tpx

   GitLab Solutions Blog 

GitLab logo

Your GitLab One-Stop Shop

  • Need licences?
  • Need managed service?
  • Need runners?
  • Need onboarding or training?
  • Need licences?
  • Need managed service?
  • Need runners?
  • Need onboarding or training?
Get in touch!
+420910100090 (EU/CZ), +385955953296 (HR), +447497830767 (UK)

GitLab's 2024 Bug Bounty Year in Review

At GitLab, ensuring the security and reliability of our platform is a top priority. This commitment is underscored by our Bug Bounty Programme, an initiative that demonstrates our dedication to creating a secure environment for all users. As we reflect on 2024, we're proud to share key highlights and milestones from the programme, showcasing the incredible contributions from the security research community worldwide.

Incredible Growth in Participation

Throughout 2024, GitLab witnessed a notable increase in participation across our Bug Bounty Programme. Researchers from diverse corners of the globe collaborated to identify vulnerabilities and helped strengthen our platform's defences. The increase in submissions not only reflects the growth of the security landscape but also speaks to the trust the community places in GitLab's programme.

Vulnerability Remediation Milestones

The active submissions in 2024 led to the discovery and resolution of several critical and high-severity vulnerabilities. Each reported issue is treated with urgency, ensuring timely fixes to protect our users. The collaboration between GitLab's security teams and the research community has been pivotal in maintaining GitLab’s strong security posture.

Achievements in Payouts

In recognition of their invaluable efforts, GitLab awarded generous payouts to researchers in 2024. These rewards not only express our gratitude but also motivate continued engagement from some of the world’s leading security experts. Beyond monetary incentives, we also celebrate the positive impact of their discoveries on the wider GitLab user base.

Open Collaboration and Transparency

Transparency and openness form the bedrock of GitLab’s ethos. As part of the Bug Bounty Programme, we uphold rigorous standards of communication with researchers and publish detailed reports on resolved vulnerabilities. This practice fosters trust and demonstrates GitLab's commitment to accountability and improvement.

Looking Forward to 2025

As we enter 2025, GitLab remains committed to expanding and enhancing its Bug Bounty Programme. We are exploring ways to engage with an even broader community of researchers, streamline collaboration, and offer even more impactful rewards. Together, we move forward in our mission to make GitLab a secure and trusted platform for innovative teams.

GitLab’s success in 2024 wouldn’t have been possible without the exceptional expertise and dedication of cybersecurity researchers worldwide. A huge thank you to everyone who contributed to building a stronger, more secure GitLab. Stay connected for further updates, and if you’d like to learn more about our professional consulting services and licensing for GitLab in the Czech Republic, Slovakia, Croatia, Serbia, Slovenia, Macedonia, the UK, Israel, South Africa, or Paraguay, visit IDEA GitLab Solutions.