Announcement
Introducing Bearer Assistant beta, our AI-powered explainer and fixer.
Learn more ->Cross icon
<- Back to the blog

Introducing Bearer's Advanced GitLab Integration

We are thrilled to announce the launch of Bearer's advanced GitLab integration! Building on the lessons learned from our successful GitHub App, this integration aims to revolutionize the GitLab experience for our customers, enhancing both the developer and security workflow.

Seamless Integration & Comprehensive Scanning

Integrating Bearer with GitLab is now easier than ever. Using the most advanced GitLab APIs at our disposal, the setup now only requires a GitLab API token for both Cloud and self-hosted GitLab instances.

By default, every merge request (MR) is scanned using our lightning-fast differential scan feature, and full scans are performed on merges. We also provide the flexibility to initiate manual scans on-demand directly from our Dashboard. As always with Bearer, we provide complete control over the scan settings, for example, choosing which severity level triggers alerts, customizing the ruleset, and much more.

Optimized Developer Interaction

With the same mission in mind as for our GitHub app, our team focused on providing a seamless developer experience and empowering them to take actions over security findings:

  • Scan Summaries: Each MR starts with a clear summary, providing an instant overview of the security scan results.
  • Inline Issue Comments: Detailed comments for each identified security issue give developers the context needed for quick resolution.
  • Simplified Issue Management: The /bearer ignore [message] command lets developers efficiently dismiss findings within MRs.
  • Bearer AI Assistant: The command /bearer suggest provides context-specific explanations and code fixes directly in the MR, streamlining the development process by enabling quick fixes.

Workflow Reporting for Security Teams

At Bearer, we understand the importance of the relationship between developers and security teams. Now, on Bearer Cloud, the security team has the ability to control findings ignored by developers during a MR. They can confirm or re-open a finding, essentially assessing why, who, and when it was ignored. Security is a team sport, and from empowering developers to take action to enabling the security team to monitor those, we believe it’s the most efficient way to play it!

Conclusion

The Bearer GitLab Integration is a game-changer in enhancing the developer experience and taking security oversight to the next level. Our GitLab integration is designed to make secure development seamless and efficient, balancing the needs of both developers and security teams.

Want to give it a try? Request a demo to see how this new integration can empower developers and provide crucial reporting and oversight for the security team.

Announcements
Share this article: