GitLab Duo

GitLab Duo is the AI layer embedded directly into GitLab's DevSecOps platform, covering everything from planning and code generation to security scanning and deployment. It is developed by GitLab Inc. and is available as part of the broader GitLab platform, which the company says is used by over 50 million people. Duo spans both the SaaS and self-managed deployment models that GitLab supports.

What It Is

GitLab Duo is a suite of AI capabilities integrated natively into the GitLab platform rather than a standalone product. It operates across the full software development lifecycle — from issue creation and code suggestions in the IDE to vulnerability remediation and pipeline automation. The centerpiece is the GitLab Duo Agent Platform, which allows teams to define how AI agents and human developers collaborate, with agents executing tasks like turning issues into merge requests, reviewing code, and remediating security findings while teams set the rules and guardrails.

The Duo Agent Platform

The Agent Platform is GitLab's agentic AI layer, positioned as the orchestration layer above the software lifecycle. According to GitLab's product pages, teams can:

• Customize workflows for development, testing, security, and deployment
• Let AI agents execute within those workflows autonomously
• Have agents convert issues into merge requests, remediate vulnerabilities, and review code
• Maintain human oversight through configurable rules and guardrails

This positions Duo not just as a code completion tool but as a multi-agent system embedded in the DevSecOps pipeline.

Security and Compliance Integration

A key differentiator GitLab highlights is that security is built into the platform rather than added on. Duo surfaces security findings directly in merge requests and IDEs, and the platform consolidates scanners including SAST, SCA, Secret Detection, and DAST. Compliance controls and audit-ready evidence are collected automatically in every pipeline, which GitLab positions as relevant for regulated industries such as financial services, public sector, telecommunications, automotive, and aerospace.

Deployment Model and Audience

GitLab Duo is available on GitLab.com (SaaS) and on self-managed GitLab instances, including air-gapped environments for government and defense use cases. The platform targets enterprise teams that need to meet strict regulatory requirements — GitLab's product pages specifically call out federal security standards, air-gapped deployment, and industry compliance frameworks. The tool is also positioned for small businesses and educational institutions.

Update: GitLab Duo Agent Platform Launch

GitLab's homepage and product pages prominently feature the Duo Agent Platform as the current strategic direction, with a dedicated event (GitLab Transcend, June 10) focused on "how agentic AI transforms software delivery." This signals a major product direction shift from AI-assisted coding toward full agentic automation across the DevSecOps lifecycle. The Agent Platform page and the Duo branding represent the current generation of GitLab's AI offering.