GitLab 17.11 Boosts DevSecOps with Custom Compliance Frameworks and 60+ Enhancements

On April 17, 2025, GitLab rolled out version 17.11, a major release packed with over 60 updates aimed at streamlining DevSecOps workflows and strengthening compliance integration. The highlight: Custom Compliance Frameworks, a game-changing feature that brings regulatory compliance directly into the development pipeline.

Custom Compliance Frameworks: Built-In Governance

With this release, GitLab enables organizations to define and enforce regulatory standards—such as HIPAA, GDPR, and SOC 2—within their development environment. The frameworks come with 50+ built-in controls covering key areas like security scanning, authentication, application settings, and separation of duties.

Through GitLab’s Compliance Center, teams can:

Define new compliance frameworks
Map regulatory requirements to specific controls
Apply frameworks to projects organization-wide

This embedded approach eliminates the need for manual tracking, significantly reduces audit prep time, and ensures continuous enforcement of security and regulatory standards across the entire software delivery lifecycle.

Real-Time Monitoring & Automation

The automation of compliance checks improves consistency and reduces human error. Teams benefit from real-time visibility into compliance status, making it easier to maintain audit readiness and respond quickly to evolving regulations.

“Big milestone moment – Custom Compliance Frameworks is now officially released in GitLab 17.11!”
— Ian Khor, Product Manager at GitLab

Khor praised the cross-functional effort behind the feature, noting contributions from product, engineering, UX, and security teams to ensure organizations can effectively manage compliance within GitLab.

GitLab CTO Joel Krooswyk also spotlighted the feature:

“Psst – hey – did you hear? GitLab 17.11 dropped today, and there are 3 huge things I’m excited to share. 1. Compliance frameworks. 50 of them, ready to pull into your projects.”