DevOps Platform Updates
scanned 70d ago6Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitLab 18.11 Expands Agentic AI with Security Remediation
<cite index="2-1">GitLab Inc., the intelligent orchestration platform for DevSecOps, released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics.</cite> <cite index="2-7,2-9">Agentic SAST Vulnerability Resolution is now generally available for GitLab Ultimate customers using GitLab Duo Agent Platform</cite>, enabling automated code fixes for security vulnerabilities before they reach production.
GitHub Copilot Individual Plans Face Major Changes
<cite index="26-3,26-7">GitHub is making the following changes to GitHub Copilot's Individual plans to protect the experience for existing customers: pausing new sign-ups, tightening usage limits, and adjusting model availability</cite>. <cite index="26-30,26-31">Agentic workflows have fundamentally changed Copilot's compute demands. Long-running, parallelized sessions now regularly consume far more resources than the original plan structure was built to support.</cite>
Azure DevOps Server Security Patches Address Critical Issues
<cite index="12-1,12-24,12-25">This patch applies to the most recent version, Azure DevOps Server, and includes the following updates: Fixed an issue where completing a pull request could fail due to a null reference exception during work item auto-completion. Improved validation during sign out to prevent potential malicious redirects. Fixed creating PAT connection to GitHub Enterprise Server.</cite>
GitHub Security Assessment Adds Copilot Integration
<cite index="22-1">Organization admins and security managers can now jump into a Copilot experience directly from secret risk assessment or Code Security risk assessment results to get contextual explanations and guided next steps.</cite> This integration brings AI-powered security analysis to vulnerability management workflows.
Critical CVE-2026-32201 SharePoint Zero-Day Exploited
<cite index="42-7,42-31">Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. According to Microsoft, CVE-2026-32201 was exploited in the wild as a zero-day.</cite> This SharePoint spoofing vulnerability affects DevOps environments using SharePoint for collaboration and documentation.
Atlassian Guard Data Security Scanning Generally Available
<cite index="33-9,33-10,33-11">Scan your full Jira and Confluence sites, including data at rest, for sensitive data using built-in and custom regex-based detection. You can also export the location of this data to a CSV file for review and remediation. Available with an Atlassian Guard Premium subscription.</cite> This feature addresses data protection compliance requirements across DevOps workflows.