Drive secure growth at scale: Your GitLab AI, CI/CD, and customization toolkit

Scaling up to enterprise-level intensifies the demand for rapid, secure software delivery. Large organizations can easily fall into the trap of single-function silos, making collaboration tricky and slowing development. Over the past few months, we've introduced new capabilities for the GitLab AI-powered DevSecOps Platform to help teams address these hurdles, accelerate innovation, ensure compliance, and fortify their digital defenses.

• AI capabilities that reshape speed and security
• A single, enterprise-ready DevSecOps platform
• A customizable solution that fits the way you work

Let’s take a closer look at what we've been working on and how these advancements benefit growing organizations.

Bring the best practices of industry leaders to your team. Join GitLab and Nasdaq for an exciting discussion about AI, DevSecOps, and developer productivity. Register for this webinar today!

AI capabilities that reshape speed and security

AI will transform the way organizations develop software. Our State of AI in Software Development report, released earlier this year, demonstrates this: 83% of DevSecOps professionals surveyed said implementing AI in their software development processes is essential to avoid falling behind competitors.

GitLab Duo is a powerful set of AI capabilities within GitLab’s DevSecOps Platform that helps to speed up development of code, improve operations, and secure software. Since its debut in June, we’ve been steadily expanding the suite of AI capabilities. These now extend across the entire software development lifecycle – from suggesting code, to finding and explaining vulnerabilities in code, to identifying appropriate code reviewers. As enterprises increase code generation, they can avoid potential bottlenecks, such as security checks, further downstream.

For example, we recently released our GitLab Duo Vulnerability Explanation feature into Beta. Typically, vulnerability discovery and mitigation would require a significant amount of back-and-forth between development and application security teams to agree on severity levels and approaches to fix the vulnerability. Vulnerability Explanation alleviates this inefficiency by summarizing detected vulnerabilities and their implications as well as providing in-depth solutions and suggested mitigation within the developer’s workflow, enabling faster resolution and creation of safer code within the development workflow.

For even more efficiency, GitLab Duo Code Suggestions (Beta) helps developers create new code and update existing code faster. GitLab Duo Suggested Reviewers (generally available to all users) helps teams make an informed decision when choosing reviewers that can meet their review criteria.

Learn about all GitLab Duo capabilities.

Watch GitLab Duo capabilities in action.

A single, enterprise-ready DevSecOps platform

Enterprise needs from a software delivery platform are unique. A DevSecOps platform must support the ability to:

• build for speed with adequate security guardrails right from the start
• consolidate to a single platform, but still integrate with your existing solution
• simply adopt and onboard developers, but handle the complexity of scale

GitLab CI/CD is a core way for organizations to meet these requirements. As customers scale their adoption of GitLab, they run millions of CI/CD jobs on a monthly basis. With the efficiency improvements further driven by GitLab Duo, these numbers will likely increase. However, organizations will need to find efficiency opportunities throughout their development and deployment workflows to be able to handle this growth, ensuring that whatever is deploying into production meets their quality, security, and reliability standards.

The GitLab CI/CD Component Catalog, which will soon be released into Beta, solves these problems by enabling organizations to standardize their pipelines and create building blocks in a centralized repository that can be easily discovered, reused, and shared across teams. Enterprises can develop base pipeline configurations with the proper compliance, quality, and security checks already built-in for use across their organization.

Here are some more capabilities aimed at improving the enterprise platform experience:

• The GitLab Runner ecosystem continues to expand as we've recently introduced GitLab SaaS runners on MacOS, xlarge and 2xlarge SaaS Runners on Linux, increased storage on medium and large SaaS Runners on Linux, and GPU-enabled SaaS Runners on Linux for supporting data science workloads.
• GitLab Duo, which was previously only available for GitLab SaaS, is now extended to GitLab self-hosted. Enterprises that prefer to self-host or must self-host due to compliance and regulatory restrictions can now take advantage of our AI features, starting with Code Suggestions.
• Organizations looking at using GitLab Packages as their consolidated package registry can now import packages from their current package registries like Maven Central or Artifactory. GitLab supports importing Maven, npm, NuGet, and PyPI package types into GitLab, with many more package formats to follow.

A customizable solution that fits the way you work

As companies grow, there is an increasing need to personalize development and deployment settings and provide distinct visibility into the DevSecOps lifecycle to users beyond the immediate DevSecOps teams. GitLab is designed to function effectively with minimal adjustments, yet it offers the flexibility to be tailored to the requirements of expanding organizations.

Our recent developments, including changes to product navigation, are driven by comprehensive user research. We recognize that each organization and its individual users have unique, preferred workflows. Our updated navigation features, such as pinning frequently accessed items, visualizing work, and simplifying navigation through fewer top-level items, empower DevSecOps teams to align the platform with their optimal environment and workflow.

Watch the new and simplified navigation in action.

Here are some other highlights:

• In addition to overhauling the navigation, we introduced the rich text editor by providing a “what you see is what you get” editing experience. The rich text editor is now available in all issues, epics, and merge requests.
• GitLab offers six out-of-the-box roles, but for many enterprises this was not enough. Some roles gave too much permission, while others didn’t grant enough permissions to complete a task. Enterprises needed a way to define their own roles – leading to customizable roles, which gives GitLab administrators the ability to define roles with granular permissions suited for their needs.
• GitLab Value Streams Dashboard ensures that all stakeholders have visibility into the progress and value delivery metrics associated with software development and delivery. To align with customers’ needs to customize the data viewed and the appearance, we introduced new velocity metrics and the ability to customize the appearance and data to adjust metrics based on their areas of interest, filter out irrelevant information, and focus on the data that is most relevant to their analysis or decision-making process.

The enterprise awaits — get growing today

Organizations on a growth trajectory need a way to sustain that growth. They'll need to leverage the capabilities of AI to generate code faster — but they can't sacrifice quality or security. Organizations will also need to set standards for development and deployment that extend across the enterprise, and every user will need a clear and customizable view of the DevSecOps lifecycle. As we bring new capabilities into the GitLab DevSecOps Platform, we will continue to support these enterprise-class needs.

Bring the best practices of industry leaders to your team. Join GitLab and Nasdaq for an exciting discussion about AI, DevSecOps, and developer productivity. Register for this webinar today!

Disclaimer: This blog contains information related to upcoming products, features, and functionality. It is important to note that the information in this blog post is for informational purposes only. Please do not rely on this information for purchasing or planning purposes. As with all projects, the items mentioned in this blog and linked pages are subject to change or delay. The development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab.