---
layout: markdown_page
title: "Application Security Testing built-in to your DevOps process"
---
## Proactive security. No integrations. 

GitLab Security includes all of these capabilities - in one tool - built into your DevOps process:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Dependency Scanning
- Container Scanning
- License Compliance

For the developer: 
Are you bothered by siloed security processes that take you away from development?
GitLab is a single application for developers and for security.
- Scan for security flaws with every commit with no incremental effort
- Security issues reported directly in Pipelines and Merge Requests
- Zero context switching to proactively secure applications


For the Security Pro:
Do you lack visibility into dev and see vulnerabilities late in the cycle?
GitLab is a single application for developers and for security.
- Shared view with dev
- Security Dashboard to assess vulnerabilities and assign issues or resolve.
- No integration work and managing or maintaining independent security tools.

For the CIO or CISO:
Are you juggling Security, costs, and business agility?  
GitLab is a single application for developers and for security.
- One license cost for integrated security
- [ROI efficiency](/roi/replace).  Buy one application for your SDLC.
- [You need not slow down your software factory](/handbook/product/#security-paradigm)
- Scan ALL of your applications ALL of the time without incremental costs