GitLab 18.10 and 18.11: Practical AI-driven DevOps

Beyond the Hype: GitLab 18.10 and 18.11 AI Innovations in Practice

Teams tasked with delivering software in regulated industries or managing complex, distributed development face a constant battle: innovate faster while maintaining strict compliance and controlling costs. The headline features of GitLab 18.10 and 18.11, particularly around AI, might seem like distant future concepts, but for many of our clients, they offer immediate, tangible solutions to these very real problems. It’s not just about a new version number; it’s about how these updates transform daily operations.

Agile Planning That Actually Works for Complex Projects

Let’s start with agile planning. Many organisations struggle with fragmented views of work, especially when dealing with multiple teams, microservices, or external dependencies. The new work items list and saved views in GitLab 18.10 (as highlighted in GitLab’s blog on agile planning) are more than just UI enhancements. For a programme manager overseeing a critical financial application with several interdependent teams, this means finally consolidating different work item types (epics, issues, tasks, incidents) into a single, customisable view. Imagine being able to create a saved view that immediately shows all outstanding compliance-related tasks across five different projects, or drill down into high-priority bugs impacting a specific release train. This reduces the time spent collating data from disparate sources by hours each week, improving decision-making speed and accuracy.

Our advice to enterprise clients is to designate a few early adopters within programme management or team leadership roles to leverage these saved views. Start with a common dashboard they need daily, build out the saved view, and then standardise it for wider adoption. This helps to ingrain a consistent approach to work visibility, which is crucial for larger organisations.

AI-native Security: More Than Just Buzzwords

The security features introduced in GitLab 18.10 and 18.11 are particularly interesting for our DevSecOps clients. AI-native triage and remediation, alongside SAST false positive detection (detailed in GitLab’s release post on 18.10 and AI-native triage), address a pervasive issue: alert fatigue. Security teams in regulated environments are drowning in SAST findings, many of which are false positives or low-priority issues that don’t warrant immediate developer attention. When a developer has to sift through hundreds of irrelevant alerts, the important vulnerabilities get missed.

With AI-powered false positive detection, the system can intelligently filter out the noise, allowing developers to focus on genuine threats. Even more impactful is the automated remediation with ready-to-merge AI code fixes (as seen in the 18.11 updates). For a 20-person dev team, this translates directly to faster secure coding. Instead of context-switching to research a vulnerability and craft a fix, the developer gets a proposed solution as a merge request, ready for review. This significantly reduces the cognitive load on developers and accelerates the feedback loop in DevSecOps.

We recommend integrating these AI-driven security features carefully. Start by analysing the types of false positives your teams routinely encounter and use the AI capabilities to address those. Monitor the accuracy and developer acceptance of AI-generated fixes, and iterate. The goal is to augment your security professionals, not replace them, freeing them to tackle more complex architectural security challenges.

The Agentic AI Era: Empowering Developers (and Managing Costs)

GitLab’s push into agentic AI with GitLab Duo Agent Platform, and specifically with Duo CLI and new AI agents like CI Expert and Data Analyst (blog posts on Duo CLI and new AI agents), represents a significant shift. The idea that AI can not only write code but also proactively assist across the entire development lifecycle – from debugging pipelines to optimising CI/CD – is powerful. Making these capabilities available to free-tier users via GitLab Credits (GitLab’s announcement on agentic AI for more teams) democratises access to advanced AI.

However, a key concern for any enterprise adopting AI is cost. The introduction of budget guardrails for GitLab Credits in 18.11 (view details here) is a welcome and necessary feature. For a large organisation, uncontrolled AI consumption can quickly become an unexpected expense. These guardrails provide financial oversight and predictability, allowing platform teams to allocate AI resources effectively and prevent bill shock. This is particularly relevant for those exploring integration with platforms like Google Cloud’s Vertex AI, as mentioned in GitLab’s partnership article, where usage scales rapidly.

When considering agentic AI, organisations should pilot these features with specific use cases where developers spend significant time on repetitive, non-coding tasks, such as pipeline troubleshooting or data analysis related to code changes. Before broad rollout, establish clear usage policies and utilise the new budget guardrails to manage costs effectively. This proactive approach ensures that AI adoption delivers value without creating financial surprises.

The advancements in GitLab 18.10 and 18.11 are not just incremental updates; they represent a strategic evolution towards a more intelligent, automated, and secure DevSecOps platform. For UK enterprises navigating tightening compliance, skills shortages, and the pressure to deliver faster, these features offer concrete tools to improve efficiency, reduce risk, and control costs. Understanding how to integrate these capabilities effectively into your existing workflows is key to unlocking their full potential.

At https://gitlab.consulting/en-gb, we help organisations strategise and implement these kinds of advanced GitLab features. If you are looking to optimise your DevSecOps pipelines, improve your security posture with AI, or better manage your GitLab investment, we can help.

Ready to transform your DevOps practices with the latest GitLab innovations? Contact us today to discuss your specific needs and challenges. Fill out our contact form at: https://ideaweb.wufoo.com/forms/zjeumkx15fnqbs/ you want to achieve.

• Unlocking AI potential in GitLab 18.10 and 18.11
• GitLab 18.10: AI-Native Triage, Remediation & Free-Tier Credits for UK Teams
• GitLab 18.10: new agile and AI features for competitive advantage
• GitLab Credits Now Available: Streamline Billing and Resource Usage
• Simplified Vulnerability Triage with GitLab’s Security Analyst Agent