 Hey, my name is Fernando and I'm a technical marketing manager here at GitLab and today I'm going to show you some of the newly released security features in GitLab 14.5 One of the cool new security features is infrastructure as code security scanning With this you'll be able to scan your Terraform, Ansible, AWS cloud formation and Kubernetes files In order to enable infrastructure as code scanning, simply go to the GitLab CI YAML and add the SAST IAC template Now you'll scan infrastructure as well as regular static source code Now when submitting a new merge request, when we expand the security scanning tab, under SAST we can now see a whole bunch of new vulnerabilities because the infrastructure as code was scanned After clicking on the vulnerability, you'll have more detailed information on what exactly it is, what project it is, the file as well as an identifier linking you to relevant information This link pointed us to a page on how to manage resources within our containers You can now define and enforce values for merge request approval settings at the group level This allows you to be confident that your projects are running merge request approvals, showing a consistent separation of duties Within our group, go to the settings and general tab, then scroll down to merge request approvals Here we can click on one of these merge request approvals to enforce them amongst the group You can now fine tune vulnerability check rules This will allow you to require approvals only under certain conditions which are fine tuned by vulnerability type, severity and much more Within our project, simply go to settings and general, then we can scroll down to merge request approvals and expand it When clicking on edit for the vulnerability check, we can see that there are new options showing when to enforce approvals if a vulnerability is detected There's also additional support for secret detection patterns We've updated the secret detection scanner to detect 47 new well-ally identifiable secret patterns for widely used applications This brings GitLab secret detection up to over 90 detectable patterns We also work with vendors to continuously enhance our secret detection pattern support By commenting on the issue given in the description, you can add your own pattern And as always, you can see our new updates to the static analysis analyzer where we've updated the versions of different scanners for SAST Thanks for watching and I hope you enjoyed this video For more information on the new security features in 14.5, click on the links in the description And be sure to hit that subscribe button