• Agentic SAST Vulnerability Resolution is now generally available, automatically generating ready-to-merge code fixes and helping resolve vulnerabilities before they reach production.
• Two new agents in GitLab Duo Agent Platform allow teams to stand up a running CI pipeline in minutes and get fast visual answers from live software lifecycle data, eliminating two of the most persistent bottlenecks in software delivery.
• New subscription-level and per-user spending caps for GitLab Credits give organizations control over on-demand AI spend, enabling enterprise-wide rollout of GitLab Duo Agent Platform with predictable cost controls.

All Remote — GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics.

AI-generated code moves faster than the systems around it can keep up with, creating the AI Paradox: faster code generation without faster delivery, security, or operations to match. As code volume grows, so does the backlog of pipelines to configure, security findings to remediate, and delivery questions to answer. GitLab 18.11 helps address those gaps with platform-native agents that have access to the code, pipelines, issues, and security findings already in GitLab.

Agentic SAST Vulnerability Resolution Reaches General Availability

Agentic SAST Vulnerability Resolution is now generally available for GitLab Ultimate customers using GitLab Duo Agent Platform. According to GitLab's 2025 DevSecOps Report, developers spend 11 hours per month remediating vulnerabilities after release, fixing issues that are already exploitable in production. When a SAST scan completes, the agent analyzes confirmed true positives, generates a code fix designed to address the root cause, and opens a ready-to-merge request with a confidence score enabling developers to act without context switching and close vulnerabilities before they reach production.

New Prebuilt Agents for CI and Analytics

For many teams, standing up a first pipeline can be a significant adoption barrier. Teams that want to know how long MRs sit in review or which pipelines are slowing them down have to file a dashboard request or learn a query language. GitLab 18.11 ships two new foundational agents for GitLab Duo Agent Platform that help address both gaps.

The CI Expert Agent, now in beta, inspects a repository, identifies its language and framework, and proposes a build-and-test pipeline in natural language, targeting a running pipeline in minutes, with no YAML written manually.

The Data Analyst Agent, now generally available, answers natural-language questions with fast visual answers about the live software lifecycle data, covering merge request cycle times, pipeline health, deployment frequency, and more. It is available to Free, Premium, and Ultimate tier customers, with GitLab Duo Agent Platform enabled.

Both agents are available on GitLab.com, Self-Managed, and Dedicated, and are part of GitLab Duo Agent Platform.

Usage Controls Give Organizations Predictable AI Spend

New subscription-level and per-user spending caps for GitLab Credits give organizations direct control over on-demand AI spend. Subscription-level caps let billing account managers configure a monthly limit with enforcement controls, while per-user caps ensure no single user exhausts the pool. Together, these controls enable enterprises to deploy GitLab Duo Agent Platform at scale with cost predictability. The GitLab Credits dashboard and Customers Portal give administrators full visibility into usage and cap status.

Usage controls are available for both GitLab.com and Self-Managed customers running GitLab 18.11.

Supporting Quote

• "Much of the AI investment in software development has focused on writing code faster. The bigger opportunity is what comes next," said Manav Khurana, chief product and marketing officer at GitLab. "Agents are only as effective as the context they can access. GitLab 18.11 extends our agents deeper into security, pipelines, and delivery analytics, where that context already lives. That's how GitLab is defining the future of software engineering in the AI era."

About GitLab

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260416605834/en/