 Hi, my name is Fernando and I'm a technical marketing manager here at GitLab and today I'm going to go over security scans within an offline or air-gapped environment This is my dog. I mean cat Oreo GitLab scans can be run in a variety of different environments These environments include air-gapped, limited connectivity, LAN and intranet These environments have physical barriers and or security policies that prevent or limit internet access Here's an example of a limited connectivity environment. We have GitLab air-gap test a VM which runs an instance of GitLab, which does not have access to the internet It only connects to machines within the local network Then there's the GitLab air-gap runner. This just runs the GitLab runners Then we have the GitLab air-gap NPM which hosts all the dependencies which our project requires and Then there's GitLab air-gap bastion It has access to the internet and is used to push container images and packages to different VMs within the local network Here's a merge request in a limited connectivity environment. It is configured with license scanning which checks licenses against the policy You can see that merge request approvals are configured to block the merge request from being committed if any Vulnerabilities are detected as well as if there are any denied licenses detected Unless they are approved by a specific group of people You can see that license scanning picked up a new license, which is an acceptable one In the GitLab CI YAML file you can see that the license scanning template has been included It is pointing at a local image, which we have pushed from the bastion VM The CI cert here is for verifying our NPM server. I have hidden it so I don't get hacked Here's a configuration file that shows how we were communicating with our dependency server. This varies from language to language From bastion the VM which has access to the internet We can download the container images required to set up our security scans and push them to our GitLab instance Here's a sample of a script which does just that Thanks for watching. Please click on that subscribe button For more information on security scans in limited connectivity and offline environments see the links in the description Here at GitLab everyone can contribute