"title":738},"Erika Feldman",[740,745],{"componentName":508,"type":508,"componentContent":741},{"name":738,"headshot":742},{"altText":738,"config":743},{"src":744},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463354/d9quqvz7d2ayjwif7vdn.png",{"componentName":519,"type":519},"erika-feldman","content:en-us:the-source:authors:erika-feldman.yml","en-us/the-source/authors/erika-feldman.yml","en-us/the-source/authors/erika-feldman",{"_path":751,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":752,"seo":753,"content":755,"type":520,"slug":765,"_id":766,"_type":53,"title":754,"_source":54,"_file":767,"_stem":768,"_extension":57},"/en-us/the-source/authors/george-kichukov",{"layout":9},{"title":754},"George Kichukov",[756,764],{"componentName":508,"type":508,"componentContent":757},{"config":758,"name":754,"role":628,"bio":760,"headshot":761},{"gitlabHandle":759},"gkichukov","George Kichukov brings over two decades of expertise in software development, enterprise architecture, and technology leadership to his role as Financial Services Field CTO for GitLab. His career began in the startup ecosystem, where he spent five years developing name-matching technologies deployed across government, defense, and financial services. George transitioned into solution architecture, where he guided financial institutions in modernizing their application development practices. Prior to GitLab, George spent 12 years at a large financial services organization leading developer services, application security programs and DevOps infrastructure automation platforms. In his current role at GitLab, George partners with financial services organizations, helping them achieve their strategic objectives in DevOps, DevSecOps, Developer Experience, SDLC compliance, and using AI across software development.",{"altText":754,"config":762},{"src":763},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463366/dk2knfancgsxocjkmyoa.jpg",{"componentName":519,"type":519},"george-kichukov","content:en-us:the-source:authors:george-kichukov.yml","en-us/the-source/authors/george-kichukov.yml","en-us/the-source/authors/george-kichukov",{"_path":770,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":771,"seo":772,"content":774,"type":520,"slug":781,"_id":782,"_type":53,"title":783,"_source":54,"_file":784,"_stem":785,"_extension":57},"/en-us/the-source/authors/gitlab",{"layout":9},{"title":773},"GitLab",[775,780],{"componentName":508,"type":508,"componentContent":776},{"name":773,"headshot":777},{"altText":773,"config":778},{"src":779},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463461/ts7io0hgpdyqylbzfire.png",{"componentName":519,"type":519},"gitlab","content:en-us:the-source:authors:gitlab.yml","Gitlab","en-us/the-source/authors/gitlab.yml","en-us/the-source/authors/gitlab",{"_path":787,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":788,"seo":789,"content":791,"type":520,"slug":800,"_id":801,"_type":53,"title":790,"_source":54,"_file":802,"_stem":803,"_extension":57},"/en-us/the-source/authors/grant-hickman",{"layout":9},{"title":790},"Grant Hickman",[792,799],{"componentName":508,"type":508,"componentContent":793},{"config":794,"name":790,"headshot":796},{"gitlabHandle":795},"g.hickman",{"altText":790,"config":797},{"src":798},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463463/f3uqwtugqotyhwutz5gu.png",{"componentName":519,"type":519},"grant-hickman","content:en-us:the-source:authors:grant-hickman.yml","en-us/the-source/authors/grant-hickman.yml","en-us/the-source/authors/grant-hickman",{"_path":805,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":806,"seo":807,"content":809,"type":520,"slug":820,"_id":821,"_type":53,"title":808,"_source":54,"_file":822,"_stem":823,"_extension":57},"/en-us/the-source/authors/haim-snir",{"layout":9},{"title":808},"Haim Snir",[810,819],{"componentName":508,"type":508,"componentContent":811},{"config":812,"name":808,"role":815,"headshot":816},{"gitlabHandle":813,"linkedInProfileUrl":814},"hsnir1","https://www.linkedin.com/in/haimsnir/","Senior Product Manager, Dev & Analytics, GitLab",{"altText":808,"config":817},{"src":818},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463395/nubmshvaq8wpomopllni.png",{"componentName":519,"type":519},"haim-snir","content:en-us:the-source:authors:haim-snir.yml","en-us/the-source/authors/haim-snir.yml","en-us/the-source/authors/haim-snir",{"_path":825,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":826,"seo":827,"content":829,"type":520,"slug":833,"_id":838,"_type":53,"title":839,"_source":54,"_file":840,"_stem":841,"_extension":57},"/en-us/the-source/authors/iganbaruch",{"layout":9},{"title":828},"Itzik Gan Baruch",[830,837],{"componentName":508,"type":508,"componentContent":831},{"config":832,"name":828,"headshot":834},{"gitlabHandle":833},"iganbaruch",{"altText":828,"config":835},{"src":836},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463443/vibb2fkc0ojni2d1eqde.png",{"componentName":519,"type":519},"content:en-us:the-source:authors:iganbaruch.yml","Iganbaruch","en-us/the-source/authors/iganbaruch.yml","en-us/the-source/authors/iganbaruch",{"_path":843,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":844,"seo":845,"content":847,"type":520,"slug":856,"_id":857,"_type":53,"title":858,"_source":54,"_file":859,"_stem":860,"_extension":57},"/en-us/the-source/authors/jlongo",{"layout":9},{"title":846},"Joseph Longo",[848,855],{"componentName":508,"type":508,"componentContent":849},{"config":850,"name":846,"headshot":852},{"gitlabHandle":851},"jlongo_gitlab",{"altText":846,"config":853},{"src":854},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463434/uoxaknpmoposbbgzqji8.png",{"componentName":519,"type":519},"jlongo","content:en-us:the-source:authors:jlongo.yml","Jlongo","en-us/the-source/authors/jlongo.yml","en-us/the-source/authors/jlongo",{"_path":862,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":863,"seo":864,"content":866,"type":520,"slug":878,"_id":879,"_type":53,"title":865,"_source":54,"_file":880,"_stem":881,"_extension":57},"/en-us/the-source/authors/joel-krooswyk",{"layout":9},{"title":865},"Joel Krooswyk",[867,877],{"componentName":508,"type":508,"componentContent":868},{"config":869,"name":865,"role":872,"bio":873,"headshot":874},{"gitlabHandle":870,"linkedInProfileUrl":871},"jkrooswyk","https://www.linkedin.com/in/joelrkrooswyk/","Federal CTO","Joel Krooswyk is the Federal CTO at GitLab. Joel has actively been involved in GitLab’s growth since 2017. His 25 years of leadership experience span not only the U.S. Public Sector, but also small, mid-market, and enterprise businesses globally. Joel combines deep government policy expertise with a wealth of experience in technology, software development, AI, and cybersecurity. He is frequently called upon by industry and agencies alike for policy commentary and response.",{"altText":865,"config":875},{"src":876},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463423/mkmdhuxsjggfvokdmdv7.jpg",{"componentName":519,"type":519},"joel-krooswyk","content:en-us:the-source:authors:joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk.yml","en-us/the-source/authors/joel-krooswyk",{"_path":883,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":884,"seo":885,"content":887,"type":520,"slug":12,"_id":899,"_type":53,"title":886,"_source":54,"_file":900,"_stem":901,"_extension":57},"/en-us/the-source/authors/josh-lemos",{"layout":9},{"title":886},"Josh Lemos",[888,898],{"componentName":508,"type":508,"componentContent":889},{"config":890,"name":886,"role":893,"bio":894,"headshot":895},{"gitlabHandle":891,"linkedInProfileUrl":892},"joshlemos","https://www.linkedin.com/in/joshlemos/","Chief Information Security Officer","Josh Lemos is the Chief Information Security Officer at GitLab Inc., where he brings 20 years of experience leading information security teams to his role. He is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected, fortifying the Gitlab DevSecOps platform and ensuring the highest level of security for customers.",{"altText":886,"config":896},{"src":897},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463405/f4rqtiecakrekvxfhqar.jpg",{"componentName":519,"type":519},"content:en-us:the-source:authors:josh-lemos.yml","en-us/the-source/authors/josh-lemos.yml","en-us/the-source/authors/josh-lemos",{"_path":903,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":904,"seo":905,"content":907,"type":520,"slug":914,"_id":915,"_type":53,"title":906,"_source":54,"_file":916,"_stem":917,"_extension":57},"/en-us/the-source/authors/julie-griffin",{"layout":9},{"title":906},"Julie Griffin",[908,913],{"componentName":508,"type":508,"componentContent":909},{"name":906,"headshot":910},{"altText":906,"config":911},{"src":912},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463371/hqkbr3uk8hw2de7tltn4.webp",{"componentName":519,"type":519},"julie-griffin","content:en-us:the-source:authors:julie-griffin.yml","en-us/the-source/authors/julie-griffin.yml","en-us/the-source/authors/julie-griffin",{"_path":919,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":920,"seo":921,"content":923,"type":520,"slug":930,"_id":931,"_type":53,"title":922,"_source":54,"_file":932,"_stem":933,"_extension":57},"/en-us/the-source/authors/kristina-weis",{"layout":9},{"title":922},"Kristina Weis",[924,929],{"componentName":508,"type":508,"componentContent":925},{"name":922,"headshot":926},{"altText":922,"config":927},{"src":928},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463469/eoolq6n6bs0zb8gmf0js.webp",{"componentName":519,"type":519},"kristina-weis","content:en-us:the-source:authors:kristina-weis.yml","en-us/the-source/authors/kristina-weis.yml","en-us/the-source/authors/kristina-weis",{"_path":935,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":936,"seo":937,"content":939,"type":520,"slug":950,"_id":951,"_type":53,"title":938,"_source":54,"_file":952,"_stem":953,"_extension":57},"/en-us/the-source/authors/lee-faus",{"layout":9},{"title":938},"Lee Faus",[940,949],{"componentName":508,"type":508,"componentContent":941},{"config":942,"name":938,"role":944,"bio":945,"headshot":946},{"gitlabHandle":943},"lfaus","Global Field CTO","Lee Faus is a Global Field CTO at GitLab. Lee has been a software architect, teacher, professor, and educator for over 25 years. He leverages his experience as an educator to bring complex technology concepts into a business forum where executives gain valuable advice to positively impact their business.",{"altText":938,"config":947},{"src":948},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463398/vivhlomglvnstamj54bo.jpg",{"componentName":519,"type":519},"lee-faus","content:en-us:the-source:authors:lee-faus.yml","en-us/the-source/authors/lee-faus.yml","en-us/the-source/authors/lee-faus",{"_path":955,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":956,"seo":957,"content":959,"type":520,"slug":963,"_id":968,"_type":53,"title":969,"_source":54,"_file":970,"_stem":971,"_extension":57},"/en-us/the-source/authors/ncregan",{"layout":9},{"title":958},"Niall Cregan",[960,967],{"componentName":508,"type":508,"componentContent":961},{"config":962,"name":958,"headshot":964},{"gitlabHandle":963},"ncregan",{"altText":958,"config":965},{"src":966},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463431/yrtwodocb4cu3j7lkhyo.png",{"componentName":519,"type":519},"content:en-us:the-source:authors:ncregan.yml","Ncregan","en-us/the-source/authors/ncregan.yml","en-us/the-source/authors/ncregan",{"_path":973,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":974,"seo":975,"content":977,"type":520,"slug":988,"_id":989,"_type":53,"title":990,"_source":54,"_file":991,"_stem":992,"_extension":57},"/en-us/the-source/authors/rschulman",{"layout":9},{"title":976},"Robin Schulman",[978,987],{"componentName":508,"type":508,"componentContent":979},{"config":980,"name":976,"role":982,"bio":983,"headshot":984},{"gitlabHandle":981},"robin","Chief Legal Officer","Robin Schulman is the Chief Legal Officer, Head of Corporate Affairs, and Corporate Secretary of GitLab Inc., the DevSecOps platform.",{"altText":976,"config":985},{"src":986},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463437/u2xfbudw1f8hhnkrgaoy.webp",{"componentName":519,"type":519},"rschulman","content:en-us:the-source:authors:rschulman.yml","Rschulman","en-us/the-source/authors/rschulman.yml","en-us/the-source/authors/rschulman",{"_path":994,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":995,"seo":996,"content":998,"type":520,"slug":1007,"_id":1008,"_type":53,"title":997,"_source":54,"_file":1009,"_stem":1010,"_extension":57},"/en-us/the-source/authors/sabrina-farmer",{"layout":9},{"title":997},"Sabrina Farmer",[999,1006],{"componentName":508,"type":508,"componentContent":1000},{"name":997,"role":1001,"bio":1002,"headshot":1003},"Chief Technology Officer","Sabrina Farmer is the Chief Technology Officer at GitLab, where she leads software engineering, operations, and customer support teams to execute the company's technical vision and strategy and oversee the development and delivery of GitLab's products and services.\n\nPrior to GitLab, Sabrina spent nearly two decades at Google, where she most recently served as vice president of engineering, core infrastructure. During her tenure with Google, she was directly responsible for the reliability, performance, and efficiency of all of Google's billion-user products and infrastructure.\n\nA long-time advocate for women in technology, Farmer earned a B.S. in Computer Science at the University of New Orleans, where she established two scholarships to help level the playing field for inclusion and empowerment in technology.",{"altText":997,"config":1004},{"src":1005},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463377/udmzbjjr5xrcrffdlphx.webp",{"componentName":519,"type":519},"sabrina-farmer","content:en-us:the-source:authors:sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer.yml","en-us/the-source/authors/sabrina-farmer",{"_path":1012,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":1013,"seo":1014,"content":1016,"type":520,"slug":1026,"_id":1027,"_type":53,"title":1015,"_source":54,"_file":1028,"_stem":1029,"_extension":57},"/en-us/the-source/authors/sandra-gittlen",{"layout":9},{"title":1015},"Sandra Gittlen",[1017,1025],{"componentName":508,"type":508,"componentContent":1018},{"config":1019,"name":1015,"role":1021,"headshot":1022},{"gitlabHandle":1020},"sgittlen","Managing Editor, Blog",{"altText":1015,"config":1023},{"src":1024},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463466/r7ckb9h2zr4c2rsz3zlm.png",{"componentName":519,"type":519},"sandra-gittlen","content:en-us:the-source:authors:sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen.yml","en-us/the-source/authors/sandra-gittlen",{"_path":1031,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":1032,"seo":1033,"content":1035,"type":520,"slug":1042,"_id":1043,"_type":53,"title":1034,"_source":54,"_file":1044,"_stem":1045,"_extension":57},"/en-us/the-source/authors/sharon-gaudin",{"layout":9},{"title":1034},"Sharon Gaudin",[1036,1041],{"componentName":508,"type":508,"componentContent":1037},{"name":1034,"headshot":1038},{"altText":1034,"config":1039},{"src":1040},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463475/h6j4nnvykzyfzgvl7txb.webp",{"componentName":519,"type":519},"sharon-gaudin","content:en-us:the-source:authors:sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin.yml","en-us/the-source/authors/sharon-gaudin",{"_path":1047,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":1048,"seo":1049,"content":1051,"type":520,"slug":1063,"_id":1064,"_type":53,"title":1050,"_source":54,"_file":1065,"_stem":1066,"_extension":57},"/en-us/the-source/authors/stephen-walters",{"layout":9},{"title":1050},"Stephen Walters",[1052,1062],{"componentName":508,"type":508,"componentContent":1053},{"config":1054,"name":1050,"role":1057,"bio":1058,"headshot":1059},{"gitlabHandle":1055,"linkedInProfileUrl":1056},"swalters1","https://www.linkedin.com/in/1stephenwalters/","Field CTO, GitLab","Stephen Walters is Field CTO for GitLab. Stephen has been in the IT industry for over 30 years. He is an extensively experienced subject matter expert in Value Stream Management, DevSecOps, DevOps, ALM, SDLC and IT4IT, with management and consultancy experience across end-to-end IT disciplines. Currently also operating as an Ambassador for the DevOps Institute and an Influencer in the Value Stream Management Consortium, he is interested in all things DevOps. Stephen is a co-author of the Value Stream Reference Architectures white paper and is currently pursuing further research into Value Stream Management, Organizational Architecture and AI.",{"altText":1050,"config":1060},{"src":1061},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463392/g6ktk5qb4vcqc9wqjlf9.jpg",{"componentName":519,"type":519},"stephen-walters","content:en-us:the-source:authors:stephen-walters.yml","en-us/the-source/authors/stephen-walters.yml","en-us/the-source/authors/stephen-walters",{"_path":1068,"_dir":502,"_draft":6,"_partial":6,"_locale":7,"config":1069,"seo":1070,"content":1072,"type":520,"slug":1084,"_id":1085,"_type":53,"title":1086,"_source":54,"_file":1087,"_stem":1088,"_extension":57},"/en-us/the-source/authors/taylor-mccaslin",{"layout":9},{"title":1071},"Taylor McCaslin",[1073,1083],{"componentName":508,"type":508,"componentContent":1074},{"config":1075,"name":1071,"role":1078,"bio":1079,"headshot":1080},{"gitlabHandle":1076,"linkedInProfileUrl":1077},"tmccaslin","https://www.linkedin.com/in/taylormccaslin/","Group Manager, Product - Data Science","Taylor McCaslin is the Product Lead for AI/ML at GitLab, where he is responsible for leading the team of product managers who manage the AI Powered and ModelOps stage groups and sets the vision and direction for how to empower GitLab users to leverage data science as part of their DevOps program. Prior to joining GitLab, he held positions at Indeed, Duo Security, and WP Engine.",{"altText":1071,"config":1081},{"src":1082},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463427/trfasilaeasosxfcxmsm.jpg",{"componentName":519,"type":519},"taylor-mccaslin","content:en-us:the-source:authors:taylor-mccaslin.yml","Taylor Mccaslin","en-us/the-source/authors/taylor-mccaslin.yml","en-us/the-source/authors/taylor-mccaslin",1758326282665]