GitLab 18.2 enhances software supply chain security with two new features: Security Inventory and Dependency Path visualization. Security Inventory offers Application Security teams a unified, portfolio-wide view of risks and scan coverage across their GitLab groups and projects. This helps them identify security blind spots and prioritize mitigation efforts. Dependency Path visualization aids developers by clearly showing how open source vulnerabilities are introduced through the dependency chain. This makes it easier to pinpoint the exact source of a vulnerability and apply the correct fix. These combined capabilities improve application security by providing visibility into risks and context for remediation within a single platform. Modern applications heavily rely on open source software, which introduces security risks from outdated or vulnerable components. Managing transitive dependencies, which are indirectly used packages, is a significant challenge. These nested dependencies can introduce vulnerabilities without developers' knowledge, and they account for a large percentage of known open source vulnerabilities. Security Inventory consolidates fragmented risk information into a single source of truth, enabling strategic security governance. Dependency Path visualization clarifies the full route of a vulnerability from a top-level package to the affected component, simplifying remediation for developers. By integrating these security insights into the DevSecOps workflow, GitLab reduces friction and fosters collaboration between development and security teams.