Making the internet safer by reducing malicious activity originating from GitLab.com.
The Abuse Operations team investigates and mitigates the malicious use of GitLab.com and it’s associated features and tools with the goal of making the internet a safer place. In order to achieve this we must ensure that we are good internet citizens.
Code of Conduct Violations are handled by the Community Advocates in the Community Relations Team. For more information on reporting these violations please see the GitLab Community Code of Conduct page.
The following people are permanent members of the Abuse Operations Team
|Melissa Rodriquez||Security Engineer, Abuse Operations|
|Roger Ostrander||Security Engineer, Abuse Operations|
|Shawn Sichak||Security Engineer, Abuse Operations|
|Westley van den Berg||Security Analyst, Abuse Operations|
|Charl de Wit||Security Manager, Abuse Operations|
To bring an issue to our attention please tag
@gitlab-com/gl-security/abuse-team, or create an issue in the Abuse. If it is an urgent issue, please reach out on Slack in the
#abuse channel or by using
Abuse Mitigation Dashboards (GitLab internal)
Total accounts mitigated per week
Automatic vs Manual
Average Time to Mitigation
Accounts mitigated per category
1. Malware: Defined as software that is designed and distributed with the intention of causing damage to a computer, server, client, or computer network.
README.mdfile; for example, links to supporting materials such as a blog post describing the project.
git-lfsis available for use for binary files on GitLab.com.
2. Commercial Spam: An account that's been created for the purpose of advertising a product or service.
3. Malicious Spam: An account that’s been created for the purpose of distribution of fraudulent, illegal, pirated or deceptive content.
4. CI Abuse: Making use of CI Runners for any other purpose than what it is intended for. Examples include, but are not limited to:
5. Prohibited Content: Distributing harmful or offensive content that is defamatory, obscene, abusive, an invasion of privacy or harassing.
Report Illegal Contentbutton.
6. GitLab Pages: Pages Abuse: Include, but are not limited to:
You can report abuse on GitLab.com via the
Report Abuse button while logged in.
* Please ensure to include any relevant details pertaining to your report in the text field.
Alternatively you can eMail abuse report to
For DMCA Notices please email
The Abuse Operations team are responsible for processing Digital Millennium Copyright Act (DMCA) notices. All DMCA requests need to be vetted by Legal first before we proceed with the take down of the reported content.
Abuse works in conjunction with Legal referencing the DMCA Removal Workflow
Be good internet citizens.