 Hi, my name is Fernando and I'm a technical marketing manager here at GitLab. And today, I'm going to show you some of the newest security features in GitLab 15.1. GitLab 15.1 includes SLSA2 attestation for build artifacts. This is a security framework that helps ensure the security and integrity of your software supply chain. With this new attestation information, you can more easily verify that your build artifacts have not been tampered with. Now let's take a look at this in action. In my project, I go to the GitLab CI YAML and first thing I must do is verify that I'm actually generating an artifact. Then I must make sure I include the variable runner generate artifacts metadata and set it to true. Now let's take a look at our job output. Here we can see the output of our hello job. And when browsing the job artifacts, we can see there's the data.txt we generated as well as the artifact metadata. Here we have a SHA-256 hash of our file to make sure it hasn't been tampered with. And if provided, we'll have a bunch of different parameters from the job. The next feature I want to highlight is that now we prevent users from using known and secure public keys. The SSH key you add is checked against a list of compromised keys in order to keep your GitLab instance secure. Now let's see this in action. I'm going to go to my settings and I'm going to go click on SSH keys. And from here, let me go to a list of compromised keys from a repository which we grabbed from. I'm going to go ahead and select the compromised public key. Let me go ahead and copy it. And then I'm going to paste the key into my SSH keys UI. Add a title and add key. And here you can see that I'm provided with an error saying I cannot add it because it's been compromised. You can now sign into VS Code with GitLab OAuth. This makes GitLab workflow on VS Code much simpler to set up because one of the pain points was generating a personal access token and then linking it to a VS Code. All we need to do now is go to our GitLab workflow extension on VS Code and click on connect to gitlab.com with OAuth. We allow this extension and then we authorize it from our GitLab account, open Visual Studio Code, and we can see here that all the issues come up for our provided project. To improve security, you can now block Git access protocols at the group level. This is done by removing the protocols which you do not use. This can be done in the group settings under general. Then scroll down to permissions and group features and expand the tab. And then we can scroll down and under enabled Git access protocols, we can either select only SSH or only HTTPS. SAML Group Sync is now available for self-managed GitLab, meaning that you can map a group in your identity provider to a self-managed GitLab group using SAML Group links, decreasing the workload of GitLab administrators and reducing onboarding time for group members. Next, you can optionally ignore scanning NPM development dependencies. That way, you can focus only on regular dependencies and ignore vulnerabilities found under your development dependencies. And as always, you can see that we continuously update our different analyzers. Here are some updates for static analysis analyzers which include new detection rules, bug fixes, and much more. Updates are also present for the container scanning analyzer. These updates include additional coverage, bug fixes, and more. Thanks for watching and I hope you enjoyed this video. For more videos like this, please subscribe and for more information on GitLab and the presented features, please see the links in the description.