GitLab Drives Faster Enterprise Deals with 14 Day Sales Cycle Reduction
Challenge
- High volume of inbound customer trust and security requests that did not scale with manual processes
- Hundreds of security documents sent manually via email and ZIP files
- Time-consuming NDA validation and password management across separate communications
- Security teams stretched thin responding to repetitive requests
- Sales cycles slowed by back-and-forth between customers, sales, and security
Solution
- Centralized customer trust content in a self-serve Trust Center
- Backend matching of trust requests to customer accounts via Salesforce integration
- Streamlined request reviews and approvals directly within Slack across global teams
- Leveraged AI Questionnaire Automation (AIQA) to generate tailored responses using GitLab’s existing knowledge base
- Reduced reliance on sales as a go-between for security questionnaires and trust requests
Impact Highlights
50% Reduction in Security Questionnaires
GitLab reduced the number of security questionnaires completed year over year by shifting customers to a self-serve Trust Center, eliminating repetitive manual responses.
10–14 Day Faster Sales Cycles
By removing security reviews as a bottleneck, GitLab shortened average sales cycles by up to two weeks, allowing sales teams to focus on progressing deals.
90%+ Enterprise Customer Self-Service Adoption
More than 90% of GitLab’s enterprise customers now use the Trust Center, enabling automated approvals for most requests without increasing headcount.
Background
GitLab supports tens of thousands of customers and millions of developers worldwide, helping organizations build and secure critical software workflows. As GitLab expands into new enterprise segments and regulated verticals, customer trust plays a central role in purchasing decisions. Prospective customers expect fast, transparent access to security documentation and clear answers to due diligence questions.
Before adopting SafeBase Trust Center by Drata, GitLab’s Security Assurance team managed trust requests manually. Security reports, penetration test results, and other documentation were distributed through email, often packaged in ZIP files with passwords sent separately. As customer demand increased, this approach became difficult to scale.
As Ayoub Fandi, Staff Security Assurance Engineer at GitLab, described, “In my first year at GitLab, I probably sent over five or 600 ZIP files with SOC 2 reports and pen test reports.” Each request required manual NDA checks, file preparation, and separate password sharing, pulling time away from higher-value assurance work.
GitLab needed a scalable, automated way to deliver trust information that aligned with its transparency-first culture while supporting continued growth. As Ayoub Fandi, Staff Security Assurance Engineer at GitLab, explained, “When we want to sell to new verticals and new customers, a lot of the questions they have are around security.”
“Trust Center has enabled GitLab to become a proper security sales enabler.”
Accelerating Sales Cycles Through Self-Serve Trust
As GitLab expanded into new enterprise segments and verticals, security reviews became a critical factor in deal progression. Customers frequently requested access to security documentation and detailed answers to due diligence questions, creating friction when requests flowed through sales teams before reaching security.
By centralizing trust content in a self-serve Trust Center, GitLab removed security reviews as a bottleneck in the sales process. Customers can now access the information they need directly, while more complex inquiries flow straight to the Security Assurance team without sales acting as a middle layer.
“We have at least 90% of our customers that can directly self-serve information through the portal. I can actually name a few dozen instances where a customer specifically said, ‘you have a world-class trust center.’”
This shift led to measurable revenue impact. GitLab reduced security questionnaires by 50% year over year and shortened average sales cycles by 10 to 14 days. Just as importantly, the Trust Center changed how customers perceived GitLab’s security posture.
“On average, we’re saving between 10 and 14 days in the sales cycle… the sales team can focus on what’s actually moving the deal forward.”
Automating Trust Workflows with Salesforce and Slack
As trust request volumes increased, GitLab needed a way to streamline how inbound requests were handled across teams and regions. Previously, requests required manual coordination to identify the correct customer account, validate access, and route approvals — adding friction and slowing response times.
SafeBase Trust Center by Drata introduced workflow automation through native integrations with Salesforce and Slack. Salesforce integration enabled backend matching between requester email domains and the correct customer accounts, reducing manual effort and improving accuracy when handling inbound trust requests. Slack integration then brought approvals directly into GitLab’s existing workflows, allowing the Security Assurance team to review and respond to requests without leaving the tools they already use. “Over 90% of our enterprise customers are onboarded, and about 90% of requests are automatically approved directly in Slack.”
These integrations enabled GitLab to operate trust delivery at scale. Automated approvals now handle roughly 90% of incoming requests, reserving manual review only for edge cases such as acquisitions or domain changes. As a result, the team can support global, around-the-clock trust operations without increasing headcount.
“With Trust Center, the whole workflow toward getting approval to download documentation is simple and streamlined…Even in enterprise, where customers can’t always sign NDAs on the spot, it’s just a few clicks to waive that and leverage the MSA.”
Reducing Questionnaire Burden with AI-Powered Automation
Even with streamlined workflows, security questionnaires remained a time-intensive part of trust delivery. Many questionnaires asked similar questions and required consistent, accurate responses drawn from GitLab’s existing security documentation.
To address this, GitLab leverages AI Questionnaire Automation (AIQA). By learning from GitLab’s established knowledge base, AIQA helps generate more tailored responses to incoming security questionnaires. This allows the Security Assurance team to reduce repetitive manual answering while maintaining consistency across responses.
AIQA complements GitLab’s broader automation strategy by freeing the team to focus on complex assurance conversations that require deeper context and judgment. Combined with self-serve trust access, AIQA plays a key role in GitLab’s 50% reduction in questionnaires year over year and supports faster deal progression.
“We leverage the AI Questionnaire Automation that SafeBase Trust Center by Drata offers… it’s great to learn from the knowledge base we have and use that to give more tailored answers.”
What Drata Unlocked for the GRC Team
- Scaled customer trust delivery without increasing headcount
- Shifted security from a reactive function to a sales enabler
- Enabled global, around-the-clock trust operations
- Improved visibility into customer engagement with trust content
- Created a clear link between security activities and revenue impact
“Trust Center enables us to clearly have a bottom-line link between security activities and the impact on how GitLab is growing as a company.”
Future Outlook
Looking ahead, GitLab plans to continue expanding how customers interact with trust data by leveraging automation and intelligence across the Trust Center. Ayoub highlighted the opportunity to use existing trust data to create more dynamic, tailored assurance experiences.
As GitLab grows globally and enters new markets, automated trust delivery will remain foundational to how the security team supports the business.
“We already have all the data — it’s about plugging it in and making trust even more accessible and tailored.”
Latest Stories
Chart Your Course
Navigate to new worlds of trust with Drata.
Chart Your Course
Navigate to new worlds of trust with Drata.