GitLab unveils AI capabilities to help organizations better secure their software
GitLab announced new innovations across the platform to streamline how organizations build, test, secure, and deploy software.
Introducing GitLab Duo Enterprise
GitLab Duo Enterprise, a new end-to-end AI add-on, combines the developer-focused AI capabilities of GitLab Duo Pro—organizational privacy controls, code suggestions, and chat—with enterprise-focused AI capabilities to help organizations proactively detect and fix security vulnerabilities, summarize issue discussions and merge requests, resolve CI/CD bottlenecks and failures, and enhance team collaboration.
A new AI impact dashboard and value stream forecasting capability will give an organization insight into its usage of AI features and their effect on software development lifecycle metrics such as cycle time and deployment frequency.
Organizations can customize GitLab Duo with context from their software projects for model personalization. Additionally, GitLab Duo Enterprise provides the option for self-hosted model deployments to support organizations that cannot connect their secure, air-gapped environments to internet-enabled services. GitLab Duo Enterprise will be generally available to Ultimate customers in the next few months.
Adding a new CI/CD catalog
GitLab also launches a new CI/CD catalog to help organizations improve efficiency and standardize workflows with a centralized portal for customers to discover, reuse, and contribute pre-built CI/CD components. In addition to the public catalog, organizations can create a private catalog to distribute customized pipelines that automate workflows specific to their needs without compromising security.
Additional upcoming GitLab 17 capabilities include:
- Native Secrets Manager to allow customers to store sensitive credentials within GitLab.
- GitLab Dedicated on Google Cloud to assist organizations in meeting complex compliance requirements.
- Static Application Security Testing (SAST) integrations to help improve accuracy, reduce false positives, and quickly identify and resolve application-layer risks.
- Product analytics features to enable customers to understand user behavior patterns, measure product performance, and prioritize feature enhancements.
- Observability capabilities to allow development and operations teams to understand the application impact of a code or configuration change through error tracking, distributed tracing, metrics, and logs.
- Enterprise agile planning capabilities, including enhanced epics, custom fields in issues, Wikis, roadmaps, and objectives and key results (OKRs), to bring non-technical users into the same DevSecOps platform where engineers build, test, secure, and deploy code.
- A Model Registry to enable data scientists to develop AI/ML models on the same platform where engineers build, test, secure, and deploy code.
“Successful adoption of DevOps and DevSecOps requires a complex interrelated set of changes based on people, tools, and personnel. Enterprises are therefore looking for integrated platforms that will enable them to improve and optimize their software development lifecycles at scale,” said James Governor, co-founder, RedMonk. “GitLab 17 responds to this requirement with an end-to-end platform that can be used by software developers, operators, product managers, and machine learning teams. Duo Enterprise is designed to reduce friction for the jobs to be done across all these roles and business functions using generative AI.”
“GitLab continues to revolutionize the way organizations develop, build, secure, and deploy software faster leveraging a comprehensive DevSecOps platform,” said David DeSanto, CPO, GitLab. “GitLab 17 ushers in the future of AI-driven software innovation by removing silos across every team involved in delivering software value, automating tasks and complex workflows, and ensuring security and compliance is built-in from the beginning.”<
source: HelpNetSecurity
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024