IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada
Ai assisted code review inclusive dev team modern office
#
DevOps
#
Application Security
#
DevSecOps

GitLab widens AI access & sets flat review pricing

Sun, 22nd Mar 2026
Author image
By Mark Tarre, News Chief

GitLab has released version 18.10 of its software development platform, expanding access to its agentic AI tools and changing how some are priced.

The update centres on three changes: access to GitLab Duo Agent Platform for organisations on the GitLab.com free tier, a flat-rate model for automated code reviews, and the general availability of AI-based false positive detection for security scanning in GitLab Ultimate.

Under the new arrangement, organisations on the free tier can use GitLab Duo Agent Platform through a monthly commitment of GitLab Credits. Those credits are shared across a group rather than assigned per user, allowing teams to grant access without buying individual seats.

The credits model is designed to give group owners a clearer view of spending. A dashboard shows which agents and workflows are consuming credits, linking usage to delivery work across the team.

Pricing change

A second part of the release focuses on code review. GitLab has priced Agentic Code Review at a flat USD $0.25 per review, which is currently equivalent to four code reviews per GitLab Credit.

The tool reviews merge requests across groups and projects, using information from the repository, pipeline, and security policies. The pricing change is intended to make automated review costs more predictable for teams processing large volumes of changes.

Manual review remains a common source of delay in software delivery, particularly as AI-assisted coding tools increase the volume of code being written. GitLab is positioning automated review as a way to reduce queues that can stretch from days to weeks in larger engineering teams.

Security focus

The third element is the wider availability of false positive detection for static application security testing, or SAST. The feature is now generally available to GitLab Ultimate customers using GitLab Duo Agent Platform.

The tool analyses new critical and high-severity SAST findings after each scan, scores them by their likelihood of being false positives, and displays that assessment in the vulnerability report. Security teams retain control over what is dismissed, but the system is intended to help them separate urgent findings from lower-priority alerts.

False positives have long been a complaint in application security testing because they can overwhelm development and security teams with alerts that do not require action. By filtering those findings earlier, GitLab aims to reduce the time teams spend investigating issues that do not turn out to be exploitable problems.

The update also reflects a broader shift in the software tools market. As coding assistants help developers generate code more quickly, suppliers are increasingly focusing on the tasks that follow, including review, testing, security checks, and deployment controls.

GitLab's latest release addresses that post-coding workflow by extending AI use beyond code generation. Rather than concentrating on a single assistant feature, the company is tying AI functions into group-wide development and security processes.

That matters for teams seeking tighter control over costs. Per-seat licensing can make broad AI roll-outs expensive or uneven across large groups, while usage-based credits offer another way to manage adoption across multiple projects.

It also shows how vendors are trying to make AI features easier to adopt within existing software governance rules. In many development environments, the challenge is no longer whether teams can generate code quickly, but whether reviews, policy checks, and security screening can keep up without adding risk or cost.

"Development teams are shipping more code faster than ever, and the AI automation that keeps code secure and ensures it gets safely deployed has to keep pace - running across every project and every group, with the context of the entire platform," said Manav Khurana, Chief Product and Marketing Officer, GitLab.

"We're accelerating access to advanced agentic AI across the software lifecycle for all software teams of all sizes, making it easier to adopt, more affordable to run, and at a greater level of security. Software teams can scale their innovation velocity within their guardrails and budget, on their own terms," Khurana said.

Related stories
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Testlio launches AI chatbot testing service amid scrutiny
Dropbox launches three apps inside ChatGPT for work

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment