GitLab reveals AI-driven updates for enhanced DevSecOps platform

GitLab has unveiled a series of new innovations aimed at enhancing its AI-powered DevSecOps platform. This platform is designed to aid organisations in building, testing, securing, and deploying software. Among these innovations is GitLab Duo Enterprise, an AI-centric add-on that operates across all stages of the software development lifecycle.

GitLab Duo Enterprise merges existing developer-focused AI functionalities with new features tailored to enterprise needs, such as organisational privacy controls, code suggestions, and enhanced collaboration tools. These capabilities include the proactive detection and fixing of security vulnerabilities, summarisation of issue discussions, resolution of CI/CD bottlenecks, and improved team cooperation.

A noteworthy addition to the suite is the AI Impact Dashboard and value stream forecasting capabilities. These tools enable organisations to measure the effect and return on investment of their AI features, providing insights into key metrics such as cycle time and deployment frequency. GitLab Duo Enterprise also supports self-hosted model deployments, which is beneficial for organisations that require secure, air-gapped environments without an internet connection. The tool is expected to be available to Ultimate customers in the coming months.

Another major introduction is the CI/CD catalog, which provides organisations with a centralised portal for discovering, reusing, and contributing pre-built CI/CD components. This launch intends to improve operational efficiency and standardise workflows. Organisations can also create private catalogs to distribute customised pipelines tailored to their specific needs, maintaining high security standards.

Upcoming capabilities in GitLab 17 include a Native Secrets Manager for securely storing sensitive credentials within GitLab and GitLab Dedicated on Google Cloud, which aims to help organisations meet intricate compliance requirements. Other enhancements feature Static Application Security Testing (SAST) integrations to improve accuracy and reduce false positives, along with new product analytics features for understanding user behaviour, measuring performance, and prioritising feature developments.

Further advancements include observability features to help development and operations teams track errors, metrics, and logs, understanding the impact of code or configuration changes. Enterprise agile planning capabilities are also being introduced, which include enhanced epics, custom fields in issues, wikis, roadmaps, and objectives and key results (OKRs) to bring non-technical users into the DevSecOps platform. Additionally, a Model Registry will enable data scientists to develop AI/ML models on the same platform used by engineers for building, testing, and deploying code.

James Governor, co-founder of RedMonk, remarked that successful DevOps and DevSecOps adoption relies on integrated platforms that improve software development lifecycles at scale. He noted that GitLab 17 meets this need by offering an end-to-end platform utilised by various teams, including developers, operators, product managers, and machine learning experts.

David DeSanto, Chief Product Officer at GitLab, commented that GitLab continues to transform how organisations develop, secure, and deploy software by leveraging its comprehensive DevSecOps platform. He emphasised that GitLab 17 paves the way for AI-driven software innovation by removing silos, automating tasks, and ensuring built-in security and compliance.