GitLab
Flyingduck supports GitLab in both cloud and on-premise deployments, providing comprehensive security scanning capabilities for your repositories.
GitLab Cloud
| Feature/Limitation | Flyingduck Cloud Scan | Flyingduck with Runner |
|---|---|---|
| Deployment Model | Flyingduck Cloud. | Agent runs in your VM, requires a dedicated VM 24x7. |
| Source Code Location | Source code is copied to Flyingduck cloud for scanning. | Code is completely on your infrastructure (never leaves network). See what data we collect |
| Continuous Scans | Available for every commit. | Available for every commit. |
| PR Scans | Available for every PR (scans only the delta changes) (beta) | Need to configure agent in pipelines to scan PR's. |
| Blocking Builds/PRs | Can block PRs based on finding's severity. | Need to configure agent in pipelines to scan PR's. |
| Vulnerability Detection | SBOM, SCA, Secret Detection and SAST. | SBOM, SCA, Secret Detection and SAST . |