AWS and GitLab Announce Integrated AI Offering

Exciting news from AWS re:Invent! GitLab and AWS are joining forces to supercharge AI-powered software development! đź’»

Host Daniel Newman is joined by GitLab‘s Ashley Kramer, Interim CRO and CMSO on this episode of Six Five Media at AWS re:Invent, to discuss the groundbreaking announcement from GitLab and AWS bringing together the power of GitLab Duo and Amazon Q to create a seamless developer experience that streamlines DevSecOps workflows and accelerates secure software delivery.

đź“»Tune in for a first look at:

An overview of the integrated AI offering by AWS and GitLab, aimed at accelerating software development and enhancing security
The synergy between GitLab Duo and Amazon Q, providing a seamless AI-powered developer experience for DevSecOps workflows
The significance of this partnership and its benefits for customers in delivering secure software faster
Insights into the challenges of fragmented software development lifecycles and how GitLab Duo with Amazon Q addresses these issues
Expectations for the evolution of AI in software development by 2025

Learn more at GitLab.

Watch the video below at Six Five Media at AWS re:Invent and be sure to subscribe to our YouTube channel, so you never miss an episode.

Transcript

Daniel Newman: Hey everyone, The Six Five is On The Road, Daniel Newman here. We are heading to AWS re:Invent 2024, end of the year. Hopefully, you just finished eating some Turkey, or whatever your favorite thing is over that long weekend. I know that I sure did. I’m very excited for what’s coming this year. It’s going to be such a big year for re:Invent. Always a huge show, excellent content each and every year, and of course, the partner ecosystem there is always buzzing. This year, we’re going to be really busy, can’t wait to hear all the announcements, and I can’t wait to get started today with the first of what I hope to be many great conversations. I’ve got GitLab joining. Ashley Kramer, interim CRO, CSO, CMO and former CTO. I think I got that right. Ashley, how are you doing? Welcome to The Six Five. Thanks so much for taking a little time to talk to me just ahead of this week’s upcoming event.

Ashley Kramer: Yeah, appreciate it. Thanks for having me today.

Daniel Newman: Did I get all those titles right, by the way?

Ashley Kramer: I think. Close enough.

Daniel Newman: I heard something in the green room, you said something about four different titles you’ve had. Don’t worry, just keep smiling and everybody will think you’re very, very approachable.

Ashley Kramer: It’s all okay.

Daniel Newman: By the way, what a great year for what you’re doing over at GitLab. We have so much attention right now to the way AI is changing app development, DevOps, how we’re going to basically power the next era. We’re hearing a lot about assistants, we’re hearing a lot about agents, but at the end of this, it’s going to be all about this collaboration between this existing ecosystem of thoughtful developers that have been building the apps, that have been running our businesses, our lives for what feels like forever, and this new, this neo opportunity that’s coming with assistant AI driving developers, speeding this all up. I’ve got all kinds of questions for you, but before, where are you at with that? What are your thoughts on just this macro of what’s going on?

Ashley Kramer: The Gen AI buzz, it’s been around now for a while. Now it’s turning, it went from AI to Gen AI to Agentic AI, seems to be the next wave. What we’re super excited about at GitLab, and have been for many years now is, we’re really well positioned to help with software transformation because of the way we’ve been built since the beginning. GitLab has always been built as an end-to-end platform to help across the entire SDLC. That’s helpful by bringing developers, security professionals and operational professionals together on one platform, and helps with developer efficiency, productivity, security.

Then the Gen AI buzz and wave starts to come in, and we thought, that’s great, because we already help from planning to building code to securing, to testing, to deploying, to monitoring. Now, we can infuse AI as part of every single one of those steps to help all of those steps become more efficient, more secure. It’s been a really great year, as you mentioned, for GitLab, and we have our offering out in the market. I’m sure we’re going to talk about what more we have coming during this exciting week, and I’m excited to get to that.

Daniel Newman: Yeah, absolutely, and thanks for giving a little bit of the background. It has been such a transformative 24 months. Again, any of us that have been around tech for a while know that AI didn’t actually start when ChatGPT came to market, but it does sometimes feel that way, just the amount of attention-

Ashley Kramer: It’s been around for a while, a long time.

Daniel Newman: Yeah, you’re talking four or five decades from the earliest algorithms. There’s people that were getting PhDs in AI that are older than I am. It’s not new, but at the same time, I think the way it’s risen into our consciousness, and really become part of the everyday experience, and that’s all happening because we’re enabling this developer ecosystem to basically layer AI into so many parts of what we do. You mentioned it, we’re heading into re:Invent, the system, the world, it’s in a good position for GitLab, but what are you going to announce at the show this week?

Ashley Kramer: We are super excited to have been working with AWS now for the past few quarters for an announcement that’s coming out, and that is that AWS and GitLab will be announcing an integrated AI offering to help customers across the world accelerate their software innovation and developer productivity. What that really means is, it’s about bringing the best of both worlds together, what GitLab provides as far as that understanding of what happens throughout the software development lifecycle, and what AWS services and post-deployment brings to the overall AI landscape. Being able to bring these two technologies together, and we can talk about the details of that, of course, means that we can have the most context-aware AI from everything from when you start to plan the project through everything it takes to deploy it, and then post-deployment as well.

Daniel Newman: You asked your own question and answered it, but give me the details. Tell me a little bit more about how this offering works. How does this partnership work?

Ashley Kramer: The goal is really, for us, to meet customers where they are, and that is often in the AWS console and ecosystem. We already have great joint offerings on the AWS marketplace. We run our single-tenant SaaS solution exclusively on AWS. We have proof in this, we’ve been close partners with them, but by doing this joint integration in bundle, we can actually leverage the newly released agents, as we talked about earlier, they’re Agentic AI that they’ve been releasing, and bring things together within our platform like being able to have an agent that takes plain text and creates a project, and starts the code right within GitLab using the Amazon Q AI agents. Things like app modernization, we’re hearing about this more and more. There’s a bunch of legacy code bases. Somebody’s on an older version of Java and wants to update that holistically in the code base.

There’s an AI agent via Amazon Q that does that directly now, after this announcement, within GitLab. Some other examples, agents to do things like holistic code reviews, so you can really verify the quality and the vulnerabilities within the code base earlier. And then, things like enhanced quality assurance. I was a developer 1,000 years ago, believe it or not, and I understand why commenting is such a pain, and we know that can not be something that’s always at developer’s top of mind. There’s agents that do that now that can go through and comment, so five years later, when somebody is looking at that code, they understand why that’s there, what the function is supposed to operate as. Just four examples of how we can bring the best of Amazon Q together within our AI powered DevSecOps platform.

Daniel Newman: Yeah, it’s really interesting. By the way, I doubt it was that long ago that you were developing, but just long enough now that if I asked you to code something, would you do it from scratch or would you use these tools? I have to imagine everyone would use these tools.

Ashley Kramer: You would want me to use these tools, first off, but no, I would certainly use them. What’s even more interesting is what happens after you write that code. We have tons of research that shows it’s only about 21% of a developer’s overall time that they’re writing the code, but it’s all these other things that I just mentioned, like planning and getting started, and making sure it’s secure and commenting. From that perspective, yes, I would use that to start writing the code, but I would also be really excited that it’s going to write a unit test for me, and I don’t have to worry about that. You wouldn’t really want me developing, in the end, but I would absolutely leverage these AI agents, and I think most of the world at this point would agree with that.

Daniel Newman: Yeah, the software supply chain part is definitely very interesting. Developers spend a lot of time there, and this is one of those great efficiency gains. And then of course, when you get efficiency, generally, productivity tends to follow. I’m curious, Q though, have you spent much time with Amazon Q in this process? Walk me through how that works. I’m not trying to make light of this, but the term Agentic AI has been thrown around a little bit very loosely. I look at it like assistant to agent, assistant works alongside you, agent’s almost going to do something on your behalf, either assisted or completely out of the loop. How does this whole Q thing work? Can you talk through a little bit of an example?

Ashley Kramer: Sure. As part of this partnership, what we did was, we actually got developers from AWS together with our developers, and we worked on deep integration. Too often, I think, you hear about integrated bundle offerings coming out, and it feels like you’re calling out to something, you’re bolting something on as part of that partnership. These are deeply integrated, so direct within the GitLab UI, you can be ready to start the project, and you can just go in and put all of the context, “I want to write some code that will create an app that will help me understand this piece of work.” And then, you’re able to just put slash Q, and write in their command, and seamlessly that will go in, that will create the issue in GitLab, and then that will start the code base based on that plain English.

You’re within the GitLab interface, and you’re using our technology, of course, like Issues and our ID, but you’re leveraging the agent seamlessly from Amazon Q, right within the interface. The agent is part of it, but it’s not one of those agents, like you said, the agent is the new buzz, so it sounds like it’s just going to go wild, just take what you said and go crazy. It is done in a very secure, in a very context aware way. We will also say within GitLab, Amazon Q created this, so you know this is what it’s doing, and you can still have that human intuition, and that human check on it.

Daniel Newman: Yeah, I think that’s really important. In this world, there’s a validation and a verification that goes on, and the systems need to be double-checked. I’m really glad you mentioned security, Ashley, because I think a lot of people are weighing this go fast, go secure, and they’re not mutually exclusive, but to some extent, when you’re trying to move very quickly to meet aggressive board objectives, to roll out new software and push the next capabilities across AI, security, I think it’s sometimes treated like auto insurance. You get it because you have to have it, but you only get as much as you really think you would ever need. I think security is going to be, I imagine you feel the same, probably an even more prominent role in this AI powered world.

Ashley Kramer: 100%. One of the differentiating factors of GitLab from the beginning has been, we integrate security as part of our platform. We put it right there alongside where the developer is working. We can scan their code for vulnerabilities, our AI can detect them, explain them, help them remediate them. We will now use the assistance of Amazon Q for that as well. I am of the mindset that security shouldn’t be like insurance, and just something that you have to have, and you have to say you care about. It should be top of mind in anything that you’re doing regarding Gen AI, and you should not only understand, is the code you’re building secure, you should also understand, are the large language models that you’re leveraging under the hood also protecting your IP, not using your private code and IP to train the model that could be shared with other companies, competitors, people in the world? Amazon and GitLab have the same mindset, and at GitLab from the beginning, we go so far as we have an AI transparency center, where you can go and understand absolutely everything we’re using when it comes to AI, to give you that sense that it is secure. It’s not insurance, it’s a must have as part of this journey.

Daniel Newman: No, that makes a lot of sense. In the whole DevOps and DevSecOps space, there’s so much risk in these repositories. How up to date are they? I always often say in the software supply chain, a lot of risk happens when you think you’re using code that is okay. There are so many different little vulnerabilities that can come up that are completely unexpected. You mentioned benefits, you talked about everything from comments, but what about efficiency? Are you guys starting to get a handle on ROI? Is it faster code to completion? Are there any data points you’re starting to get from this type of partnership, and how this is going to continue to proliferate and add value?

Ashley Kramer: We are starting to see proof points of up to 50% faster delivery. A company called theCUBE did a case study with us on this, I’m leaning into faster release, because you’ll often hear, when people talk about Gen AI, developers say by using this tool that writes code for you that they’re 40%, 50% more productive in writing code. We are specifically saying the release, because we are helping them be successful across everything, including the security of the code. We’re starting to see the proof points. At GitLab, since we are an end to end platform that captures what’s happening in every single stage of the SDLC, we are able to produce those metrics. We have an AI impact dashboard, where it’s one thing to say, “Hey, Susie the developer, do you think AI is making you more productive?”

It’s a gut feel thing. She’ll say, “Yeah, I think I’m 30% more productive now.” It’s another thing to see a dashboard with the data of how teams are performing, which ones are leveraging AI, which developers are moving faster now, or more secure code. The AI impact dashboard has really been helping our customers, and of course, now we’ll invite Amazon Q in as part of that, to really understand, can the data show me that they’re actually producing secure software faster versus just their anecdotes that yes, this agent, this co-pilot, this code generation tool is making me write code faster? That’s just one.

Daniel Newman: I really like that, and I’m a big fan of analytical proof. As an analyst, I love any, I call them measures of merit behind anything. We talk about TCO and economic validation a lot, because we are not buying software for the sake of software. These tools are being used to develop software that helps businesses run, and you have to be able to justify that. All right, we’ve only got a minute or two here left. I really appreciate you making the time, Ashley. Put your strategy officer hat on. I’m not sure which one, you’ve got a few.

Ashley Kramer: Sure.

Daniel Newman: What are you expecting to come from AI in the next 12 months? What are some things that maybe people can be on the lookout for?

Ashley Kramer: I think the first one is, we just talked about it, I do think it will become more understandable and easy to quantify the ROI of AI based software development tools. I think that’ll be really important because, right now, again, we’re taking anecdotes, or we’re reading studies that have been done. If you go talk company by company, which I do every day with all of my titles, it’s not that clear to them how AI is helping them in every case deliver secure software more efficiently. I also think there’s going to be more of a trend of companies saying, “I’m in a highly regulated space. I can’t just go leverage one of these large language models that’s popped up in a cloud service somewhere. I need to bring that specific to me. I need an air gapped model solution.” I’m excited to say at GitLab, we are about to launch something called Self-Hosted Models.

We have large government customers and FinServ customers that are really excited to be able to have the model walled off for their specific use, and that’s something that we’ve been hearing for the past year is a need. Also, this one I’m really excited about, right now, Gen AI does seem to be fairly reactive in how we’re using it. I turn on the assistant, and I’m writing code, and then it starts to be aware, and then we’ll say, “Hey, do you want to accept this suggestion?” And then I say, “Go ahead and run a scan on this, and give me my vulnerabilities. Explain this code for me.” I think it’s going to be proactive coming up this next year, where it’s going to be coming to you, and it’s going to be saying to you, “Hey, good morning, great to see you. You need to focus on these three bugs today, and these three issues need addressed, and here’s what we recommend for you. By the way, while you were asleep, I ran a security scan, and you’re going to have to go check out these vulnerabilities.” I’m really excited. I’d say those are the three big ones that I see coming as this next wave, and I think that’s where we’re really going to see these beneficial and useful, impactful use cases play out in large enterprises and small/medium businesses.

Daniel Newman: Absolutely. There’s a lot, and I really appreciate you, Ashley, sharing your vision for this. I love the idea of having an assistant and an agent that’s constantly keeping us on the right course, on the right track. With software. There’s so much complexity, and generally speaking, a project doesn’t belong to any one individual. The way teams come together, let’s be candid, a lot of enterprise tools for things like project management and software has never quite lived up, and I think this is where you put it together, with AI and tools together, and you could really create something special, shorten the time to value, and also add some excitement back. It’s like AI for doctors, getting them back to patients, AI for developers can get them back to coding.

Ashley Kramer: Get them back to using their brain for really creative problem solving and solutioning instead of the mundane task of, “I’ve got to go figure out how to fix this bug.” I’m really excited about that.

Daniel Newman: Yeah, I’m excited, too. Excited to hear a lot more here, coming up this week at AWS re:Invent. I really want to say thanks so much for making the time. Congratulations on all the announcements. I hope it’s a very fruitful week for you. It’s always a big event, lots of feet on the ground, can’t wait to hear about your announcements, all that stuff coming out. And then of course, to hear all the other announcements that are going to come from Matt Garman, AWS and the team. Ashley, thanks a lot for joining. Let’s have you back again soon.

Ashley Kramer: I would love that. Thanks for having me, and I’m looking forward to the week as well.

Daniel Newman: All right, and thank you everyone, whether you’re watching this just as we start the week, or as the week has progressed, or after the event, we want to just thank you so much for being part of our community here on The Six Five. Hit subscribe, tell all your friends, share this episode, and of course, watch all the others. For this one, I’ve got to say goodbye. See you all later.

Other Categories