GitLab Announces New AI-DevSecOps Platform GitLab 16

GitLab on Monday announced the new GitLab 16 Platform, an advanced and comprehensive AI-powered DevSecOps solution. GitLab 16 includes over 55 improvements and new features. The upgrade is expected to be available soon. GitLab 16 is available to customers globally and has a free, premium, and ultimate plan.

jump to:

What’s new in GitLab 16?

In the GitLab 16 AI-DevSecOps platform, the most notable new technologies include the value stream dashboard, centralized policy management, GitLab dedicated and AI tools to refactor and fix this vulnerability.

Value Stream Dashboard

With new value stream management, users can visualize end-to-end DevSecOps workstreams, manage software development processes, and gain insight into how digital transformation and technology investments are delivering value and driving business results (Figure A,

Figure A

The dashboard enables users with an enterprise-wide view of DevSecOps metrics, cycle times and other critical metrics such as critical vulnerabilities and deployment frequency. GitLab provides actionable reporting on common workflows and metrics, with nothing to install or configure. Those wanting to dive deeper can customize metric tracking using the GitLab Data Store.

“GitLab helps organizations build better, more secure software, increase operational efficiency, and reduce security and compliance risk,” explained David DeSanto, GitLab Chief Product Officer. “GitLab 16 aims to make these results attainable for organizations of every size, from startups to large enterprises, and scale with them as they grow.”

The Value Stream Dashboard can:

• Compare metrics across periods.
• Identify the down trend quickly.
• Reveal security risk issues.
• Dive deep into individual projects or metrics to take action.
• Provide visibility and data access to all stakeholders, from executives to contributors.
• Identify waste and inefficiencies to optimize workflow.
• View and manage end-to-end processes.
• Track flow and acceleration.
• Use DORA4 metrics to benchmark DevSecOps maturity.
• Monitor lead times for change and deployment frequency to measure DevSecOps process efficiency.

supply chain security

GitLab’s existing tools help teams balance speed and security by automating software delivery and securing customers’ end-to-end software supply chains. With GitLab 16, companies will benefit from new security features to start, scale, and secure their software supply chains, as well as gain full visibility into their threat landscape and establish policies to aid compliance (Figure B,

Figure B

New supply chain security features for GitLab 16 include:

• Advanced centralized policy management.
• Extended compliance reports and controls.
• Compliance Dashboard.
• Default SLSA Level 3 certification.

GitLab dedicated: compliance and regulatory technology

GitLab 16 will include GitLab Dedicated. This feature is currently under limited availability and will be made generally available.

GitLab Dedicated is a single-tenant software-as-a-service solution that provides organizations within highly regulated industries with the tools to meet complex compliance requirements. Its main advantage is data residency, isolation and private networking.

With GitLab Dedicated, each single-tenant instance is fully managed and hosted with GitLab data isolation and residency.

“GitLab continues to develop our platform and its capabilities with security and compliance in mind, which is important for highly regulated industries and public sector organizations,” said DeSanto.

DeSanto cited the example of Lockheed Martin. The US defense contractor recently revealed how it streamlined software development and deployment, reduced system maintenance time by 90% and strengthened security by partnering with GitLab and AWS.

AI-powered workflows

GitLab solutions include AI-powered features including code suggestion, this code’s interpretation, this vulnerability’s explanation, and value stream prediction. GitLab adds 16 new AI tools: refactor this code and fix this vulnerability. With these tools, the company uses AI to identify threats, interpret codes, and solve problems using AI technology to predict future cycles of value flows.

GitLab AI-powered workflows can:

• Increase efficiency and reduce cycle time for each stage of the software development lifecycle.
• Ensure confidentiality.
• Support all supply chain teams.
• Accelerate and improve the efficiency of code writing.
• Predict productivity and find anomalies.
• Help to overcome weaknesses.
• Keep the talent up to date by explaining the source code.
• Reflector Code.
• Resolve vulnerabilities automatically.

Moving forward with DevSecOps innovation and AI

GitLab 16 is a direct response to market demands that demand the consolidation of DevSecOps tools and the use of AI to develop better software and ship it faster.

“Dev, sec and ops teams are feeling more pressure when it comes to toolchain management,” DeSanto said. “The economy has disrupted, budgets have tightened, and DevSecOps professionals are being tasked with ‘doing more with less’ as organizations aim to ship software faster and more efficiently.”

GitLab surveyed 5,000 DevSecOps professionals to gain insight on priorities and the state of software development, security, and operations. The 2023 Global DevSecOps report Security Without Sacrifice revealed that 74% of security professionals have abandoned or plan to abandon security in the next three years.

The left shift is a significant change in the way software has traditionally been developed, moving security, compliance, testing, quality and performance evaluation to the earliest stages of software development. The GitLab survey also found that leading developers believe there are too many technology tools. More than half (66%) of those surveyed said they want to consolidate their toolchains.

SEE: DevSecOps: AI is reshaping developer roles, but it’s not all smooth sailing (TechRepublic)

But the major disruptive force in DevSecOps is innovation: 61% of developers say they already use AI and machine learning to test code, up from 51% in 2022. GitLab also found that security, efficiency, and automation were the top benefits of a DevSecOps platform. ,

“GitLab’s new AI-backed and workflow-focused capabilities aim to meet industry demand by helping software developers improve their productivity and the security of their code,” said DeSanto. “AI and machine learning are becoming critical components of DevSecOps workflows.”

In a recent blog about GitLab 16, the company highlighted the features that underpin its AI-assisted features: remote development workspaces, the more powerful GitLab SaaS runner and comment templates, as well as its improved AI-powered code Suggestion.

Top GitLab Alternatives

The top GitLab alternatives in 2023 are Red Hat Ansible Automation Platform, Octopus Deploy, Azure Pipelines, IBM Urban Code Deploy, CloudBees, and Micro Focus Release Control, according to a Gartner Peer Insights review.

See: GitLab CI/CD tools review (TechRepublic)

All major software development solutions are integrating AI tools into their software. With high-rating reviews, vendors compete heavily in the software developers’ market, which is expected to generate $659 billion in worldwide revenue in 2023.

What sets GitLab apart in the software development market?

GitLab sets itself apart from other vendors by providing a unique approach to DevSecOps. It is popular among developers because most of the tools they need are available and built into the platform. Continuous integration, development and upgrade is the key to its success.

Furthermore, GitLab is constantly upgrading and enhancing its platform. The GitLab 16.1 releases are already detailed on the company’s upcoming releases page. GitLab remains highly competitive, with over 30 million registered users and over 50% of Fortune 100 companies using its platform and technologies to develop and ship software.

“We believe the transformative value of AI comes from incorporating it into job functions, not just code generation,” DeSanto said. “Applying AI throughout our product helps us meet industry demands and support customers who want to improve efficiency, integrate security and deliver software at speed-to-market. “