 Hello, my name's Fernando and I'm a technical marketing manager here at GitLab and today I'm going to go over some of the new security features found in GitLab 14.7. So the first thing I wanted to point out is that the GitLab runner is now FIPS 140-2 compliant. FIPS stands for Federal Information Processing Standard. For some GitLab customers, US government regulatory requirements require the use of FIPS compliant software. There are now group access tokens where you can use a single token to perform actions for groups, manage the projects within a group, and authenticate with Git over HTTPS. The next item I wanted to point out is streaming audit events. You can now stream audit events to the destination of your choosing. This is a great way to correlate GitLab audit events with other data streams you have. Using a backup of audit events or build all your own automation to take action when a specific audit event happens. First you'll have to specify the HTTPS endpoint with our new GraphQL API and events are sent to it as webhooks. Now let me show you how this works. I'm going to be using Pipedream, which is a production scale serverless platform. I'm going to be using an event source, which collects data from my app or service and then emits this data as individual events. Once the event source has been created, we'll be given an endpoint, which we can use for event streaming. Now I'm using Postman to send the request to the GitLab GraphQL API in order to generate an external audit event endpoint. We can see that the response was successful. I'm going to go ahead and perform an action on a group that will trigger an audit event. I'll create a group access token. Now I'll verify that this group access token is shown within the audit events log. And here we see it. Now let's check our event source within Pipedream. You can see that the event is also present and has been streamed to our endpoint. This shows how easy it is to stream your audit events. And as always, as we keep iterating over our different scanners, we find ways to improve them. We've just released a major GitLeaks performance improvement. GitLeaks is used as our GitLab secret detection analyzer. It has been updated to major version 8, which includes a massive performance update and the complete rewrite of its core detection engine. Scan should now run much faster with a large reduction in memory usage, which creates shorter and more efficient pipelines. There was also static analyzer updates in which we updated spot bugs to a newer version as well as code climate. This is part of our ongoing effort to continue to manage and maintain the open source security scanners which we leverage. And last, we have OpenID Connect support for GitLab CICD. We're introducing a GitLab job JWT V2 environment variable that can be used to connect to AWS GCP Bolt and likely many other cloud services. We have a working example you can check out within the links in the description which uses OpenID Connect between AWS and GitLab. You'll need to create an IAM policy with service permissions in AWS. We're going to try with listing S3 buckets using the CICD pipeline within GitLab. Now let's check out the CI YAML. Here we can see a set of steps. After we export all the environment variables we need, we're going to perform some actions on AWS. Notice that we're listing our S3 buckets and also attempting to describe our EC2 instances. Now let's look at the pipeline that has completed running. We'll click on the job and you can see that listing our S3 buckets works properly yet we're unable to describe our EC2 instances because we don't have permissions for that. Thanks for watching and I hope you enjoyed. For more information on GitLab 14.7 be sure to check out the links in the description and be sure to click that subscribe button.