Tutorials: Secure your application and check compliance

GitLab can check your application for security vulnerabilities and that it meets compliance requirements.

Topic	Description	Good for beginners
Set up dependency scanning	Learn how to detect vulnerabilities in an application’s dependencies.	{{< icon name=”star” >}}
Generate a software bill of materials with GitLab package registry	Learn how to generate an SBOM across all projects in a group.	{{< icon name=”star” >}}
Export Dependency List in SBOM format	Learn how to export an application’s dependencies to the CycloneDX SBOM format.	{{< icon name=”star” >}}
Create a compliance pipeline	Learn how to create compliance pipelines for your groups.	{{< icon name=”star” >}}
Set up a merge request approval policy	Learn how to configure a merge request approval policy that takes action based on scan results.	{{< icon name=”star” >}}
Set up a scan execution policy	Learn how to create a scan execution policy to enforce security scanning of your project.	{{< icon name=”star” >}}
Scan a Docker container for vulnerabilities	Learn how to use container scanning templates to add container scanning to your projects.	{{< icon name=”star” >}}
Protect your project with secret push protection	Enable secret push protection in your project.	{{< icon name=”star” >}}
Remove a secret from your commits	Learn how to remove a secret from your commit history.	{{< icon name=”star” >}}
Get started with GitLab application security	Follow recommended steps to set up security tools.
GitLab Security Essentials	Learn about the essential security capabilities of GitLab in this self-paced course.