DevOps Platform Updates
scanned 91d ago7Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub Adds AI-Powered Bug Detection for Security Coverage
GitHub introduced AI-based scanning for Code Security tool to expand vulnerability detection beyond CodeQL static analysis. The AI system provides broader coverage for Shell/Bash, Dockerfiles, Terraform, PHP, and other ecosystems with 80% positive developer feedback during internal testing. Combined with Copilot Autofix, it reduces security resolution time from 1.29 to 0.66 hours on average.
GitHub Expands Secret Scanning with Nine New Detectors
GitHub added nine new secret detectors from seven providers including Langchain, Salesforce, and Figma. Secrets from Figma, Google, OpenVSX, and PostHog are now push-protected by default. The update improves pattern type linking in push protection configurations for better alert management.
GitHub Actions 2026 Security Roadmap Unveiled
GitHub announced major security enhancements for Actions including secure-by-default behavior, policy controls, and CI/CD observability. The roadmap introduces dependencies section for workflow YAML to lock all direct and transitive dependencies with SHA commits, plus centralized policy-based controls to prevent supply chain attacks targeting CI/CD automation.
GitLab Introduces Credit-Based AI Platform and Automated Code Review
GitLab released 18.10 with expanded agentic AI capabilities, introducing GitLab Credits model for Duo Agent Platform access and flat-priced Agentic Code Review at $0.25 per review. The update includes automated code review, SAST false positive detection, and agentic false positive detection for security scanning now generally available.
Azure DevOps March Patches Released with AI Agent Support
Microsoft released March patches for Azure DevOps Server and introduced Azure Developer CLI support for debugging hosted AI agents from terminal. The update includes temporary rollback of build identities Advanced Security restrictions, with re-enforcement scheduled for April 15, 2026.
Atlassian Enhances Security with AI-Powered Alert Classification
Atlassian announced Jira Service Management will use Atlassian Intelligence to reduce noisy alerts by classifying alert groups as signal versus noise. The update includes sensitive data scanning for Jira and Confluence sites using built-in and custom regex-based detection, available with Atlassian Guard Premium subscription.
Atlassian Embeds AI Agents into Jira with MCP Integration
Atlassian moved AI agents directly into Jira project management software, allowing developers to assign tasks to agents. The company expanded Rovo search and automation facility to integrate third-party agents using Model Context Protocol (MCP), with nearly one-third of agentic MCP operations being writes, indicating active collaboration usage.