GitLab Enables Broader and More Affordable Access to Agentic AI Across the Software Lifecycle

Key Terms

devsecops technical

DevSecOps is the practice of building security checks into the whole software creation and delivery process instead of treating security as a separate step at the end. For investors, it matters because products that find and fix vulnerabilities earlier tend to ship faster, cost less to maintain, and carry lower risk of damaging breaches or regulatory fines — much like installing quality and safety checks on a car while it’s being assembled rather than after it leaves the factory.

vulnerability report technical

A vulnerability report is a document that identifies weaknesses in a company’s software, systems, products, or processes that could be exploited by hackers, cause failures, or lead to regulatory problems. For investors, it signals potential costs, business interruption, reputational damage, or legal exposure—similar to a home inspection that reveals structural flaws before they become expensive repairs—so investors use it to assess risk and the likely impact on a company’s financial health.

security scanning technical

Security scanning is the automated checking of a company’s computer systems, software and networks for weaknesses, misconfigurations or malicious code that could be exploited to steal data or disrupt operations. For investors it matters because these checks flag vulnerabilities that, if not fixed, can lead to breaches, regulatory fines, costly downtime and reputational damage—outcomes that can directly reduce revenue, increase expenses and hurt a company’s stock value, like a routine health check revealing risks to a business’s digital defenses.

merge requests technical

A merge request is a proposed change to a software project that one developer submits for review before that change is added into the main codebase. Think of it like suggesting an edit to a shared book chapter: others check for errors, compatibility and quality before the edit is accepted. Investors watch merge request activity as a signal of product development pace, code quality, collaboration, and potential risk or speed to release new features.

• Organizations on the GitLab.com free tier can now start using GitLab Duo Agent Platform by purchasing a monthly commitment of GitLab Credits, giving every team access to agentic AI across the full software lifecycle.
• Agentic code reviews now cost a flat $0.25 per review (4 code reviews per GitLab Credit today), making automated code review predictable at any scale.
• Agentic false positive detection for security scanning is now generally available, using AI to automatically score and help explain security findings, reduce alert fatigue, and accelerate remediation.

SAN FRANCISCO--(BUSINESS WIRE)-- All Remote — GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.10, making it easier and more affordable to use agentic AI capabilities across the entire software development lifecycle.

As AI-assisted coding has made it faster than ever to write code, the bottleneck has shifted to the hundreds of software engineering tasks that must happen afterward. GitLab 18.10 helps make it easier for GitLab customers to meet the challenge with simpler adoption, at lower costs and with a higher degree of trust.

GitLab Duo Agent Platform is now available to organizations on the GitLab.com free tier through a GitLab Credits commitment

Organizations on the GitLab.com free tier can now start using GitLab Duo Agent Platform by purchasing a monthly commitment of GitLab Credits. Credits are shared across the group, giving every member immediate access to GitLab Duo Agent Platform without per-seat costs.

The GitLab Credits dashboard gives group owners visibility into which agents and flows consume credits, connecting AI activity directly to software delivery work and helping them monitor costs across the team.

Agentic Code Reviews are now more affordable at scale

Manual code review backlogs can add days or weeks to delivery cycles, creating bottlenecks and slowing innovation. Agentic Code Review automatically reviews merge requests across all groups and projects with the full context of the repository, pipeline, and security policies. At a flat cost of $0.25 per review (4 code reviews per GitLab Credit today), every organization can now enable agentic code review on every change. Compared to the cost of time spent on a manual code review, that could mean substantial savings as review volume grows.

Agentic false positive detection for security scanning is generally available within GitLab Duo Agent Platform

SAST false positive detection is now generally available to GitLab Ultimate customers using GitLab Duo Agent Platform, helping security and development teams better prioritize serious vulnerabilities and remediation. After each SAST scan, GitLab Duo Agent Platform automatically analyzes new critical and high-severity findings, scores them by false positive likelihood, and surfaces that assessment directly in the Vulnerability Report, helping security teams source a faster path to findings that require action, with final control over what gets dismissed.

Supporting Quote

• “Development teams are shipping more code faster than ever, and the AI automation that keeps code secure and ensures it gets safely deployed has to keep pace - running across every project and every group, with the context of the entire platform,” said Manav Khurana, chief product and marketing officer, GitLab. “We’re accelerating access to advanced agentic AI across the software lifecycle for all software teams of all sizes, making it easier to adopt, more affordable to run, and at a greater level of security. Software teams can scale their innovation velocity within their guardrails and budget, on their own terms.”

About GitLab

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260319384861/en/

Christina Weaver

press@gitlab.com

Source: GitLab Inc.