GitLab Collaborates with Google Cloud to Bring Agentic DevSecOps to Enterprise Teams Using Vertex AI

Key Terms

devsecops technical

DevSecOps is the practice of building security checks into the whole software creation and delivery process instead of treating security as a separate step at the end. For investors, it matters because products that find and fix vulnerabilities earlier tend to ship faster, cost less to maintain, and carry lower risk of damaging breaches or regulatory fines — much like installing quality and safety checks on a car while it’s being assembled rather than after it leaves the factory.

vertex ai technical

Vertex AI is a cloud-based platform for developing, training and deploying machine learning models, providing tools that let teams turn data into automated predictions and smart features. For investors, it matters because using such a platform can speed product development, lower data-science costs and scale AI-driven services quickly—like renting a ready-made factory instead of building one—so adoption can influence a company’s growth, margins and competitive edge.

ai gateway technical

An AI gateway is a software or device that sits between a company’s data and external artificial intelligence services, routing requests, protecting sensitive information, and translating formats so different systems can use AI tools. For investors it matters because an AI gateway can speed up adoption, reduce security and compliance risk, and make AI-driven products more reliable—similar to a secure bridge that lets traffic flow smoothly between two towns while checking passports and guiding vehicles.

bring your own model technical

Bring your own model (BYOM) is when an organization runs its own machine-learning model on a vendor’s cloud or software platform instead of using the vendor’s prebuilt model. For investors, BYOM matters because it lets companies keep control of proprietary algorithms and data, which can reduce operational risks and compliance costs while potentially speeding product updates — like plugging your own engine into a rented car to keep its unique performance and safeguards.

ci pipeline technical

A CI pipeline, short for continuous integration pipeline, is an automated process that combines developers’ code changes, runs tests, and prepares software for release. Think of it as an assembly line for code that catches errors early and speeds delivery; for investors, a reliable CI pipeline means faster product updates, lower risk of costly bugs, and clearer evidence of disciplined engineering and operational maturity.

audit logging technical

Audit logging is the systematic recording of who did what, when, and where within a company’s digital systems, like a detailed event diary for computers and applications. Investors care because these records help prove that controls are working, detect fraud or mistakes quickly, and support regulatory compliance—similar to having security camera footage and receipts that make a business more trustworthy and reduce the risk of costly surprises.

• AI agents in GitLab Duo Agent Platform can now call foundation models through Vertex AI, including Gemini models, with agent actions governed by GitLab's built-in compliance and audit controls.
• Organizations can run GitLab's AI Gateway on Google Cloud with no separate AI infrastructure to provision or manage.
• Customers with Google Cloud commitments can count GitLab Duo Agent Platform usage toward their existing spend.

SAN FRANCISCO--(BUSINESS WIRE)-- All Remote – GitLab Inc., the intelligent orchestration platform for DevSecOps, today announced an expanded collaboration with Google Cloud. Google Cloud customers can now power GitLab Duo Agent Platform with the Vertex AI models they already use, and count that usage toward their existing Google Cloud commitments.

As AI agents become central to how teams build software, they need strong models and a governed environment to be effective in the enterprise. This partnership brings those together. Agents in GitLab Duo Agent Platform can now call Vertex AI models on Google Cloud natively, giving joint customers the model performance they expect with the governance GitLab already provides.

GitLab is the system of record for issues, code, merge requests, pipelines, and security findings. When an agent generates a code suggestion, it draws context from the issue that prompted the work, the repository's existing patterns, and the CI pipeline that will validate the result without leaving GitLab. Every agent action flows through the same access controls, approval rules, and audit logging that developers already follow, so governance does not stop when an agent takes over a task.

The Vertex AI Model Garden gives joint customers a choice of foundation models, including Gemini, so teams can select models based on performance, cost, or regulatory requirements. For self-hosted customers, GitLab's Bring Your Own Model option extends that flexibility further, letting teams connect their approved models and gateways. GitLab's AI Gateway, whether GitLab-managed or self-hosted, runs on Google Cloud runtimes like GKE or Cloud Run, keeping AI workloads on the infrastructure teams already manage.

To learn more about this announcement and how to leverage Vertex AI in GitLab Duo Agent Platform, read the GitLab blog.

Supporting Quotes

• “Google Cloud provides cutting-edge technology that helps partners innovate and deliver more impactful solutions for business transformation,” said Ritika Suri, managing director, AI and data partnerships, Google Cloud. “Through our partnership with GitLab, we will provide customers with innovative capabilities that can improve operations, enhance customer experiences, and drive innovation in the DevSecOps industry.”
• “AI agents are only as good as the context they operate on and the governance around them,” said Manav Khurana, chief product and marketing officer, GitLab. “GitLab is where that context lives across issues, code, pipelines, security findings, and this partnership connects it to Vertex AI's strongest models. As agents take on more of the software lifecycle, the platform that provides both the context and the controls becomes the critical layer.”

About GitLab

GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and 50% of the Fortune 100* trust GitLab to ship better, more secure software faster.

*Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260414750142/en/

Media Contact
Christina Weaver
press@gitlab.com

Source: GitLab Inc.