GitLab Inc. and Harness Inc. are deploying AI agents deeply embedded in their DevSecOps platforms, capturing enterprise attention by providing rich operational context that enables autonomous fixes for pipelines, security vulnerabilities, and incidents. These tools, launched in general availability this month, address what GitLab calls the “AI paradox”—where coding speeds up but delivery stalls due to bottlenecks elsewhere in the software lifecycle.
The push comes amid surging demand for agentic AI in software delivery. GitLab’s Duo Agent Platform went generally available on January 15, 2026, for Premium and Ultimate subscribers on GitLab.com and self-managed deployments, with rollout to GitLab Dedicated planned soon. GitLab Blog detailed how it orchestrates agents across planning, coding, testing, security, and deployment, drawing on repositories, issues, pipelines, and scans for context.
Harness expanded its AI SRE module with a Human-Aware Change Agent that joins incident chats in Slack or video calls, fusing human insights with telemetry to pinpoint changes causing outages. This flexibility won a large automotive software firm, slashing resolution times from over 60 minutes to 2-3 minutes. TechTarget reported strong enterprise pull for both vendors’ context-aware designs.
GitLab’s Unified Agent Orchestration Emerges
GitLab Duo Agent Platform launches with foundational agents—a Planner for backlog prioritization using RICE or MoSCoW frameworks, and a Security Analyst for triaging vulnerabilities via natural language chat. Agentic Chat spans Web UI and IDEs like VS Code and JetBrains, reasoning over multi-step queries to explain failures or recommend fixes. “Our customers experienced GitLab Duo Agent Platform during its beta period, and we were able to satisfy a variety of quality checks across different deployment options,” said Manav Khurana, chief product and marketing officer at GitLab, in a statement to TechTarget.
Custom agents and third-party integrations like Anthropic’s Claude Code or OpenAI’s Codex CLI extend capabilities. Flows orchestrate multiple agents autonomously, such as software development flows that plan, code, test, and merge changes. Group-based controls govern access, with namespace-level model selection from GPT-5 to self-hosted options. Early beta tester Anuj Tyagi, senior SRE at an unnamed communications firm, praised its repository comprehension: “It not only generates code… but it also tightly integrates with a code repository to support fixing pipeline failures and easy-to-understand security reports.”
A new GitLab Credits system includes $12 monthly per Premium user and $24 for Ultimate, refreshing automatically for Duo features. Excess usage taps shared pools or on-demand pay. This hybrid model tests usage-based scaling, with Duo Pro/Enterprise convertible to credits. Yahoo Finance noted it positions GitLab as a full-lifecycle AI hub against GitHub Copilot.
Harness Bets on Modular Incident Mastery
Harness derives context from interactions across CI/CD, observability, and human channels, powering 100 of its 1,000 enterprise customers in production for pipeline building. Its knowledge graph and orchestration layer break tasks into steps handled by specialized agents, with evaluators ensuring quality. Upcoming architect mode weaves in security policies, while AI Autofix handles upgrades and remediations iteratively.
The Human-Aware Change Agent proactively joins war rooms, linking conversations to tickets and changes for faster root causes. Roger Blakely, fractional CIO at StratITech, highlighted its appeal to an automotive giant: “What used to take 60 minutes or longer, they’re now down to two or three minutes to resolve.” Modularity shines in hybrid setups, hooking into non-Harness pipelines. All new agents fold into existing modules at no extra cost, barring high-volume token pass-throughs. TechTarget quoted CEO Jyoti Bansal: “There’s 25% more code coming out from engineers using AI, but there’s a 7.2% decrease in delivery stability.”
Customers like Takeda and Synchrony evaluate for SDLC enforcement and legacy modernization. Chris Williams, head of DevSecOps at Takeda, said: “[Given] the importance of responsible AI, I look at the SDLC and CI/CD specifically as a great enforcement point.”
Enterprise Traction Builds Amid Rivalries
Platform ownership gives GitLab an edge in unified context, per Omdia analyst Torsten Volk: “Instead of owning the entire platform like GitLab does, Harness gets its context from agent interactions.” IDC’s Jim Mercer contrasted GitLab’s customizability with Harness’s opinionated templates aligning to platform engineering. Both woo self-hosted users for sovereignty, though Tyagi noted SaaS superiority in prompt handling.
Early adopters include Southwest Airlines and Oracle Cloud for GitLab, per WebProNews . A communications SRE affirmed beta success on large repos. Harness claims production runs rivaling Kubiya. IDC forecasts 70% of firms embedding agents in pipelines by 2030.
GitHub leads with Copilot Extensions, but GitLab’s native embedding reduces switching. “In contrast to GitLab’s focus on a unified platform, GitHub relies on Copilot Extensions,” said IDC’s Mercer in TechTarget.
Overcoming AI Delivery Hurdles
Google’s DORA 2024 flagged AI coding worsening stability, a gap these agents target via context. GitLab’s platform supports MCP for Jira or ServiceNow ties. Harness’s recursive flows yield high accuracy in complex pipelines. Analysts like Moor Insights’ Jason Andersen stress adoption feedback for refinement: “With agent-based products, it’s not just about features, but also how adoption and feedback drive improvements.”
Self-hosted parity advances, with GitLab enhancing models for compliance. Pricing clarity—GitLab’s credits versus Harness’s inclusions—eases trials. Events like GitLab Transcend on February 10 showcase demos.
For insiders, proof lies in metrics: pipeline uptime, vulnerability closure rates, MTTR. As Volk noted: “The proof lies in production deployments.” These agents signal DevSecOps evolving from tools to intelligent teammates.
Leave a Reply
Your email address will not be published.