KONTRA & GitLab: Integrating Security Education Into The Developers’ Workflow

Step 1. Enable Security Training for Vulnerabilities

Security training helps your developers learn how to fix vulnerabilities. Developers can view security training from selected educational providers, relevant to the detected vulnerability.

Kontra’s training is available to all GitLab Ultimate customers. Simply enable it for any desired projects.

Step 2. View Training

Look at the results from a GitLab security scan in a merge request, pipeline security tab, or a vulnerability details page. When you open a vulnerability record, you will see a direct link to training.

GitLab will pull a training from Kontra that most closely matches the particular security issue and the specific language or framework in which it was detected.

Step 3. Learn to Fix

Our short training sessions are designed to be played under 3-5 minutes, ensuring that the correct explanations are provided to the developer to fully understand the security impact of a reported vulnerability and how to address it, making it easier to apply the security fix to the code.