VMblog: If you were giving a KubeCon attendee a quick overview of the company, what would you say? How would you describe the company?
Daniel Helfand: GitLab is the most comprehensive AI-powered DevSecOps platform for software innovation. Our open-core software development platform enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation.
The GitLab platform has the flexibility to work with many of the tools in the Cloud Native Computing Foundation community. There are built-in features to make it easier for developers to create continuous integration pipelines, set up continuous delivery to Kubernetes, enable security scanners for infrastructure as code and containers, troubleshoot infrastructure with a dashboard focused on Kubernetes, and much more. GitLab is proud to be part of the cloud-native community and collaborate with so many incredible organizations and community members worldwide.
VMblog: How can attendees of the event find you? What do you have planned at your booth this year? What type of things will attendees be able to do at your booth?
Helfand: KubeCon attendees can find us at Booth #H1. Stop by our booth to ask GitLab team members questions about GitLab, watch a demo, and learn about opportunities to contribute to GitLab projects.
We will have Lego-like sets for the swag seekers to build the GitLab Tanuki mascot, wireless chargers, and tickets for a raffle to win prizes.
VMblog: Have you sponsored KubeCon + CloudNativeCon in the past? If so, what is it about this show that keeps you coming back as a sponsor?
Helfand: This is GitLab's seventh year sponsoring KubeCon. The event is a great way to engage with users and customers, stay connected with the cloud native community, learn more about where the community is headed, and incorporate new ideas into our products. GitLab also supports several open-source projects within the cloud native community and uses many of the technologies in our platform.
VMblog: Do you have any speaking sessions during the event? If so, can you give us the details?
Helfand: GitLab team members will be participating in booth talks on the show floor. Matt Genelin, senior solutions architect at GitLab, will speak at the Google Cloud booth on Secure, Fast, and Painless GKE Deployments with GitLab.
Some great talks will also feature GitLab, including "How We Made OpenTelemetry Be Our Fitness Tracker for Your CI/CD Pipelines!" and "On-Premise and SaaS CI/CD Large-Scale Production Automation with Argo Services."
VMblog: What are you personally most interested in seeing or learning at KubeCon + CloudNativeCon?
Helfand: I am very interested in the talks around supply chain security and continuous delivery. I also look forward to hearing updates from open-source communities and user groups such as Flux and the Kubernetes CLI Special Interest Group (SIG).
VMblog: What kind of message will an attendee hear from you this year? What will they take back to help sell their management team and decision makers?
Helfand: KubeCon attendees will learn how GitLab can help them ship secure software faster with AI throughout the entire software development lifecycle. Attendees will also learn how GitLab enables all teams involved in software development to collaborate via a single platform to shorten cycle times, reduce development costs, and increase developer productivity.
VMblog: Can you double click on your company's technologies? And talk about the types of problems you solve for a KubeCon + CloudNativeCon attendee.
Helfand: GitLab's 2024 Global DevSecOps Report highlights that only 21% of developers' time is dedicated to writing new code. The remaining time is consumed by maintenance, understanding existing code, and administrative tasks. The main challenges GitLab helps developers solve are being more productive, easily collaborating, and being more proactive in addressing potential risks. Additionally, the report reveals a common security barrier, 58% of security-focused respondents struggle to prioritize vulnerability remediation. By empowering development teams with time and tools, GitLab can help security teams proactively address vulnerabilities early in the development process.
For platform engineers, GitLab offers a unified platform for managing CI/CD, security, and infrastructure across multiple cloud environments. Its flexibility and compatibility with existing tools make it adaptable to various infrastructure setups. GitLab's ongoing integration of AI capabilities will further enhance its features, providing even more time savings for developers and engineers throughout the software development lifecycle.
VMblog: While thinking about your company's solutions, can you give readers a few examples of how your offerings are unique? What are your differentiators? What sets you apart from the competition?
Helfand: Built as a comprehensive DevSecOps platform, GitLab has the end-to-end context of an organization's entire software development and deployment process. It provides a unified experience and insights that enable customers to ship secure software faster. A few of my favorite features include:
- CI/CD Catalog: The CI/CD Catalog allows developers to treat CI/CD much like any other piece of software by breaking down pipelines into modular pieces. It enables development teams to easily discover existing CI/CD processes and fully reuse an existing CI/CD pipeline or selectively build a pipeline using existing components (e.g., build, test, and deploy stages) to create unique pipelines for various teams.
- Root Cause Analysis: As part of GitLab Duo, the company's suite of AI-powered capabilities, root cause analysis enables users to debug CI/CD pipeline failures easily. Instead of digging through endless CI/CD logs, an AI-generated message helps pinpoint the root cause of a failed job and provides suggestions on how to remediate.
- Dashboard for Kubernetes: The dashboard allows developers to visualize their Kubernetes infrastructure directly from GitLab projects. The dashboard integrates with Flux CD to help development teams manage Kubernetes infrastructure in GitLab projects using GitOps workflows. In the GitLab user interface, users can go from merging changes into their projects to being able to visualize and troubleshoot any issues with their deployments.
VMblog: Where does your company fit within the container, cloud, Kubernetes ecosystem?
Helfand: The GitLab DevSecOps platform helps simplify building, securing, deploying, and monitoring services running on Kubernetes. Some of GitLab's key focus areas in the cloud native ecosystem include:
- Cloud Agnostic: GitLab can run on any cloud or on-premise infrastructure. Whether users need to scale GitLab CI/CD or their GitLab instance, the platform can be easily scaled using Kubernetes' autoscaling capabilities.
- CI/CD: GitLab's CI/CD pipelines make it easy for developers to build and push container images to any registry, including the GitLab image registry associated with projects within the platform. Security scanners and controls enable users to detect, manage, and help remediate vulnerabilities in containers and infrastructure as code.
- Kubernetes Deployment and Monitoring: GitLab helps simplify deployment and monitoring of Kubernetes by allowing users to manage code, configuration, and infrastructure directly in GitLab projects.
VMblog: Are companies going all in for the cloud? Or do you see a return back to on-premises? Are there roadblocks in place keeping companies from going all cloud? And if so, what are they, and how do they address that challenge?
Helfand: In GitLab's 2024 Global DevSecOps Report, respondents reported that cloud computing is a top 5 IT investment priority. The report also revealed a significant decrease year over year in the number of respondents who said they are running less than half of their apps in the cloud (68% in 2023 to 43% in 2024).
This data shows that organizations value moving toward the cloud, but on-premise workloads will remain a priority. Companies will likely support workloads using a hybrid cloud approach for the foreseeable future. This approach helps address concerns around security, compliance, and cost savings.
To help organizations across industries make the best decision to fit their needs, the community can continue to share use case stories for the different cloud strategies - public cloud and hybrid. KubeCon is a great example of how we can continue to show the benefits of the cloud and support organizations wherever they are in their journey.
VMblog: The keynote stage will be covering a number of big topics, but what big changes or trends does your company see taking shape for 2025?
Helfand: Over the next year, we will continue to see organizations using or planning to use AI in the software development lifecycle (SDLC). GitLab's 2024 Global DevSecOps Report shows that 39% of DevSecOps professionals reported their organization is using or planning to use AI in software development workflows. The survey also reveals that DevSecOps professionals are looking for AI to assist with more specific use cases, such as forecasting productivity numbers and anomalies across the SDLC, resolving security vulnerabilities, implementing code review suggestions, and fixing CI/CD pipelines. As use cases around AI become clearer in software development, we foresee increased adoption of generative AI to help improve developer productivity.
VMblog: Is your company sponsoring any type of party or get together during the event that you'd like to notify attendees about?
Helfand: GitLab, Google Cloud, and Sysdig will be hosting a party to celebrate the graduation of the Falco project's graduation as a CNCF project. The party will be at Keys on Main on November 12th from 6:30-10 pm. Attendees will receive two drink tickets and be able to request songs and listen to piano music from 7:30-9:30 pm. There will also be a photo booth with a themed green screen for attendees to take pictures to remember their experiences at KubeCon. To register for the event, fill out the form on the Sysdig website.
VMblog: Do you have any advice for attendees of the show?
Helfand: KubeCon is a great event that brings together incredible community members and organizations. The best advice I can give is to take advantage of being around such great minds and ideas. Attend as many talks as possible and have conversations with all the talented people within the community.
If you have the time, I recommend creating a trip report so that people within your organization, school, or community can see the conference through your eyes. I always enjoy creating these reports because they allow me to reflect on everything I have learned and help me begin turning ideas into action.
