[sytse]

Totally agree. With GitLab you can do static and dynamic code analysis, as well as dependency and container scanning on your PR/MR out of the box.

And your security team gets an organization wide overview of the security results as well https://docs.gitlab.com/ee/user/application_security/securit...