Objectives and Initiatives

Success Plan Objectives

Success Plan Objective Target Delivery Date Status Summary
Reduce security risk by adopting GitLab SAST scans in all pipelines TBD Not Started
  • Today, security scans are only executed in the integration environment, fairly late in the overall development lifecycle.
  • Adopting GitLab SAST scans in all pipelines will provide developers with just-in-time security insights during each merge request, reducing the likelihood of vulnerabilities being merged to main.
Deliver better products faster by using GitLab CI/CD to reduce lead time for changes 2025-02-07 On Track
  • Example Company wants to make their software development lifecycle more efficient by adopting CI/CD practices across the enterprise.
  • Successful adoption of GitLab's CI/CD capabilities should reduce lead time for changes by 10%, allowing the company to deliver value to customers faster.

Objective 1: Reduce security risk by adopting GitLab SAST scans in all pipelines

  • Not Started
Associated Initiative Target Delivery Date Status Initiative Owner(s) Update
Create a scan execution policy in the top-level group to run SAST scans against main branches on a schedule 2024-12-15 Not Started Unassigned
  • Example Company DevOps team is working on implementation, with plans to roll out in early December.
Create a scan execution policy in the top-level group to run SAST scans in all pipelines 2025-01-10 Watchpoint Unassigned
  • Initial attempts to establish a policy were met with development team resistance due to the large number of pre-existing vulnerabilities detected.
  • GitLab recommends running baseline scans against all projects' main branches via a scheduled scan execution policy to help minimize the impact of pre-existing vulnerabilities on what developers see in individual feature merge requests.

Objective 2: Deliver better products faster by using GitLab CI/CD to reduce lead time for changes

  • Target: 2025-02-07
  • On Track
Associated Initiative Target Delivery Date Status Initiative Owner(s) Update
Enablement session: GitLab CI/CD Basics 2025-01-10 Proposal Unassigned
  • Schedule options have been proposed, and are awaiting customer feedback.

Enablement Plan

Enablement Plan Initiatives

Initiative Target Delivery Date Status Initiative Owner(s) Update
Enablement session: GitLab CI/CD Basics 2025-01-10 Proposal Unassigned
  • Schedule options have been proposed, and are awaiting customer feedback.

Next Steps