DevOps Platform Updates
scanned 19d ago6Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
Microsoft Build 2026 AI Security Integration with GitHub Code Security
Microsoft announced expanded MDASH preview, Microsoft Defender integration with GitHub Code Security, Agent 365 runtime controls, and Windows 365 for Agents. New integrations enable AI-powered vulnerability prioritization based on runtime exposure and production impact.
GitHub Launches AI-Powered Bug Detection for Expanded Language Coverage
GitHub Code Security adds AI-based vulnerability scanning to complement CodeQL, providing coverage for Shell/Bash, Dockerfiles, Terraform, and PHP. The hybrid model processed 170K findings with 80% positive developer feedback. Public preview expected Q2 2026.
GitLab Critical Patches Address High-Severity XSS and DoS Vulnerabilities
GitLab released security updates 18.11.3, 18.10.6, and 18.9.7 addressing high-severity XSS vulnerabilities (CVSS 8.7) and unauthenticated DoS flaws. Critical fixes included analytics dashboard exploits, Duo Agent markdown issues, and API-based denial of service attacks.
Bitbucket Cloud App Password Deprecation Enters Final Phase
Bitbucket begins controlled brownouts starting June 9, 2026, with full app password removal on July 28, 2026. All authentication must migrate to API tokens with enhanced security, expiration controls, and centralized management. SSH access moves to ssh.bitbucket.org by November 2026.
GitLab Duo Agent Platform General Availability with AI Orchestration
GitLab 18.8 delivers GA of Duo Agent Platform with seven specialized AI agents for DevOps automation. Platform provides multi-step reasoning, compliance traceability, and orchestrates both GitLab and third-party AI agents with policy controls and attribution for enterprise requirements.
Azure DevOps GitHub Advanced Security Expands with Enhanced Integration
Azure DevOps deepens GitHub integration with enhanced Advanced Security features including secret scanning, CodeQL code scanning, and dependency vulnerability detection. Focus on reducing PAT usage and strengthening Microsoft Entra ID integration for improved authentication security.