Highlights:

  • GitLab selected Google Cloud for this partnership due to its potent enterprise AI technology’s foundation and capacity to safeguard users’ security and privacy while AI data is being trained.
  • Given that generative AI can understand both code and natural language, the GitLab product suite can act as a translator between humans and software while conducting the necessary research to describe the underlying flaws clearly.

GitLab Inc., a DevSecOps company, recently announced the expansion of its collaboration with Google Cloud to provide new generative AI-powered features for developers directly within its platform while upholding security and privacy standards.

The technology behind Google Bard and OpenAI LP’s ChatGPT chatbot is generative AI. It can produce reports, summarize lengthy documents, conduct research, produce insights, write software code, and even have human-like conversations from large training data sets.

GitLab selected Google Cloud for this partnership due to its potent enterprise AI technology’s foundation and capacity to safeguard users’ security and privacy while AI data is being trained. Keeping its users’ source code and intellectual property in its cloud and adhering to a privacy-first approach to software development will enable GitLab to uphold its commitment to its users while still utilizing the AI capabilities of Google Cloud.

GitLab will have access to the Vertex AI platform for managed machine learning on Google Cloud, which according to Google, can train AI models with 80% fewer lines of code than competing platforms. It offers the same toolkit that Google internally uses and offers GitLab strong training capabilities to build its features.

Chief Product Officer David DeSanto at GitLab said, “GitLab’s vision for generative AI is grounded in privacy, security, and transparency. Our partnership with Google Cloud enables GitLab to offer private and secure AI-powered features, while maintaining customer data in our cloud infrastructure.”

“Explain this Vulnerability,” a feature that enables developers to comprehend vulnerabilities in their code by describing the issue in natural language, will be the first new feature to join the GitLab product suite using Google Cloud’s generative AI models. When the problem is discovered, it will give them access to a wide range of remediation options, research, and recommendations, allowing them to decide how to address the problem quickly.

Given that generative AI can understand both code and natural language, the GitLab product suite can act as a translator between humans and software while conducting the necessary research to describe the underlying flaws clearly. It is thus a suitable security assistant for operations teams, security experts, and development teams. This makes it a cross-disciplinary tool that can find and fix issues and assist clients in accelerating delivery times.

According to GitLab, customers’ DevSecOps lifecycle workflows can benefit greatly from using AI-assisted tools by reducing the tediousness of discovery and research. These tools give developers and security experts more time to focus on their work while the AI handles tedious tasks.

According to GitLab’s 2023 DevSecOps Report: Security Without Sacrifices, 62% of developers use AI and machine learning to check code, up from 51% in 2022.

Vice President of cloud AI and industry solutions at Google Cloud, June Yang, stated, “Organizations today are required to deliver software faster than ever before to remain competitive while requiring a stronger security posture.” More developers and security teams are turning to AI and machine learning tools to make their jobs easier, turn the tide against security issues, and stay on task.

“Explain this Vulnerability” will be joining several GitLab features that already use artificial intelligence and machine learning, such as Code Suggestions, which offers suggested code during the development process, and Suggested Reviewers, which suggests potential reviewers before code is reviewed. GitLab is also testing much more sophisticated features like Explain this Code, Summarize Issue Comments, and Summarize Merge Request Changes, all geared toward making developers’ daily tasks less tedious.