IT Brief US - Technology news for CIOs & IT decision-makers
United States
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
DevOps
#
Digital Transformation
#
DevSecOps

GitLab 18 debuts with AI-native features for DevSecOps teams

Today
Author image
By Melania Watson, Interview Editor

GitLab has announced the launch of GitLab 18, featuring AI-native capabilities integrated into its platform alongside enhancements in DevOps, security, and compliance workflows.

With this new release, Premium and Ultimate customers can access AI-powered Code Suggestions and Chat within their chosen source code editor or integrated development environment at no additional cost.

These features are designed to improve real-time code completion and offer instant code explanations, refactoring suggestions, test generation, and code fixes.

GitLab stated that these AI-native capabilities are intended to enhance the efficiency of scaling organisations by delivering secure source code management, advanced CI/CD, and a better developer experience, all without the need for separate tools, additional licensing, or separate governance processes.

Premium customers now have the option to purchase GitLab Duo Enterprise, which was previously available only with an upgrade to Ultimate.

Duo Enterprise includes an array of AI-driven features to support team collaboration and context-aware assistance throughout the software development lifecycle.

Improvements to the platform also focus on DevSecOps workflows. GitLab 18 introduces built-in artifact management, supporting maintenance of artifacts, packages, and containers. Features include a new virtual registry for Maven and immutable tag management, facilitating greater consolidation onto a single platform.

The platform's Continuous Integration and Continuous Deployment (CI/CD) capabilities have been enhanced with structured inputs, modular pipeline management, streamlined artifact handling, and change detection.

GitLab said these changes are aimed at providing more secure ways to configure parent and child pipelines as well as optimising pipeline execution.

In addition, the GitLab Query Language enables users to search, filter, and embed content across the platform, with the intention to bolster reporting, project management, and team collaboration.

Security and compliance features in GitLab 18 have also been expanded.

The addition of custom compliance frameworks offers pre-configured controls for standards such as SOC 2, ISO 27001, and CIS benchmarks. Organisations can also define, implement, and enforce custom compliance controls as required.

A new reachability analysis function for dependencies aims to improve detection accuracy, reduce false positives, and focus on exploitable code. Advanced Static Application Security Testing (SAST) in this release allows for custom logic, enabling assessments tailored to an organisation's libraries, technology stacks, or security requirements.

The platform now offers vulnerability dashboards that provide comprehensive insights into security posture at both organisation and application levels, with robust filtering and reporting for tracking trends and pinpointing critical findings.

Support for FIDO passkeys has been added, allowing for biometric authentication, device PINs, and YubiKeys and, therefore, offering a more secure login experience. A security policy impact assessment feature also provides context for policy changes, with a "warn mode" so that developers can understand new requirements without blocking merge requests.

Felix Kortmann, Chief Technology Officer at Ignite by FORVIA HELLA, said: "For us, as GitLab users, Duo's intelligent code suggestions have become a daily asset for our developers. Combined with the chat feature, it allows for immediate feedback and iteration, resulting in faster development cycles and a more secure codebase. It's a seamless and powerful addition to our workflows."

Andrei Nita, Chief Technology Officer at McKenzie Intelligence Services, commented: "GitLab has already been instrumental in eliminating our reliance on a fragmented toolchain, which cut costs from disconnected solutions, and streamlined our workflow."

"Enhancing GitLab Premium with Duo will give us even greater efficiency and cost savings as our developers spend less time on routine coding tasks and more time tackling complex challenges that drive real business value."

David DeSanto, Chief Product Officer at GitLab, said: "Today's fragmented landscape of AI point solutions creates unnecessary complexity for development teams."

"By natively integrating the essential capabilities of GitLab Duo Code Suggestions and Chat directly within the GitLab DevSecOps platform, we're eliminating the need for separate tools, licenses, and governance structures. This unified approach enables teams to accelerate their workflows and improve productivity while maintaining security and compliance standards."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Most faculty lack tools & training for accessible content
Databricks to acquire Neon for AI-driven serverless Postgres
Alteryx unveils unified AI suite to streamline data analytics
Deliverect unveils AI platform to reduce refund fraud in eateries
Dext launches AI Vault & Self-Employed tools in North America
Top stories
Boomi acquires Thru to enhance secure file transfer platform
TCS ranked 45th most valuable brand globally, valued at USD $57.3bn
NextWave & Diffblue join forces to transform testing in finance
Tenable One unifies risk data with new connectors & dashboards
Xensam launches DataBridge to unify enterprise software data