GitLab
Add GitLab slash commands to your workspace.Example:
/gitlab <project-alias> issue show <id> shows the issue with id <id> in Slack.More examples: https://gitlab.com/help/integration/slash_commands.mdPermissions
GitLab will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Gitlab (Valery Sizov)
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Data archiving and removal policy
Records Management Records management addresses the life cycle of records, i.e., the period of time the records are in the possession of GitLab. The life cycle usually consists of three stages: 1) Creation or receipt; 2) Maintenance or use; and 3) Destruction or retention. This policy is used in conjunction with the Records Retention and Disposal Standard. Records retention does not mean permanent retention. There are certain situations where documents must be preserved permanently, but most records need only be retained for a specified period of time. When the retention period for a particular record expires, we should destroy or delete the record. However, if we destroy or delete a record before its retention period expires, GitLab may be subject to penalties and sanctions. Unnecessary retention of records creates significant burdens for GitLab. For example, unnecessary records take up valuable storage space and make retrieval of needed records more difficult and costly. Consequently, GitLab recommends destruction of records after the retention period expires, except in those instances where GitLab directs otherwise (such as when a Litigation Hold is issued by the Legal Department). In other words, GitLab requires adherence to the records retention requirements and recommends the destruction of records according to the Retention Schedule.
Data storage policy
Data center location(s)
United States
Data hosting details
Cloud hosted
Data hosting company
Google Cloud Platform
App/service has sub-processors
no
Certifications & compliance
GDPR commitment
Data deletion request procedure
The right to deletion: Companies must delete a Consumer's personal information upon request. According to https://about.gitlab.com/privacy/privacy-compliance/
HIPAA compliant
yes
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack App Directory, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2021-07-14
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Okta
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@gitlab.com
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
yes
Bug bounty program URL
Requires third party authorization/connections
no
Uses token rotation
no