GitLab Extends Agentic AI With New Automation for Security, Pipeline Setup, and Delivery Statistics
San Francisco – GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.11, which extends agent AI across the software lifecycle through security optimization, pipeline configuration, and delivery analysis.
AI-generated code moves faster than the surrounding systems can keep up with it, creating the AI Paradox: fast code generation without fast delivery, security, or consistent performance. As the volume of code grows, so does the backlog of pipelines to be fixed, security findings to be addressed, and delivery questions to be answered. GitLab 18.11 helps address those gaps with agents from the platform who can access code, pipelines, issues, and security findings already in GitLab.
Agenttic SAST Vulnerability Resolution Reaches General Availability
Agentic SAST Vulnerability Resolution is now available for GitLab Ultimate customers using the GitLab Duo Agent Platform. According to GitLab’s 2025 DevSecOps report, developers spend 11 hours per month fixing vulnerabilities after a release, fixing issues that are already deployed in production. When the SAST scan is complete, the agent analyzes the confirmed true positives, generates code fixes designed to address the root cause, and opens a ready-to-compile application with a trusted result that allows developers to act without changing context and close vulnerabilities before they reach production.
New Prebuilt Agents for CI and analytics
For many teams, standing the first pipeline can be a significant barrier to adoption. Groups that want to know how long MRs stay in review or what pipelines they are reducing should apply for the dashboard or read the query language. GitLab 18.11 ships with two basic GitLab Duo Agent Platform agents that help solve both gaps.
The CI Expert Agent, now in beta, explores the repository, identifies its language and framework, and suggests a natural language build and test pipeline, targeting a pipeline that runs in minutes, without hand-written YAML.
Data Analysis Agent, now generally available, answers natural language questions with quick visual answers about software lifecycle data, including application cycle times, pipeline health, deployment frequency, and more. Available to Free, Premium, and Ultimate tier customers, with GitLab Duo Agent Platform enabled.
Both agents are available on GitLab.com, Self-Managed, and Dedicated, and are part of the GitLab Duo Agent Platform.
Usage Controls Give Organizations Predictable AI Revenue
The new subscription level and per-user usage rates for GitLab Credits give organizations direct control over on-demand AI usage. Subscription level caps allow payment account managers to configure monthly limits with enforcement controls, while per-user caps ensure that no single user depletes the pool. Together, these controls enable enterprises to deploy the GitLab Duo Agent Platform at scale with predictable costs. The GitLab Credit Dashboard and Customer Portal provide administrators with full visibility into usage and cap status.
Deployment controls are available for both GitLab.com and self-managed customers running GitLab 18.11.
