🏆SFEIR is the Google Cloud EMEA Training Partner of the Year 2025🤝New partnership: Official GitLab Training🤖New training: AI-Augmented Developer
🏆SFEIR is the Google Cloud EMEA Training Partner of the Year 2025🤝New partnership: Official GitLab Training🤖New training: AI-Augmented Developer
GITLABOFF_SECESSENTIALS

GitLab Security Essentials Training

This class covers all of the essential security capabilities of GitLab, including Static Application Security Testing, secret detection, Dynamic Application Security Testing, dependency scanning, container scanning, API security, and compliance. Since most of these features are only available for customers with an Ultimate license, this course is intended for Ultimate customers only.

GitLab
✓ Official training GitLabLevel Intermediate⏱️ 1 day (7h)

What you will learn

  • Shift security left and right
  • Choose security scanners
  • Leverage vulnerability management and vulnerability reports
  • Use security best practices
  • Solve problems with SAST
  • Use best practices for implementing SAST scanners
  • Solve problems with secret detection
  • Use best practices for implementing secret detection scanners
  • View vulnerabilities in merge requests, vulnerability reports, and pipeline reports
  • Use best practices for triaging vulnerabilities
  • Use AI to resolve vulnerabilities
  • Solve problems with dependency scanning
  • Use best practices for implementing dependency scanners
  • Solve problems with IaC scanning
  • Use best practices for implementing IaC scanners
  • Solve problems with container scanning
  • Use best practices for implementing container scanners
  • Solve problems with API security
  • Use best practices for implementing API security
  • Solve problems with DAST
  • Use best practices for implementing DAST scanners
  • Solve problems with operational container scanning
  • Use best practices for implementing operational container scanners
  • Align with common compliance standards
  • Identify and enforce compliance requirements
  • Track security-related actions
  • Gather audit events for processing
  • Control what can be pushed to a repository

Prerequisites

  • GitLab Fundamentals course or equivalent knowledge
  • GitLab CI/CD course or equivalent knowledge
  • Knowledge of Git, GitLab, or GitLab CI/CD

Target audience

  • Project managers, developers, DevSecOps engineers, and security specialists who are using GitLab with the Ultimate license

Training Program

8 modules to master the fundamentals

Topics covered
  • →Shift security left and right
  • →Choose security scanners
  • →Leverage vulnerability management and vulnerability reports
  • →Use security best practices
Topics covered
  • →Solve problems with SAST
  • →Use best practices for implementing SAST scanners
  • →Solve problems with secret detection
  • →Use best practices for implementing secret detection scanners
Topics covered
  • →View vulnerabilities in merge requests, vulnerability reports, and pipeline reports
  • →Use best practices for triaging vulnerabilities
  • →Use AI to resolve vulnerabilities
Topics covered
  • →Solve problems with dependency scanning
  • →Use best practices for implementing dependency scanners
  • →Solve problems with IaC scanning
  • →Use best practices for implementing IaC scanners
Topics covered
  • →Solve problems with container scanning
  • →Use best practices for implementing container scanners
Topics covered
  • →Solve problems with API security
  • →Use best practices for implementing API security
  • →Solve problems with DAST
  • →Use best practices for implementing DAST scanners
Topics covered
  • →Solve problems with operational container scanning
  • →Use best practices for implementing operational container scanners
Topics covered
  • →Align with common compliance standards
  • →Identify and enforce compliance requirements
  • →Track security-related actions
  • →Gather audit events for processing
  • →Control what can be pushed to a repository

Related Trainings

AWS

Security Engineering on AWS

Security is a concern for both customers in the cloud, and those considering cloud adoption. An increase in cyberattacks and data leaks remains top of mind for most industry personnel. The Security Engineering on AWS course addresses these concerns by helping you better understand how to interact and build with Amazon Web Services (AWS) in a secure way. In this course, you will learn about managing identities and roles, managing and provisioning accounts, and monitoring API activity for anomalies. You will also learn about how to protect data stored on AWS. The course explores how you can generate, collect, and monitor logs to help identify security incidents. Finally, you will review detecting and investigating security incidents with AWS services.

3 d
Intermediate
AWS

AWS Security Essentials

This course covers fundamental Amazon Web Services (AWS) security concepts, including AWS access control, data encryption methods, and how to secure network access to your AWS infrastructure. Based on the AWS Shared Responsibility Model, you learn your responsibilities related to implementing security in the AWS Cloud and which security-oriented services are available to you. You also learn why and how the security services help meet the security needs of your organization.

1 d
Fundamental
Google Cloud

Model Armor: Securing AI Deployments

This course explains how to use Model Armor to protect AI applications, specifically large language models (LLMs). The curriculum covers Model Armor's architecture and its role in mitigating threats like malicious URLs, prompt injection, jailbreaking, sensitive data leaks, and improper output handling. Practical skills include defining floor settings, configuring templates, and enabling various detection types. You'll also explore sample audit logs to find details about flagged violations.

0.5 d
Fundamental
View all trainings →

Upcoming sessions

No date suits you?

We regularly organize new sessions. Contact us to find out about upcoming dates or to schedule a session at a date of your choice.

Register for a custom date

Quality Process

SFEIR Institute's commitment: an excellence approach to ensure the quality and success of all our training programs. Learn more about our quality approach

Teaching Methods Used
  • Lectures / Theoretical Slides — Presentation of concepts using visual aids (PowerPoint, PDF).
  • Technical Demonstration (Demos) — The instructor performs a task or procedure while students observe.
  • Guided Labs — Guided practical exercises on software, hardware, or technical environments.
Evaluation and Monitoring System

The achievement of training objectives is evaluated at multiple levels to ensure quality:

  • Continuous Knowledge Assessment : Verification of knowledge throughout the training via participatory methods (quizzes, practical exercises, case studies) under instructor supervision.
  • Progress Measurement : Comparative self-assessment system including an initial diagnostic to determine the starting level, followed by a final evaluation to validate skills development.
  • Quality Evaluation : End-of-session satisfaction questionnaire to measure the relevance and effectiveness of the training as perceived by participants.

790€ excl. VAT

per learner

ReserveQuote