Harness takes aim at AI 'bottleneck' with DevSecOps agents
The vendor's new agentic features are included in products that already have a track record in AI-driven automation, as coding agents swamp software delivery pipelines.
BOSTON -- Harness.io showed live demos of its new DevSecOps AI platform, previewed features set to ship starting next week, and touted production adoption for its DevOps agent during a roadshow event here Tuesday.
The Harness AI platform became generally available Aug. 26. It consists of a knowledge graph based on its DevSecOps SaaS data on users' software delivery pipelines, a workflow orchestration layer and a set of AI agents for common tasks, such as DevOps pipeline building, site reliability engineering, application security and software testing. The platform breaks down tasks into single-step components and assigns a separate agent to each task. It also includes evaluation agents that ensure the quality of each agent's responses.
It's similar to the approach taken recently by infrastructure automation vendors such as Kubiya and System Initiative, and as with Kubiya, Harness says it has enterprise IT organizations running its agents in production. Specifically, 100 of its 1,000 enterprise customers use the company's DevOps agent for production pipeline building, according to Jyoti Bansal, CEO and co-founder of Harness, during an interview with Informa TechTarget at the Unscripted Boston event.
"It breaks down into a recursive agentic execution flow, and we are seeing great accuracy because of that," Bansal said. "Customers can build very complex pipelines, and that's the primary use case, editing and creating pipelines with the DevOps agent."
Other customers are using Harness AI agents to troubleshoot parts of the CI/CD process, such as build failures, he said, but declined to specify how many.
On Sept. 23, Harness will ship agentic workflows for release orchestration, internal developer portal management and FinOps. It will also update existing agentic workflows with fresh capabilities, such as a new architect mode for its DevOps agent that bakes in organization security, quality and compliance policies as it builds software delivery pipelines and AI verification and rollback, which analyzes observability data in real time to trigger software rollbacks. Next week, Harness will also introduce Autonomous Code Maintenance, which can perform version upgrades, clean up stale feature flags and automatically remediate code after continuous integration build failures and repeat the process until a build succeeds, a feature called AI Autofix. Finally, it will open up new modules in beta for AI/MLOps and AI security, according to Bansal.
All of the new AI agent features will be available as part of Harness DevSecOps modules without additional cost, except for high-scale users of its Autonomous Code Maintenance features, where the cost of coding tokens over a certain threshold would be passed on to users, Bansal said. Harness does not publicly disclose specific pricing numbers for its platform.
Harness co-founder and CEO Jyoti Bansal delivers a keynote presentation at the Unscripted roadshow event.
Harness AI focused on 'everything after code'
Other than customers in production with its agents, another distinction for Harness amid this year's AI agent gold rush is its focus on software delivery since its founding in 2017, which is among the major problems faced by IT organizations as AI-generated coding takes hold in software development. Market research from Google's DORA in October 2024 showed that the use of AI coding tools worsened software delivery.
"There's 25% more code coming out from engineers using AI, but there's a 7.2% decrease in delivery stability, and a 1.5% decrease in delivery throughput for the same teams," Bansal said during a keynote presentation Tuesday, citing the DORA report. "The delivery process is already bottlenecked -- it's the choke point on what's happening in software engineering, and it's going to get worse and worse."
Harness field CTO Nick Durkin demonstrated the ways the vendor's new platform can speed up software delivery tasks, such as manually building CI/CD pipelines using YAML templates, tracking down relevant metric and log data during release failures, addressing build failures, performing code modernization, conducting user acceptance tests and ensuring application security.
Organizations are trying to create templates with policy around them -- that's something [Harness] has been doing for quite some time.
Jim MercerAnalyst, IDC
Harness isn't alone in touting agentic cures for software development headaches -- GitLab also offers Duo AI agents in public beta for its DevSecOps platform, while JFrog partners with GitHub to market source code–to–production software supply chain delivery management and AI governance. Other vendors fold AI agents for software development into broader platforms, such as Atlassian and ServiceNow, along with every major cloud provider.
Jim Mercer, an analyst at IDC, said in an interview during the event that one key difference between Harness and its most technically similar competitor, GitLab, is that GitLab allows for user customization of AI agents.
"Harness's core strength has always been -- both to its benefit, and some might say to its detriment -- that it has somewhat of an opinionated way of doing things," Mercer said. "That's actually coming into vogue with the platform engineering movement, where organizations are trying to create templates with policy around them -- that's something [Harness] has been doing for quite some time."
IT pros cautiously assess AI agent platform
One roadshow attendee this week said that the Harness AI pitch was set apart by the fact that Harness collects data on all these workflows as part of its SaaS platform.
"Having that data repository in one centrally accessed graph layer is key to accuracy," said the application security engineer at a local financial services firm, who requested anonymity because company policies prohibit him from representing it in the press. "It's also providing a one-stop shop for DevSecOps and cloud management, which has great rewards, especially with staffing limitations, but also an element of risk -- it's hard to do everything right."
As a Traceable customer, the application security engineer's company evaluated Harness last year, but he said he would recommend that the company re-evaluate Harness AI. Bansal also founded Traceable, which merged with Harness this year.
The application security engineer also said he liked the fact that AI features are included with existing products rather than sold separately.
"AI can't be the product," he said. "It has to be a way to make your product better."
Customer panelists from large enterprises said during the event that they are still evaluating AI agents, but AI security and AI/MLOps seem like natural additions to a software delivery lifecycle (SDLC) platform they already use.
"[Given] the importance of responsible AI, I look at the SDLC and CI/CD specifically as a great enforcement point," said Chris Williams, head of DevSecOps at Takeda, a pharmaceutical manufacturing company headquartered in Tokyo, during a panel presentation. "If we can drive all of our product teams or platform teams into a common set of golden pipelines, then that gives us the ability to overlay policies to check and make sure that responsible AI frameworks are being invoked."
Other panelists said AI agents show promise for specific tasks such as modernizing "truly legacy systems," said Tori Currier, senior vice president and cloud technology program leader at Synchrony, a financial services firm in Stamford, Conn., during another panel presentation.
"The transition arc that we're trying to make when we talk about modernizing these applications is a really big swing," she said. "We're talking about .NET applications calling a mainframe, and now we want to take that to the cloud. … It's going to make that so much faster."
Harness DevOps sales engineer Alex Soto moderates a customer panel at Unscripted Boston featuring (from left) Chris Williams, Takeda; Drew Hall, Citizens Bank; Andrew Phillips, Progress Software.
Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.
