Secure
Integrate third-party scanner results with GitLab (GA)
Any scanner that outputs SARIF now runs under your GitLab policies across every project, so the security tools you already use give you coverage you can prove.
Monthly releases, developer resources, and the latest from the GitLab team.
SARIF scanner results now flow into GitLab vulnerability management alongside native findings, with auto-remediation through GitLab Duo Agent Platform. Admins control which AI models run, which tools agents can call, and where audit events stream.
Now you can bring SARIF scanner results into every security view, cut false positive noise with AI-powered secret detection analysis, and close the governance gap with AI audit event streaming.
New event-driven triggers, admin controls, flow config validation, and model selection make it easier to control what runs in your environment and trust automation without supervision.
We are excited to recognize Pishel65, a Level 3 contributor with 19 merged MRs and 9 more open since joining in October 2025.
Planned features across upcoming releases. Plans subject to change.
GitLab Orbit (external agents) GA
AI
Manage
Duo Developer 2.0
AI
Code
AI Pipeline Builder
AI
Verify
Duo CLI GA
AI
Manage
MCP Server for Free Users GA
AI
Manage
Duo Agent Platform Memory
AI
Manage
AI Pipeline Builder
AI
Verify
Spec-Driven Development with the Agent Plan workstream
AI
Plan
Composable Flows and Agents in DAP
AI
Manage
GitLab Duo Slack Integration
AI
Manage
Visual Flow Editor
AI
Manage
Create Stage Trigger Expansion
AI
Code
Maven and npm Virtual Registry GA
Package
Deploy
Docker Virtual Registry GA
Package
Deploy
Source Code Templates
Code
Native CODEOWNERS reviewer auto-assignment
Code
Project-level Epics
Plan
Organization sign-in
Manage
GitLab Secrets Manager GA
Secure
Build
Fine-grained Personal Access Tokens GA
Manage
Scheduled pipeline execution policies GA
Secure
Manage
Auto-remediation with automatic dependency bumping (Beta)
Secure
Agentic Bulk Vulnerability Resolution (Beta)
Secure
AI
Vulnerability management across contexts (non-default branch tracking)
Secure
Analyze
Security policy integration with security attributes
Secure
Manage
Custom rules for secret detection
Secure
SLSA verification and container image signing
Secure
Build
Be the first to know when new features ship
Introducing GitLab Orbit: Full code and lifecycle context, in one query
GitLab Flex: Commit once, reshape your seats and AI spend
Agentic coding is only as good as its context
Claude Code and GitLab: Three workflows that ship
Codex and GitLab: From code fix to production
Ericsson Cuts Deployment Time 50% With GitLab to Deliver Faster Value to its OSS/BSS Customers
Multinational banking giant Barclays 'supercharges' innovation with GitLab
Join the list and be the first to know what's new with GitLab: the latest product updates, episodes of The Developer Show, and GitLab events.
All fields required