[{"data":1,"prerenderedAt":804},["ShallowReactive",2],{"/en-us/blog/how-we-uxd-our-secure-ux-team":3,"navigation-en-us":39,"banner-en-us":438,"footer-en-us":448,"blog-post-authors-en-us-Kyle Mann|Andy Volpe":690,"blog-related-posts-en-us-how-we-uxd-our-secure-ux-team":716,"assessment-promotions-en-us":755,"next-steps-en-us":794},{"id":4,"title":5,"authorSlugs":6,"body":9,"categorySlug":10,"config":11,"content":15,"description":9,"extension":27,"isFeatured":13,"meta":28,"navigation":29,"path":30,"publishedDate":22,"seo":31,"stem":35,"tagSlugs":36,"__hash__":38},"blogPosts/en-us/blog/how-we-uxd-our-secure-ux-team.yml","How We Uxd Our Secure Ux Team",[7,8],"kyle-mann","andy-volpe",null,"company",{"slug":12,"featured":13,"template":14},"how-we-uxd-our-secure-ux-team",false,"BlogPost",{"title":16,"description":17,"authors":18,"heroImage":21,"date":22,"body":23,"category":10,"tags":24},"How we UX'd our Secure UX team structure","The Secure UX team's approach toward collaboration, authorship, information discovery and team structure.",[19,20],"Kyle Mann","Andy Volpe","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664102/Blog/Hero%20Images/gitlab-values-cover.png","2019-10-11","\n\n{::options parse_block_html=\"true\" /}\n\n\n\nAt GitLab, change is part of our DNA. We embrace constant iteration and evolution in our product and our company.\n\nThis year, much of the change we’ve experienced has been due to company growth. We’ve literally doubled in size, increasing from around 400 to over 800 team members in a very short period of time. Naturally, that growth brought changes to how we organize our product teams. What were once small, interdisciplinary stage groups quickly grew to become multiple, dedicated teams within each Stage. For example, in Secure, we saw the creation of three separate teams, all with dedicated Engineering resources and Product Managers.\n\nOn the UX team structure side of things, we knew we needed to support our Stage by creating a similar division of responsibilities. But questions kept coming up: How would we divide our efforts while still creating an integrated experience? And how could we address some gaps that were already becoming more evident as we scaled?\n\nWe decided to treat this problem like we do any other UX challenge. First, we clearly identified the problem:\n\n```text\nHow might we maintain our effectiveness as a design team within an evolving company structure?\n```\n\nWith the problem identified, we began iterating through solutions and identifying subtasks and processes that helped to solve it.\n\nSomething we learned early on is that what we create today will likely be outdated next week... and we’re okay with that! Problem solving for scale and unknown change is difficult. Something that works with a team of 3 might not work with a team of 6. We were going to have to be flexible. We didn’t come out with exact answers or a silver bullet, but we did discover some best practices that helped along the way.\n\n## Taking the guess work out of UX\n\nUXers are a curious bunch. We’re always asking questions: who are our users, what problems are we solving, and why are we solving them? (And then we ask why again.) The purpose of these questions is to help remove guesswork from our proposed solutions. We wanted to approach solving this problem in the same way.\n\nSo, we started by putting together a [foundations document](https://gitlab.com/gitlab-org/gitlab-design/issues/333) that asked all of the usual questions. Then, we shared it cross-functionally, so anyone could contribute to the answers and add more questions.\n\nWe learned that we knew some things, but there was also a lot that we didn't know. That’s OK, because what you don't know can sometimes be more important than what you do know. Open questions can serve as a checklist of information to uncover.\n\nAsking (and answering some of) the questions in our foundations document resulted in the first iteration of our [Secure UX page](https://handbook.gitlab.com/handbook/product/ux/stage-group-ux-strategy/secure/). This page will grow over the next year, as we get to know our users and problem space through [research](https://gitlab.com/groups/gitlab-org/-/epics/1611), [UX Scorecards](https://handbook.gitlab.com/handbook/product/ux/ux-scorecards/), cross-stage collaboration, and talking with users. The key insights we gain will continue to inform our handbook page for shared team awareness.\n\nAndy:\n_\"Having this document in place helped us take inventory across the entire Stage of where the knowledge gaps exist and focus our efforts toward uncovering critical information.\"_\n\nKyle:\n_“When I joined the team, the foundations document project was a great way to peel the different layers of our product, drive conversation, and better understand cross-functional motivations. I’m elated that other stage groups have adopted the process and found it helpful!“_\n\n## Getting to know your team\n\nEarly on, we realized that we needed to have more face-to-face time than we were accustomed to. We met this challenge by having weekly 1:1s with each other and maintaining a consistent cycle of coffee chats with our Stage group counterparts. (It’s a little like doing user research to understand pain points and possible areas of confusion.)\n\nWhen a team is rapidly growing, it's crucial to embrace collaboration and transparency. Surfacing challenges early allows for opportunities to emerge before a problem does.\n\nFor us, there was no shortage of hard conversations and growing pains, but that was when real growth and progress happened.\n\nMaintaining and cultivating relationships with the team and the Stage has enabled us to have more productive conversations. As an unexpected result, we work more effectively asynchronously now more than ever and rely less on ad-hoc chats and meetings. But we still have our coffee chats and 1:1s. We aren't giving those up!\n\nKyle:\n_\"Sharing your vulnerabilities with each other is a powerful way to bring you closer together and evolve your team’s relationships. Establishing mutual trust compounds the effects of collaborative efforts and can be the difference between success and failure of a project.\"_\n\nAndy:\n_\"It's refreshing to be able to know and understand teammates’ thought processes, decision tendencies, and the way they like to communicate. It was a challenge, at first, adjusting to more synchronous communication and collaboration, but the results speak for themselves.\"_\n\n## Sharing work and splitting work\n\nSomething we realized after becoming a two-designer Secure UX team was that we were both trying to become experts on a diverse range of security topics. It’s an intrinsic trait of designers that we want to \"know all the things,\" so we can be informed when making design decisions.\n\nUnexpectedly, though, we were overlapping each other's work, which meant we weren't finding success or collaborating well.\n\nBy not having a dedicated area of focus within the Secure Stage, we each had conflicting views and approaches to the same features. We were continually \"rebasing\" our design and exploration work because of UX conflicts that manifested.\n\nSo we hired a UX manager.\n\nJust kidding!!! But when our new manager, [Valerie](https://about.gitlab.com/company/team/?department=ux-department#vkarnes), joined our team, she was able to guide us toward creating areas where we would have ownership.\n\nCoincidentally, the engineering team also split within the stage groups at this same time, giving us the opportunity to create dedicated areas of focus and align better with our counterparts.\n\nWe started the task of creating separate UX areas by running a quick brainstorming session with the Secure UX team (just like we do at the beginning of a new project). From there, we looked at the areas our Stage categories were meant to cover, and we began aggregating that information into this [mural board](https://app.mural.co/invitation/mural/gitlab2474/1560787085910?sender=avolpe0924&key=3738c3db-031c-44ba-b542-d7da00aa4bca). It was the same affinity mapping process we use to look for commonalities in research findings or stakeholder requirements..\n\nWhat the affinity map helped us quickly see was: while there were areas of clear ownership where we could split work, there were areas where we needed to share work, too. This [issue](https://gitlab.com/gitlab-org/gitlab-design/issues/458) summarizes what we learned.\n\n### Shared work\n\nHere’s the work that we decided to share:\n\n- Interacting with vulnerabilities\n- Status, reporting, and metrics for vulnerabilities\n- Information architecture and inter-stage experiences\n\nThese areas are core to the Secure experience, and they benefit from collaborative design work and exploration.  But the benefits don’t end with our product UX—they help our team work better together, too:\n\n- We gain an established common purpose.\n- Our trust grows as we get to know each other better.\n- We fail and succeed together.\n- We have more opportunities to create new and unique solutions.\n- We gain visibility into how another designer may have solved a similar problem in the past.\n\nBy sharing work, we’re also able to improve our onboarding experience for new product designers. When new teammates join, we work together to find a shared issue that will help them better understand the product and that they can contribute to without much domain knowledge.\n\nFor example, when [Becka](https://about.gitlab.com/company/team/?department=protect-ux-team#beckalippert) and [Camellia](https://about.gitlab.com/company/team/?department=secure-ux-team#cam.x) recently joined the team, we purposely chose [shared issues](https://gitlab.com/dashboard/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Secure%20UX%3A%3AShared) as excellent shadow opportunities. These serve as great introductions into the Stage and the security field and will help build their foundational knowledge in both.\n\nThese shared issues help everyone obtain a richer contextual understanding of the design problems we are solving for as a team. In the end, our product and experience will benefit as a result.\n\n### Split work\n\nWhile shared work has its advantages, so does splitting our efforts to focus on specific domains and features. The benefits we've seen:\n\n- We can work closely and consistently with engineers.\n- We’re able to grow our domain knowledge about a particular area.\n- We experience less of the friction caused by context switching.\n- We’re better able to envision and create an end-to-end experiences for our users.\n\nSplit work doesn't mean solo work, necessarily. The GitLab UX team hosts weekly group design feedback sessions where designers share their work and the UX team offers feedback. Our UX Director often says, \"I learn the most about our product in these sessions!\" We definitely agree.\n\nThat’s why we also do our best to share work during cross-functional meetings and asynchronously on our [Secure UX](https://www.youtube.com/playlist?list=PL05JrBw4t0KrFCe5BgUkzFrZifjforQOz) playlist on the [GitLab unfiltered YouTube](https://www.youtube.com/channel/UCMtZ0sc1HHNtGGWZFDRTh5A) channel. For us, a divide-and-conquer approach doesn't mean that other teammates aren’t involved.\n\nAn excellent example of collaborating on split work is the [UX Scorecard initiative](https://handbook.gitlab.com/handbook/product/ux/ux-scorecards/) in Q3 to collaborate on the new Security gates feature. This is a software composition feature (Kyle's split focus), though the MR aspect is closely related to vulnerabilities detected in the MR (Andy's split focus). In this case, Andy will conduct [#534](https://gitlab.com/gitlab-org/gitlab-design/issues/534), and Kyle will do [#533](https://gitlab.com/gitlab-org/gitlab-design/issues/533); then we'll work together on next steps and design improvement recommendations. Since each of the issues is tied to different personas, we see this is an opportunity for us to be an advocate for each unique user and focus strictly on their experience—all while working together on a cross-stage solution that benefits the feature.\n\nAndy:\n_“Having both a dedicated area of focus and shared areas of focus has given me an opportunity to dive deep into the specific niche areas of AppSec and uncover valuable insights about our users, their goals, and the technical challenges they face while still being able to see the bigger picture.”_\n\nKyle:\n_“Merging our efforts is a crucial aspect to our design process. This helps ensure our split work results in a cohesive experience for our users.”_\n\n## Putting it all together\n\nIn the next few months, we have two new designers joining Secure and another for Protect. We’re thrilled to continue evolving our team and partnering with our new teammates on a path forward. Our mission and commitment are clear: To create a best in-class security and compliance experience for our customers.\n\nThanks for reading! Any thoughts to share? Do you have stories about scaling your UX team? Tell us in the comments below!\n\n_Interested in joining the team? [We’re hiring!](https://about.gitlab.com/jobs/)_\n\n",[25,26],"UX","collaboration","yml",{},true,"/en-us/blog/how-we-uxd-our-secure-ux-team",{"title":16,"description":17,"ogTitle":16,"ogDescription":17,"noIndex":13,"ogImage":21,"ogUrl":32,"ogSiteName":33,"ogType":34,"canonicalUrls":32},"https://about.gitlab.com/blog/how-we-uxd-our-secure-ux-team","https://about.gitlab.com","article","en-us/blog/how-we-uxd-our-secure-ux-team",[37,26],"ux","Ba0OJ9Xzi9zhm4dgOojEGoAF_BY4QFRn2hvbNTVaYPw",{"data":40},{"logo":41,"freeTrial":46,"sales":51,"login":56,"items":61,"search":368,"minimal":399,"duo":418,"pricingDeployment":428},{"config":42},{"href":43,"dataGaName":44,"dataGaLocation":45},"/","gitlab logo","header",{"text":47,"config":48},"Get free trial",{"href":49,"dataGaName":50,"dataGaLocation":45},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":52,"config":53},"Talk to sales",{"href":54,"dataGaName":55,"dataGaLocation":45},"/sales/","sales",{"text":57,"config":58},"Sign in",{"href":59,"dataGaName":60,"dataGaLocation":45},"https://gitlab.com/users/sign_in/","sign in",[62,89,184,189,290,349],{"text":63,"config":64,"cards":66},"Platform",{"dataNavLevelOne":65},"platform",[67,73,81],{"title":63,"description":68,"link":69},"The intelligent orchestration platform for DevSecOps",{"text":70,"config":71},"Explore our Platform",{"href":72,"dataGaName":65,"dataGaLocation":45},"/platform/",{"title":74,"description":75,"link":76},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":77,"config":78},"Meet GitLab Duo",{"href":79,"dataGaName":80,"dataGaLocation":45},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":82,"description":83,"link":84},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":85,"config":86},"Learn more",{"href":87,"dataGaName":88,"dataGaLocation":45},"/why-gitlab/","why gitlab",{"text":90,"left":29,"config":91,"link":93,"lists":97,"footer":166},"Product",{"dataNavLevelOne":92},"solutions",{"text":94,"config":95},"View all Solutions",{"href":96,"dataGaName":92,"dataGaLocation":45},"/solutions/",[98,122,145],{"title":99,"description":100,"link":101,"items":106},"Automation","CI/CD and automation to accelerate deployment",{"config":102},{"icon":103,"href":104,"dataGaName":105,"dataGaLocation":45},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[107,111,114,118],{"text":108,"config":109},"CI/CD",{"href":110,"dataGaLocation":45,"dataGaName":108},"/solutions/continuous-integration/",{"text":74,"config":112},{"href":79,"dataGaLocation":45,"dataGaName":113},"gitlab duo agent platform - product menu",{"text":115,"config":116},"Source Code Management",{"href":117,"dataGaLocation":45,"dataGaName":115},"/solutions/source-code-management/",{"text":119,"config":120},"Automated Software Delivery",{"href":104,"dataGaLocation":45,"dataGaName":121},"Automated software delivery",{"title":123,"description":124,"link":125,"items":130},"Security","Deliver code faster without compromising security",{"config":126},{"href":127,"dataGaName":128,"dataGaLocation":45,"icon":129},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[131,135,140],{"text":132,"config":133},"Application Security Testing",{"href":127,"dataGaName":134,"dataGaLocation":45},"Application security testing",{"text":136,"config":137},"Software Supply Chain Security",{"href":138,"dataGaLocation":45,"dataGaName":139},"/solutions/supply-chain/","Software supply chain security",{"text":141,"config":142},"Software Compliance",{"href":143,"dataGaName":144,"dataGaLocation":45},"/solutions/software-compliance/","software compliance",{"title":146,"link":147,"items":152},"Measurement",{"config":148},{"icon":149,"href":150,"dataGaName":151,"dataGaLocation":45},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[153,157,161],{"text":154,"config":155},"Visibility & Measurement",{"href":150,"dataGaLocation":45,"dataGaName":156},"Visibility and Measurement",{"text":158,"config":159},"Value Stream Management",{"href":160,"dataGaLocation":45,"dataGaName":158},"/solutions/value-stream-management/",{"text":162,"config":163},"Analytics & Insights",{"href":164,"dataGaLocation":45,"dataGaName":165},"/solutions/analytics-and-insights/","Analytics and insights",{"title":167,"items":168},"GitLab for",[169,174,179],{"text":170,"config":171},"Enterprise",{"href":172,"dataGaLocation":45,"dataGaName":173},"/enterprise/","enterprise",{"text":175,"config":176},"Small Business",{"href":177,"dataGaLocation":45,"dataGaName":178},"/small-business/","small business",{"text":180,"config":181},"Public Sector",{"href":182,"dataGaLocation":45,"dataGaName":183},"/solutions/public-sector/","public sector",{"text":185,"config":186},"Pricing",{"href":187,"dataGaName":188,"dataGaLocation":45,"dataNavLevelOne":188},"/pricing/","pricing",{"text":190,"config":191,"link":193,"lists":197,"feature":277},"Resources",{"dataNavLevelOne":192},"resources",{"text":194,"config":195},"View all resources",{"href":196,"dataGaName":192,"dataGaLocation":45},"/resources/",[198,231,249],{"title":199,"items":200},"Getting started",[201,206,211,216,221,226],{"text":202,"config":203},"Install",{"href":204,"dataGaName":205,"dataGaLocation":45},"/install/","install",{"text":207,"config":208},"Quick start guides",{"href":209,"dataGaName":210,"dataGaLocation":45},"/get-started/","quick setup checklists",{"text":212,"config":213},"Learn",{"href":214,"dataGaLocation":45,"dataGaName":215},"https://university.gitlab.com/","learn",{"text":217,"config":218},"Product documentation",{"href":219,"dataGaName":220,"dataGaLocation":45},"https://docs.gitlab.com/","product documentation",{"text":222,"config":223},"Best practice videos",{"href":224,"dataGaName":225,"dataGaLocation":45},"/getting-started-videos/","best practice videos",{"text":227,"config":228},"Integrations",{"href":229,"dataGaName":230,"dataGaLocation":45},"/integrations/","integrations",{"title":232,"items":233},"Discover",[234,239,244],{"text":235,"config":236},"Customer success stories",{"href":237,"dataGaName":238,"dataGaLocation":45},"/customers/","customer success stories",{"text":240,"config":241},"Blog",{"href":242,"dataGaName":243,"dataGaLocation":45},"/blog/","blog",{"text":245,"config":246},"Remote",{"href":247,"dataGaName":248,"dataGaLocation":45},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":250,"items":251},"Connect",[252,257,262,267,272],{"text":253,"config":254},"GitLab Services",{"href":255,"dataGaName":256,"dataGaLocation":45},"/services/","services",{"text":258,"config":259},"Community",{"href":260,"dataGaName":261,"dataGaLocation":45},"/community/","community",{"text":263,"config":264},"Forum",{"href":265,"dataGaName":266,"dataGaLocation":45},"https://forum.gitlab.com/","forum",{"text":268,"config":269},"Events",{"href":270,"dataGaName":271,"dataGaLocation":45},"/events/","events",{"text":273,"config":274},"Partners",{"href":275,"dataGaName":276,"dataGaLocation":45},"/partners/","partners",{"backgroundColor":278,"textColor":279,"text":280,"image":281,"link":285},"#2f2a6b","#fff","Insights for the future of software development",{"altText":282,"config":283},"the source promo card",{"src":284},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":286,"config":287},"Read the latest",{"href":288,"dataGaName":289,"dataGaLocation":45},"/the-source/","the source",{"text":291,"config":292,"lists":293},"Company",{"dataNavLevelOne":10},[294],{"items":295},[296,301,307,309,314,319,324,329,334,339,344],{"text":297,"config":298},"About",{"href":299,"dataGaName":300,"dataGaLocation":45},"/company/","about",{"text":302,"config":303,"footerGa":306},"Jobs",{"href":304,"dataGaName":305,"dataGaLocation":45},"/jobs/","jobs",{"dataGaName":305},{"text":268,"config":308},{"href":270,"dataGaName":271,"dataGaLocation":45},{"text":310,"config":311},"Leadership",{"href":312,"dataGaName":313,"dataGaLocation":45},"/company/team/e-group/","leadership",{"text":315,"config":316},"Team",{"href":317,"dataGaName":318,"dataGaLocation":45},"/company/team/","team",{"text":320,"config":321},"Handbook",{"href":322,"dataGaName":323,"dataGaLocation":45},"https://handbook.gitlab.com/","handbook",{"text":325,"config":326},"Investor relations",{"href":327,"dataGaName":328,"dataGaLocation":45},"https://ir.gitlab.com/","investor relations",{"text":330,"config":331},"Trust Center",{"href":332,"dataGaName":333,"dataGaLocation":45},"/security/","trust center",{"text":335,"config":336},"AI Transparency Center",{"href":337,"dataGaName":338,"dataGaLocation":45},"/ai-transparency-center/","ai transparency center",{"text":340,"config":341},"Newsletter",{"href":342,"dataGaName":343,"dataGaLocation":45},"/company/contact/#contact-forms","newsletter",{"text":345,"config":346},"Press",{"href":347,"dataGaName":348,"dataGaLocation":45},"/press/","press",{"text":350,"config":351,"lists":352},"Contact us",{"dataNavLevelOne":10},[353],{"items":354},[355,358,363],{"text":52,"config":356},{"href":54,"dataGaName":357,"dataGaLocation":45},"talk to sales",{"text":359,"config":360},"Support portal",{"href":361,"dataGaName":362,"dataGaLocation":45},"https://support.gitlab.com","support portal",{"text":364,"config":365},"Customer portal",{"href":366,"dataGaName":367,"dataGaLocation":45},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":369,"login":370,"suggestions":377},"Close",{"text":371,"link":372},"To search repositories and projects, login to",{"text":373,"config":374},"gitlab.com",{"href":59,"dataGaName":375,"dataGaLocation":376},"search login","search",{"text":378,"default":379},"Suggestions",[380,382,386,388,392,396],{"text":74,"config":381},{"href":79,"dataGaName":74,"dataGaLocation":376},{"text":383,"config":384},"Code Suggestions (AI)",{"href":385,"dataGaName":383,"dataGaLocation":376},"/solutions/code-suggestions/",{"text":108,"config":387},{"href":110,"dataGaName":108,"dataGaLocation":376},{"text":389,"config":390},"GitLab on AWS",{"href":391,"dataGaName":389,"dataGaLocation":376},"/partners/technology-partners/aws/",{"text":393,"config":394},"GitLab on Google Cloud",{"href":395,"dataGaName":393,"dataGaLocation":376},"/partners/technology-partners/google-cloud-platform/",{"text":397,"config":398},"Why GitLab?",{"href":87,"dataGaName":397,"dataGaLocation":376},{"freeTrial":400,"mobileIcon":405,"desktopIcon":410,"secondaryButton":413},{"text":401,"config":402},"Start free trial",{"href":403,"dataGaName":50,"dataGaLocation":404},"https://gitlab.com/-/trials/new/","nav",{"altText":406,"config":407},"Gitlab Icon",{"src":408,"dataGaName":409,"dataGaLocation":404},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":406,"config":411},{"src":412,"dataGaName":409,"dataGaLocation":404},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":414,"config":415},"Get Started",{"href":416,"dataGaName":417,"dataGaLocation":404},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":419,"mobileIcon":424,"desktopIcon":426},{"text":420,"config":421},"Learn more about GitLab Duo",{"href":422,"dataGaName":423,"dataGaLocation":404},"/gitlab-duo/","gitlab duo",{"altText":406,"config":425},{"src":408,"dataGaName":409,"dataGaLocation":404},{"altText":406,"config":427},{"src":412,"dataGaName":409,"dataGaLocation":404},{"freeTrial":429,"mobileIcon":434,"desktopIcon":436},{"text":430,"config":431},"Back to pricing",{"href":187,"dataGaName":432,"dataGaLocation":404,"icon":433},"back to pricing","GoBack",{"altText":406,"config":435},{"src":408,"dataGaName":409,"dataGaLocation":404},{"altText":406,"config":437},{"src":412,"dataGaName":409,"dataGaLocation":404},{"title":439,"button":440,"config":445},"See how agentic AI transforms software delivery",{"text":441,"config":442},"Watch GitLab Transcend now",{"href":443,"dataGaName":444,"dataGaLocation":45},"/events/transcend/virtual/","transcend event",{"layout":446,"icon":447},"release","AiStar",{"data":449},{"text":450,"source":451,"edit":457,"contribute":462,"config":467,"items":472,"minimal":679},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":452,"config":453},"View page source",{"href":454,"dataGaName":455,"dataGaLocation":456},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":458,"config":459},"Edit this page",{"href":460,"dataGaName":461,"dataGaLocation":456},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":463,"config":464},"Please contribute",{"href":465,"dataGaName":466,"dataGaLocation":456},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":468,"facebook":469,"youtube":470,"linkedin":471},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[473,520,574,618,645],{"title":185,"links":474,"subMenu":489},[475,479,484],{"text":476,"config":477},"View plans",{"href":187,"dataGaName":478,"dataGaLocation":456},"view plans",{"text":480,"config":481},"Why Premium?",{"href":482,"dataGaName":483,"dataGaLocation":456},"/pricing/premium/","why premium",{"text":485,"config":486},"Why Ultimate?",{"href":487,"dataGaName":488,"dataGaLocation":456},"/pricing/ultimate/","why ultimate",[490],{"title":491,"links":492},"Contact Us",[493,496,498,500,505,510,515],{"text":494,"config":495},"Contact sales",{"href":54,"dataGaName":55,"dataGaLocation":456},{"text":359,"config":497},{"href":361,"dataGaName":362,"dataGaLocation":456},{"text":364,"config":499},{"href":366,"dataGaName":367,"dataGaLocation":456},{"text":501,"config":502},"Status",{"href":503,"dataGaName":504,"dataGaLocation":456},"https://status.gitlab.com/","status",{"text":506,"config":507},"Terms of use",{"href":508,"dataGaName":509,"dataGaLocation":456},"/terms/","terms of use",{"text":511,"config":512},"Privacy statement",{"href":513,"dataGaName":514,"dataGaLocation":456},"/privacy/","privacy statement",{"text":516,"config":517},"Cookie preferences",{"dataGaName":518,"dataGaLocation":456,"id":519,"isOneTrustButton":29},"cookie preferences","ot-sdk-btn",{"title":90,"links":521,"subMenu":530},[522,526],{"text":523,"config":524},"DevSecOps platform",{"href":72,"dataGaName":525,"dataGaLocation":456},"devsecops platform",{"text":527,"config":528},"AI-Assisted Development",{"href":422,"dataGaName":529,"dataGaLocation":456},"ai-assisted development",[531],{"title":532,"links":533},"Topics",[534,539,544,549,554,559,564,569],{"text":535,"config":536},"CICD",{"href":537,"dataGaName":538,"dataGaLocation":456},"/topics/ci-cd/","cicd",{"text":540,"config":541},"GitOps",{"href":542,"dataGaName":543,"dataGaLocation":456},"/topics/gitops/","gitops",{"text":545,"config":546},"DevOps",{"href":547,"dataGaName":548,"dataGaLocation":456},"/topics/devops/","devops",{"text":550,"config":551},"Version Control",{"href":552,"dataGaName":553,"dataGaLocation":456},"/topics/version-control/","version control",{"text":555,"config":556},"DevSecOps",{"href":557,"dataGaName":558,"dataGaLocation":456},"/topics/devsecops/","devsecops",{"text":560,"config":561},"Cloud Native",{"href":562,"dataGaName":563,"dataGaLocation":456},"/topics/cloud-native/","cloud native",{"text":565,"config":566},"AI for Coding",{"href":567,"dataGaName":568,"dataGaLocation":456},"/topics/devops/ai-for-coding/","ai for coding",{"text":570,"config":571},"Agentic AI",{"href":572,"dataGaName":573,"dataGaLocation":456},"/topics/agentic-ai/","agentic ai",{"title":575,"links":576},"Solutions",[577,579,581,586,590,593,597,600,602,605,608,613],{"text":132,"config":578},{"href":127,"dataGaName":132,"dataGaLocation":456},{"text":121,"config":580},{"href":104,"dataGaName":105,"dataGaLocation":456},{"text":582,"config":583},"Agile development",{"href":584,"dataGaName":585,"dataGaLocation":456},"/solutions/agile-delivery/","agile delivery",{"text":587,"config":588},"SCM",{"href":117,"dataGaName":589,"dataGaLocation":456},"source code management",{"text":535,"config":591},{"href":110,"dataGaName":592,"dataGaLocation":456},"continuous integration & delivery",{"text":594,"config":595},"Value stream management",{"href":160,"dataGaName":596,"dataGaLocation":456},"value stream management",{"text":540,"config":598},{"href":599,"dataGaName":543,"dataGaLocation":456},"/solutions/gitops/",{"text":170,"config":601},{"href":172,"dataGaName":173,"dataGaLocation":456},{"text":603,"config":604},"Small business",{"href":177,"dataGaName":178,"dataGaLocation":456},{"text":606,"config":607},"Public sector",{"href":182,"dataGaName":183,"dataGaLocation":456},{"text":609,"config":610},"Education",{"href":611,"dataGaName":612,"dataGaLocation":456},"/solutions/education/","education",{"text":614,"config":615},"Financial services",{"href":616,"dataGaName":617,"dataGaLocation":456},"/solutions/finance/","financial services",{"title":190,"links":619},[620,622,624,626,629,631,633,635,637,639,641,643],{"text":202,"config":621},{"href":204,"dataGaName":205,"dataGaLocation":456},{"text":207,"config":623},{"href":209,"dataGaName":210,"dataGaLocation":456},{"text":212,"config":625},{"href":214,"dataGaName":215,"dataGaLocation":456},{"text":217,"config":627},{"href":219,"dataGaName":628,"dataGaLocation":456},"docs",{"text":240,"config":630},{"href":242,"dataGaName":243,"dataGaLocation":456},{"text":235,"config":632},{"href":237,"dataGaName":238,"dataGaLocation":456},{"text":245,"config":634},{"href":247,"dataGaName":248,"dataGaLocation":456},{"text":253,"config":636},{"href":255,"dataGaName":256,"dataGaLocation":456},{"text":258,"config":638},{"href":260,"dataGaName":261,"dataGaLocation":456},{"text":263,"config":640},{"href":265,"dataGaName":266,"dataGaLocation":456},{"text":268,"config":642},{"href":270,"dataGaName":271,"dataGaLocation":456},{"text":273,"config":644},{"href":275,"dataGaName":276,"dataGaLocation":456},{"title":291,"links":646},[647,649,651,653,655,657,659,663,668,670,672,674],{"text":297,"config":648},{"href":299,"dataGaName":10,"dataGaLocation":456},{"text":302,"config":650},{"href":304,"dataGaName":305,"dataGaLocation":456},{"text":310,"config":652},{"href":312,"dataGaName":313,"dataGaLocation":456},{"text":315,"config":654},{"href":317,"dataGaName":318,"dataGaLocation":456},{"text":320,"config":656},{"href":322,"dataGaName":323,"dataGaLocation":456},{"text":325,"config":658},{"href":327,"dataGaName":328,"dataGaLocation":456},{"text":660,"config":661},"Sustainability",{"href":662,"dataGaName":660,"dataGaLocation":456},"/sustainability/",{"text":664,"config":665},"Diversity, inclusion and belonging (DIB)",{"href":666,"dataGaName":667,"dataGaLocation":456},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":330,"config":669},{"href":332,"dataGaName":333,"dataGaLocation":456},{"text":340,"config":671},{"href":342,"dataGaName":343,"dataGaLocation":456},{"text":345,"config":673},{"href":347,"dataGaName":348,"dataGaLocation":456},{"text":675,"config":676},"Modern Slavery Transparency Statement",{"href":677,"dataGaName":678,"dataGaLocation":456},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":680},[681,684,687],{"text":682,"config":683},"Terms",{"href":508,"dataGaName":509,"dataGaLocation":456},{"text":685,"config":686},"Cookies",{"dataGaName":518,"dataGaLocation":456,"id":519,"isOneTrustButton":29},{"text":688,"config":689},"Privacy",{"href":513,"dataGaName":514,"dataGaLocation":456},[691,704],{"id":692,"title":19,"body":9,"config":693,"content":695,"description":9,"extension":27,"meta":699,"navigation":29,"path":700,"seo":701,"stem":702,"__hash__":703},"blogAuthors/en-us/blog/authors/kyle-mann.yml",{"template":694},"BlogAuthor",{"name":19,"config":696},{"headshot":697,"ctfId":698},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749659488/Blog/Author%20Headshots/gitlab-logo-extra-whitespace.png","44YiW1r6sTpbC9wKBeHGgE",{},"/en-us/blog/authors/kyle-mann",{},"en-us/blog/authors/kyle-mann","HKktCwC_9GOd440vubmmIjQHQKca7-RrFZoUrjxTwts",{"id":705,"title":20,"body":9,"config":706,"content":707,"description":9,"extension":27,"meta":711,"navigation":29,"path":712,"seo":713,"stem":714,"__hash__":715},"blogAuthors/en-us/blog/authors/andy-volpe.yml",{"template":694},{"name":20,"config":708},{"headshot":709,"ctfId":710},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749669776/Blog/Author%20Headshots/andyvolpe-headshot.png","andyvolpe",{},"/en-us/blog/authors/andy-volpe",{},"en-us/blog/authors/andy-volpe","B23YLo81akHQYKJBmjWYHS6N5pgdJYKlljGgaTnlP20",[717,730,741],{"content":718,"config":728},{"title":719,"description":720,"authors":721,"heroImage":723,"date":724,"body":725,"category":10,"tags":726,"updatedDate":724},"GitLab names Bill Staples as new CEO","Co-founder Sid Sijbrandij transitions to Executive Chair of the Board.",[722],"Sid Sijbrandij","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749665388/Blog/Hero%20Images/Revised2.png","2024-12-05","__This message from Sid Sijbrandij and Bill Staples was shared with GitLab team members earlier today.__ \n\n__Sid:__ On today’s earnings call, I announced that I am stepping down as CEO and will remain Executive Chair of the Board. I also introduced GitLab’s new CEO, [Bill Staples](https://www.linkedin.com/in/williamstaples/). \n\nAs a Board, we routinely do succession planning. This includes conversations with a number of top executives. We’ve been having these conversations in greater earnest since my cancer returned. Through these discussions, we identified someone uniquely qualified to lead GitLab. I want more time to focus on my cancer treatment and health. My treatments are going well, my cancer is not metastatic, and I'm working towards making a full recovery. Stepping down from a role that I love is not easy, but I believe that it is the right decision for GitLab.\n\nI couldn't be more excited to introduce you to Bill Staples, who will be leading GitLab into its next chapter. Bill will be GitLab’s CEO, effective today. He will also join the GitLab Board as a Director. Bill was most recently a public company CEO at New Relic. During his time there, he significantly increased the value of the company by accelerating revenue and driving increased profitability. He also brings decades of experience in leadership roles at Adobe and Microsoft. When I began speaking with Bill, I was immediately drawn to his customer-centric approach and deep product expertise. As I got to know him further, I knew that his shared value system made him the right person for this role, for our team members, for our customers, and for our shareholders. I feel fortunate that GitLab has found someone with a great leadership track record and strong DevOps expertise to lead GitLab into the future.\n\nWe have come so far from the early days when we launched GitLab.com. We have created the DevOps category and are the leader in the Gartner Magic Quadrant for both vision and execution. Millions of people now use GitLab to deliver software faster and more efficiently. We have integrated AI, Security, and Compliance into our platform to offer our enterprise customers the strongest AI-powered DevSecOps solution. We have also built GitLab in collaboration with our contributors. Last quarter, we had an all-time high of an estimated 1,800 code contributions from the wider community. It is incredible that as GitLab grew, our contributor community grew with us. We have done all of this while being a values-driven company, leading in all-remote work, championing transparency through our public handbook and culture, and co-creating with the wider community.\n\nI feel many things today, but more than anything else, I am grateful. I want to thank our customers. Driving results for them has been at the core of GitLab’s values, and I greatly appreciate their trust in us. I want to thank the wider GitLab community for their trust and enthusiasm. Their tens of thousands of contributions have greatly enhanced GitLab and its value for all users. Thank you, GitLab team members. Your contributions are at the core of GitLab’s success and the value we drive for our customers. Thank you, E-Group. You are amazing partners and collaborators in leading GitLab and our team members to achieve our very best. Thank you, GitLab Board. I have appreciated your support throughout my time as CEO and look forward to our ongoing partnership as I continue to serve as Executive Chair. And, thank you, Bill. I am excited for you to lead our next phase of growth. I am here to support you and the company in GitLab’s next chapter!\n\nI couldn't be more thrilled about Bill and what's ahead for GitLab with him at the helm. We have an incredible opportunity in front of us. Software has never mattered more, and GitLab is well-positioned to be the platform that best enables folks to create, secure, and operate it. I look forward to staying part of the company and being actively involved wherever Bill can use me. \n\n__Bill:__ Thanks, Sid, for the warm welcome! I greatly admire you and what you have accomplished. Very few people in the world have built a $10B market-cap technology company, taken it public, and scaled it to $750M in run-rate revenue. You have done incredible things with GitLab, and I’m grateful you will continue to play a meaningful role in the company. I appreciate your trust in me and commit to building upon the successes you and others should rightfully celebrate. \n\nI am so excited about GitLab and the opportunity ahead of us. Over the coming decade, we will see software-driven transformation around the world as AI accelerates and transforms the software revolution already in motion. GitLab and our mission are going to be more important than ever. I look forward to working with this team to scale GitLab well beyond where it is today.\n",[727],"news",{"slug":729,"featured":29,"template":14},"gitlab-names-bill-staples-as-new-ceo",{"content":731,"config":739},{"title":732,"description":733,"authors":734,"heroImage":736,"date":737,"body":738,"category":10},"Our Privacy Policy has been updated","Our updated Privacy Policy clarifies our existing data processing activities.",[735],"GitLab","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664472/Blog/Hero%20Images/gitlabflatlogomap.png","2023-06-14","As part of our commitment to keeping our policies current, we made some updates to our [Privacy Policy](/privacy/) on June 14, 2022.  These updates are intended to clarify our existing data processing activities and to provide information on processing that may derive from new features.  Through this update, we continue to provide transparency to our data processing activities, in line with an evolving privacy landscape.  Specifically, these policy updates include the following:\n\n- Clarification about which processing activities apply to each respective GitLab product;\n- Information about when personal data may be collected to verify someone’s identity to enable certain product features;\n- Clarification about what personal data is collected to provide a license and maintain a subscription; \n- Additional information regarding our Service Usage data collection practices, and the inclusion of certain processing activities, such as Event Analytics and Call Recordings;\n- Additional information regarding the purposes for which personal data is collected;\n- Minor updates regarding our legal basis for processing your personal data in the European Union; \n- Updates to our data retention practices for inactive accounts; \n- Clarification about how to delete your personal data at GitLab and how deletion is effectuated for public projects; \n- An additional notice that details our processing and your rights under the California Consumer Privacy Act, including CCPA metrics reporting;\n\nOverall, we believe that these updates will empower our users to make informed decisions about their personal data.  Please visit the complete text of our Privacy Policy and [Cookie Policy](/privacy/cookies/) to learn more about how GitLab processes personal data and your rights and choices regarding such processing.\n",{"slug":740,"featured":13,"template":14},"our-privacy-policy-has-been-updated",{"content":742,"config":753},{"title":743,"description":744,"authors":745,"heroImage":747,"date":748,"body":749,"category":10,"tags":750},"Rate limitations for unauthorized users of the Projects List API","Learn details about upcoming changes for unauthenticated users of the Projects List API.",[746],"Christina Lohr","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749664087/Blog/Hero%20Images/tanukicover.jpg","2023-04-10","\n\nStarting on May 22 for self-managed GitLab, and May 8 for GitLab.com, unauthenticated users will be subject to rate limitations when using the Projects List API. This change has been made to ensure the stability and reliability of our platform for all users.\n\n**Note:** Authorized users are not affected by this change.\n\n## What is the the Projects List API?\n\nThe Projects List API provides information about GitLab projects, including name, description, and other metadata. This API is widely used by our community, including researchers, developers, and integrators, to retrieve and analyze information about GitLab projects. We value this usage and aim to support it as much as possible.\n\n## Rate limitation details\n\nIn recent months, we have observed that the frequency and intensity of requests made by unauthenticated, also known as anonymous, users to the Projects List API have increased significantly. This has resulted in an increased load on our servers, which has impacted the performance and stability of our platform for all users. To address this issue, we have decided to introduce rate limitations for unauthenticated users.\n\nAs a consequence of this change, unauthenticated users of the Projects List API will be limited to 400 requests per 10 minutes per unique IP address on GitLab.com. If an unauthenticated user exceeds this limit, the user will receive a \"429 Too Many Requests\" response. On GitLab.com, this limit cannot be changed. Users of self-managed GitLab instances have the same rate limitation set by default, but [admins can change the rate limits](https://docs.gitlab.com/ee/administration/settings/rate_limit_on_projects_api.html#rate-limit-on-projects-api) as they see fit via the UI or the application settings API. They can also set the rate limit to zero, which acts as if there is no rate limitation at all.\n\nWe understand that this change may impact some of our users who rely on the Projects List API, and we apologize for any inconvenience this may cause. We encourage users who need to make more than 400 requests per 10 minutes to the Projects List API to [sign up for a GitLab account](/pricing/), which provides higher rate limits and other benefits, such as access to additional APIs and integrations.\n\nIf you have any questions or concerns about this change, please do not hesitate to [leave feedback in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/404611).\n",[751,752,727],"product","features",{"slug":754,"featured":13,"template":14},"rate-limitation-for-unauthorized-users-projects-list-api",{"promotions":756},[757,771,782],{"id":758,"categories":759,"header":761,"text":762,"button":763,"image":768},"ai-modernization",[760],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":764,"config":765},"Get your AI maturity score",{"href":766,"dataGaName":767,"dataGaLocation":243},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":769},{"src":770},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":772,"categories":773,"header":774,"text":762,"button":775,"image":779},"devops-modernization",[751,558],"Are you just managing tools or shipping innovation?",{"text":776,"config":777},"Get your DevOps maturity score",{"href":778,"dataGaName":767,"dataGaLocation":243},"/assessments/devops-modernization-assessment/",{"config":780},{"src":781},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":783,"categories":784,"header":786,"text":762,"button":787,"image":791},"security-modernization",[785],"security","Are you trading speed for security?",{"text":788,"config":789},"Get your security maturity score",{"href":790,"dataGaName":767,"dataGaLocation":243},"/assessments/security-modernization-assessment/",{"config":792},{"src":793},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"header":795,"blurb":796,"button":797,"secondaryButton":802},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":798,"config":799},"Get your free trial",{"href":800,"dataGaName":50,"dataGaLocation":801},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":494,"config":803},{"href":54,"dataGaName":55,"dataGaLocation":801},1772652074679]