GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-source models, and supply chain visibility enhancements. Engineering organizations shipping more code than ever are confronting the AI Paradox firsthand, as the surrounding workflows for securing credentials, reviewing and merging changes, enforcing pipeline standards, and running…
Tag: GitLab
AI, Compliance, Global Security News
GitLab Deepens Integration with Anthropic’s Claude Models to Accelerate Secure Software Development
COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call Anthropic’s newest Claude models, with every action governed by GitLab’s existing compliance, audit, and policy framework; no separate governance layer required. Enterprises can access Claude models, including the newly released Claude Opus 4.7, through GitLab via Google Cloud and AWS Bedrock to route…
AI, Endpoint, Global Security News
GitLab Collaborates with AWS to Bring Agentic DevSecOps to Enterprise Teams Using Their Existing Amazon Bedrock Accounts and Spend
COMPANY NEWS: Customers can route GitLab Duo Agent Platform inference through Amazon Bedrock models already running in their AWS accounts without new vendor onboarding or model endpoints. GitLab Credits purchased through AWS Marketplace count toward existing AWS spending commitments. GitLab’s Bring Your Own Model (BYOM) capability for Self-Managed customers lets teams connect their self-hosted AI…
AI, Global Security News
GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics. AI-generated code moves faster than the systems around it can keep up with, creating the AI paradox: faster code generation without faster delivery, security, or operations to match. As code volume grows, so does…
AI, Compliance, Global Security News
GitLab Collaborates with Google Cloud to Bring Agentic DevSecOps to Enterprise Teams Using Vertex AI
COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call foundation models through Vertex AI, including Gemini models, with agent actions governed by GitLab’s built-in compliance and audit controls. Organisations can run GitLab’s AI Gateway on Google Cloud with no separate AI infrastructure to provision or manage. Customers with Google Cloud commitments can…
AI, Compliance, Global Security News
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of those conditions by scanning pipeline configuration and repository settings directly. What Plumber checks Plumber reads a…
AI, Global Security News
GitLab Enables Broader and More Affordable Access to Agentic AI Across the Software Lifecycle
COMPANY NEWS: Organisations on the GitLab.com free tier can now start using GitLab Duo Agent Platform by purchasing a monthly commitment of GitLab Credits, giving every team access to agentic AI across the full software lifecycle. Agentic code reviews now cost a flat $0.25 per review (4 code reviews per GitLab Credit today), making automated…
AI, Global Security News, malware, Network Security
North Korean fake IT worker tradecraft exposed
Research from GitLab has exposed the latest tradecraft behind North Korean fake IT worker scams. GitLab banned 131 North Korean-attributed accounts last year, most of which involved JavaScript repositories that acted as resources in the so-called Contagious Interview campaign. In most cases, GitLab projects acted as obfuscated loaders for malware payloads — such as BeaverTail…
AI, Compliance, Cybersecurity, Global Security News
GitLab Expands MSP Program for AI-Driven DevSecOps
GitLab is expanding its managed services strategy with a new MSP partner program designed to help providers deliver agentic AI capabilities across the full software development lifecycle while addressing enterprise data sovereignty and compliance requirements. GitLab targets enterprise demand for agentic AI across the software lifecycle Enterprises are accelerating AI adoption but often encounter bottlenecks…
AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2021-22175 (CVSS score 6.8) GitLab Server-Side Request Forgery (SSRF)…