GitLab doubles down on DevSecOps and AI in APAC

GitLab is expanding its footprint in the Asia-Pacific (APAC) region and delivering key capabilities around its unified DevSecOps platform, including security and artificial intelligence (AI), to help organisations build software faster.

In an interview with Computer Weekly on the sidelines of GitLab’s DevSecOps World Tour in Singapore, Craig Nielsen, the company’s vice-president for the region, noted the rapid shift towards software-defined experiences, citing examples like TikTok and Threads that have achieved massive user growth in record time.

“Every company is a software company, and that’s never been truer than today,” said Nielsen. “An organisation’s ability to build customer experiences quickly and securely and innovate fast becomes critical.”

That focus on speed and security is driving GitLab’s strategy in APAC. The company is investing in its go-to-market capabilities, including sales, post-sales support, and building a partner ecosystem to support customers across the APAC region, including India and ASEAN.

While GitLab’s customer base mirrors its global mix, the company has seen strong demand in regulated industries such as government, financial services, telecommunications, retail and logistics, touting customers including Singapore’s Government Technology Agency and Australia’s Bendigo and Adelaide Bank.

Addressing the complexity of modern software development, Nielsen noted the challenges that GitLab customers had faced with fragmented toolchains. “Four years ago, the only opportunity development teams had was to assemble their own stacks. Most organisations have a combination of limited or loosely coupled integrations across those tools,” he said, adding that this leads to maintenance overhead, regulatory burdens and context switching, hindering developer productivity.

GitLab’s value proposition lies in its unified platform approach. “If we were to put this together on a single platform – think of a common data layer, a common workflow layer, a common security layer and, moving forward, a common AI layer – we could simplify the stack for the enterprise,” said Nielsen. This translates to improved productivity, enhanced security and better visibility, ultimately enabling faster software delivery.

Nielsen cited customer success stories, such as payments and finance platform Airwallex, which has been able to produce software features four times faster since adopting GitLab’s platform. “If your competition is not producing customer experiences four times faster, you’re probably going to take losses,” he warned.

AI and automation are central to GitLab’s product roadmap. While initial AI efforts in DevOps tools have focused on code suggestions, GitLab is expanding its AI capabilities across the entire software development lifecycle.

“We’re able to apply AI outside of code assistance,” said Nielsen, citing use cases like code explanation, root cause analysis of pipeline failures, vulnerability explanation and fixes, code refactoring and issue summarisation, all of which, according to GitLab’s research, take up almost 80% of a developer’s time.

In a separate presentation, Justin Farris, GitLab’s vice-president of product management, detailed the company’s product roadmap, including enhancements to enterprise agile planning, such as custom statuses, management of GitLab epics, a body of work that can be broken down into smaller parts, and an enhanced wiki experience.

He also highlighted the integration of Oxeye – a recent acquisition – to improve security scanning and vulnerability management. “We integrated Oxeye four months ahead of schedule,” he said, noting that Oxeye’s static application security testing (SAST) engine helps reduce false positives, integrates security scanning into developer workflows and provides guidance on security remediation.

Farris also pointed to upcoming capabilities like self-hosted AI models, which allow customers to maintain full control over their AI models while leveraging GitLab’s prompt library, as well as GitLab Duo Workflow that uses AI agents to automate development processes based on natural language prompts. “It’s time for a revolution in the developer experience, one that allows developers to focus on innovative solutions, creative problem solving and building the next big thing,” he said.