GitLab Expands Industry Leading DevSecOps Platform with 13.0 Release

Unified Development, Operations and Security Capabilities Enable Organizations to Adapt and Respond to Dynamic Business Challenges

Today GitLab, the single application for the DevOps lifecycle, is releasing 13.0 building upon its industry leading DevSecOps platform to enable organizations to efficiently adapt and respond to new and dynamic business challenges. With the 13.0 release, GitLab is adding new development, planning, analytics, operations and security-focused features - such as epic hierarchy on roadmaps, design collaboration, and vulnerability management - to help organizations identify bottlenecks and waste, break down functional silos and focus on delivering business value without sacrificing security or compliance. Also with this release, Gitaly Clusters will become generally available to ensure that Git repository storage has a warm replica ready to take over if an outage occurs while Auto DevOps has been extended to simplify deployment to Amazon Web Services (AWS).

“Drawing from years of expertise, GitLab runs the world's largest all-remote DevOps software company. Our customers often wonder how we continually iterate on new changes, features and capabilities to quickly make improvements to the product on a monthly basis. The answer is simple - we use GitLab,” said Scott Williamson, executive vice president of product at GitLab. “The 13.0 release is a key milestone in providing our customers with a more mature end-to-end DevSecOps solution that efficiently and confidently responds to today’s unique business challenges.”

With the 13.0 release and beyond, GitLab continues to expand its complete open core DevOps platform including source code management (SCM) and continuous integration (CI), delivered as a single application, to help organizations better achieve business agility, rapid collaboration, and security and compliance. Together with its ever-growing community of channel and technology partners, GitLab is helping organizations everywhere improve their resilience, responsiveness and product velocity.

Optimize for Efficiency to Achieve Agility

As many businesses strive to be more responsive and efficient, GitLab helps streamline existing software development processes to bring siloed teams together into a unified DevSecOps platform. Key focus areas and development features include:

• [

](https://about.gitlab.com/solutions/value-stream-management/): Helps users quickly identify bottlenecks and waste. Value Stream Analytics now supports customization, allowing organizations to tailor the feature to their specific workflow. Soon, the ability to visually depict Value Stream Analytics stages as a flow will also simplify this effort.

• [

](https://about.gitlab.com/releases/2020/04/22/gitlab-12-10-released/#create-and-view-requirements-in-gitlab): Released in 12.10, GitLab now allows users to create and manage specified requirements for a user’s applications. GitLab will continue to evolve these capabilities with added traceability between requirements, creating a seamless workflow to visually demonstrate completeness and compliance.

• [

](https://docs.gitlab.com/ee/user/project/releases/): Gives users a seamless workflow for managing their software releases including visual queues for release managers to ensure completeness and traceability of all artifacts to ensure compliance.

• [

](https://docs.gitlab.com/ee/operations/feature_flags.html): Allows users to harness the cycle-time compression of progressive delivery by dynamically toggling certain functionalities to test desired impact. Upcoming releases will enable A/B testing based on Feature Flags along with the ability to create feature flags from merge requests and to filter feature flags by status.

Rapidly Collaborate and Unify Development, Design, Security, and Operations

A shared view of software from development through production can unite a team's efforts toward common business goals and achievements. GitLab builds upon existing capabilities that help with collaborative development, reporting and organizing and managing work via epics, milestones and more. New and upcoming collaboration and reporting features include:

: The Operations dashboard is more customizable allowing multiple variables and security dashboards are now exportable for collaboration beyond GitLab users. Future releases will add Kubernetes Clusters to the dashboard to show, at a glance, all clusters and pods in use.
*

: GitLab’s best-of-breed Source Control and CI capabilities have attracted operations teams utilizing Infrastructure as Code practices to Gitlab. GitLab provides more native experiences for Kubernetes and HashiCorp Terraform but will continue to evolve first-class experiences for defining infrastructure right alongside code.
*

: GitLab moved design management to core recognizing users who are designing products as individual contributors.
*

: Allows DevOps organizations to truly embrace collaboration between development and operations teams by routing their existing monitoring alerts to GitLab for alert triage and incident resolution with all the rich context from development activities.

End-to-End Security and Compliance

Shifting security left by embedding application security testing within CI can help businesses embrace security and compliance controls end-to-end in the software development lifecycle. This also helps reduce risk while freeing up resources to focus on critical business needs. GitLab offers static application security testing (SAST), secrets detection, dynamic application security testing (DAST), dependency scanning, container scanning, and license compliance scanning, all included in GitLab’s continuous integration/continuous delivery (CI/CD) platform within the Ultimate/Gold tier offering. New and upcoming security and compliance features include:

• [

](https://gitlab.com/gitlab-org/gitlab/-/issues/13561): Rearchitects the way we manage vulnerabilities to unlock even more robust future capabilities to help users prioritize and manage vulnerabilities and their associated risk.
*

: By becoming a Common Vulnerabilities and Exposures (CVE) ID Numbering Authority (CNA), GitLab users can request a CVE from GitLab, either for GitLab itself or for any project hosted on GitLab.com. In the future, CVE IDs will be able to be requested directly from within the GitLab UI.
*

: To broaden the appeal to even more users, 13.0 offers SAST for .NET Framework and expands support for offline environments initially introduced in 12.10, along with DAST scans for REST APIs, and full commit history scan for secrets for even greater detection. Also, fuzz testing support will be introduced later this year.

• [

](https://about.gitlab.com/direction/govern/): A minimal viable change (MVC) for the integration of cloud-native security solutions for container behavior analytics provides visibility and protection into a user’s kubernetes environment. The addition of an out-of-the-box network policy set is planned for an upcoming release.

• [

](https://about.gitlab.com/direction/govern/compliance/compliance-management/): Allows users to automate the ability to establish a compliance framework, adopt its regulatory controls, and simplify audit reporting. Along with this, we are working on an initial security policy user interface to simplify security guardrails.

• [

](https://about.gitlab.com/direction/release/secrets_management/): Builds upon prior integration work and will soon give users the ability to secure secrets across services.

• [

](https://about.gitlab.com/releases/gitlab-com/#okta-scim-integration-application-for-gitlabcom): When Okta SCIM (System for Cross-domain Identity Management) is provisioned for a GitLab group, membership of that group is now synchronized between GitLab and Okta reducing administrator time.

Enhance Customer Resiliency with the Partner Community

With the expansion of the GitLab Partner Program announced in April, GitLab is in a unique position where its technology and channel partnerships add complementary value around the GitLab product and joint customers’ ability to respond to the ever changing environment. Integrations with the major cloud providers, technology partners and channel partners’ service offerings enhance GitLab’s collective offerings to joint customers. Bringing this together, enables customers to be more responsive and resilient at a holistic level.

Availability

GitLab 13.0 release will be available starting May 22nd. To update a self-managed instance, visit about.gitlab.com/update for detailed instructions. GitLab.com is automatically updated by GitLab. For more information on the features and capabilities in the GitLab 13.0 release, watch the video overview.

GitLab Velocity

With nearly 105 consecutive monthly releases, GitLab continually iterates on its platform, earning its acknowledgement as the leading, single application for the DevOps lifecycle. Leveraging the power of the growing GitLab community of more than 3,000 active contributors, millions of open source users and over 100,000 organizations, GitLab delivers customer-driven product innovation through collaboration and contributions from the community. The company has grown a team that is more than 1,280 strong across over 65 countries and regions and achieved year-over-year growth in annual recurring revenue (ARR) of 116%, which increased total ARR to $100M.

GitLab recently placed 35th on Forbes’ 2020 list of America’s Best Startups for Employers, made the Inc.’s Best Workplaces of 2020 for the second year in a row, was recognized as a “451 Firestarter” by 451 Research, positioned as a Niche Player in the 2020 Gartner Magic Quadrant report for Application Security Testing (AST) and received two DeveloperWeek DEVIES awards for Best Innovation in Development platforms and Best Innovation in Coding Platforms.

Supporting Quotes

"A business-driven DevOps transformation is a challenging, but rewarding, process to go through. It touches technology, process, people, and culture. Gitlab is the partner that CI&T was looking for to take care of the technology component of this equation. We are confident that we have an even stronger value proposition to our customers with this partnership.” -

“GitLab recognizes the value of a single application for the entire DevSecOps lifecycle. Now that GitLab has become a CNA, they will encourage more engagement with security researchers and allow GitLab users to more quickly trap and remediate security issues.” -

“Together, HashiCorp and GitLab’s complementary products are closing the gap between developers and operators to increase business velocity. In previous releases, we worked on tighter integrations between GitLab and HashiCorp Vault that allowed accelerated authentication. With GitLab 13.0, these teams will gain similar flexibility and freedom of choice when using GitLab and HashiCorp Terraform for secure infrastructure deployment. Together, HashiCorp and GitLab are accelerating DevOps productivity for our joint customers.” -

“We at Nebulaworks appreciate the transparency of the GitLab teams openly working within their issues and milestones across their entire product line. It's been exciting to see the progress within the GitLab project milestone to milestone. We are looking forward to GitLab Insights and the ability to get better views out of our existing internal milestones. At Nebulaworks, we are existing Hashicorp Vault users and the ‘bring your own Vault’ integration is something that looks very promising to enable our teams to have complete control over our sensitive credentials. Coupled with these release items was gitlab.com's recent support of IPv6 which future proofs the platform. Overall, the Nebulaworks team is really enjoying all of the enhancements the GitLab teams have been delivering on. Keep up the great work!” -

“As organizations transition to modern, cloud-native applications and workloads, two key needs emerge: an enterprise-grade, supported Kubernetes infrastructure and a DevOps platform to make it easier and more efficient to build these new services. Red Hat OpenShift provides the industry’s most comprehensive enterprise Kubernetes platform, and fully supports deployments from GitLab as part of a CI/CD pipeline; we’re pleased to collaborate with GitLab to expand continuous deployment options across our hybrid cloud portfolio.” -

“Organizations want to get better software to production, faster. With continued investment in features to embed application security into pipelines and improve developer productivity, GitLab illustrates the importance of the ecosystem in our journey to help customers deliver meaningful business outcomes on the VMware Tanzu portfolio of products.” -

"We're excited to see GitLab's 13.0 release, and particularly the advancements in bringing "shift left" DevSecOps to where developers spend their time. WhiteSource also continues to invest in its collaboration with GitLab and particularly the Ultimate Security Dashboard, thereby allowing our mutual customers to benefit from best-in-class security while avoiding unnecessary context-switching out of GitLab itself, to ultimately achieve an improved collaborative DevSecOps experience." -

About GitLab

GitLab is the open DevOps platform built from the ground up as a single application for all stages of the DevOps lifecycle enabling Product, Development, QA, Security, and Operations teams to work concurrently on the same project. GitLab provides a single data store, one user interface, and one permission model across the DevOps lifecycle. This allows teams to significantly reduce cycle times through more efficient collaboration and enhanced focus.

Built on Open Source, GitLab works alongside its growing community, which is composed of thousands of developers and millions of users, to continuously deliver new DevOps innovations. GitLab has an estimated 30 million+ users (both Paid and Free) from startups to global enterprises, including Ticketmaster, Jaguar Land Rover, NASDAQ, Dish Network, and Comcast trust GitLab to deliver great software faster. All-remote since 2014, GitLab has more than 1,300 team members in 65 countries.

Media Contact

Christina Weaver


GitLab


[email protected]