GitLab Compliance Training
This class covers all of the essential compliance capabilities of GitLab, including compliance frameworks, repository control, merge request approval policies, pipeline execution policies, scan execution policies, audit management, and reporting. Since most of these features are only available for customers with an Ultimate license, this course is intended for Ultimate customers only.
What you will learn
- Learn to use GitLab's essential compliance capabilities
- Understand and apply compliance frameworks and project scoping
- Control repository access and enforce code review processes
- Manage merge request approval policies for licenses and security scans
- Define and enforce pipeline and scan execution policies
- Manage and consolidate audit events and logs
- Generate audit, compliance, and SBOM reports
- Use role-based access control to limit data access
Prerequisites
- GitLab Fundamentals course or equivalent knowledge
- GitLab CI/CD course or equivalent knowledge
- Basic knowledge of Git, GitLab, and GitLab CI/CD
- Computer with internet access and Git installed
Target audience
- Compliance managers, Compliance program managers, Audit report analysts, Audit events analysts who are using GitLab with the Ultimate license
Training Program
8 modules to master the fundamentals
Topics covered
- →Meet regulatory requirements
- →Track your projects
- →Enforce organizational standards
- →Manage separation of duties
Topics covered
- →Identify and enforce compliance requirements
- →Scope projects based on risk level
- →Create an audit trail
Topics covered
- →Control what can be pushed to a repository
- →Enforce code review processes
- →Prevent force pushes
- →Require approval from the correct people
Topics covered
- →Manage the use of open-source licenses
- →Automate license scanning
- →Use security scan results
Topics covered
- →Ensure projects use a required job
- →Ensure standard pipeline across your organization
- →Add custom logic and apply it at scale
Topics covered
- →Ensure security scans are consistently applied
- →Balance stringent security checks and developer productivity
Topics covered
- →Stream audit events
- →Consolidate audit logs
- →Track security-related action
Topics covered
- →Align with industry standards
- →Generate audit reports, compliance reports, and SBOM reports
- →Use role-based access control to limit access to data
Quality Process
SFEIR Institute's commitment: an excellence approach to ensure the quality and success of all our training programs. Learn more about our quality approach
- Lectures / Theoretical Slides — Presentation of concepts using visual aids (PowerPoint, PDF).
- Technical Demonstration (Demos) — The instructor performs a task or procedure while students observe.
- Guided Labs — Guided practical exercises on software, hardware, or technical environments.
The achievement of training objectives is evaluated at multiple levels to ensure quality:
- Continuous Knowledge Assessment : Verification of knowledge throughout the training via participatory methods (quizzes, practical exercises, case studies) under instructor supervision.
- Progress Measurement : Comparative self-assessment system including an initial diagnostic to determine the starting level, followed by a final evaluation to validate skills development.
- Quality Evaluation : End-of-session satisfaction questionnaire to measure the relevance and effectiveness of the training as perceived by participants.
Upcoming sessions
No date suits you?
We regularly organize new sessions. Contact us to find out about upcoming dates or to schedule a session at a date of your choice.
Register for a custom dateTrain multiple employees
- Volume discounts (multiple seats)
- Private or custom session
- On-site or remote