Critical Capabilities for DevOps Platforms

22 September 2025 - ID G00822726 - 34 min read
By Thomas Murphy, Keith Mann,  and 2 more
Teams use DevOps platforms to deliver value faster and reduce toolchain maintenance effort. GenAI promises more productivity across the SDLC, but this is hard to achieve. Software engineering leaders should use this research to assess how well DevOps platforms support these goals for their use cases.

Overview

Key Findings

  • Starting with Gartner’s DevSecOps platform reference architecture provides a strong baseline to evaluate user needs and vendor abilities.
  • A core theme of DevOps platforms is reduction in toil, and agentic AI will be the point of change during the year.
  • While GenAI dominates vendor roadmaps, parallel investments continue in supply chain security, GitOps workflows and developer experience enhancements, with varied emphasis across vendors.
  • Organizations must balance single integrated solutions against core workflow integration approaches, as each presents specific implementation challenges.

Recommendations

  • Select a best-fit DevOps platform by identifying your key use cases and selecting a platform that natively supports as many of these needs as possible.
  • Elevate the experience of all product team members—not just developers—to foster collaborative flow and minimize context switching by driving toward a unified platform experience.
  • Prioritize support for generative AI (GenAI) across the software development life cycle (SDLC) to maximize value, despite evolving ROI and adoption rates.
  • Mandate robust integration capabilities with specialized tools and open-source software (OSS), recognizing that no single vendor solution addresses all functional requirements.

Strategic Planning Assumption

By 2028, agent-based workflows and interoperability models like Model Context Protocol (MCP) will reshape and enable a new model of workflow extending beyond the current continuous integration/continuous delivery (CI/CD) model to incorporate cross-SDLC automation.

What You Need to Know

DevOps continues to be a driving force within software engineering. DevOps remains a highly important skill; 51% of software engineering leaders who responded to the Gartner Software Engineering Survey for 2025 regarded it as highly important to deliver software that meets business needs.1 This research enables buyers of DevOps platforms to view the ability of 10 vendors to support 11 critical capabilities across six common use cases. Buyers can also view vendor rankings for each use case to help formulate lists of vendors that, based on Gartner assessments and custom weightings, are well-suited to address their specific use cases.
Software engineering leaders should expect to see vendors:
  • Continue heavy focus on GenAI and in particular, a focus on agentic workflows.
  • Continue to make acquisitions and create partnerships to fill gaps.
  • Increase complexity of pricing models as consumption and agent-based models emerge, as well as institute bring-your-own-key support for multimodal AI.
  • Release new role and functional capabilities, as well as pricing for them, as AI expands from being delivered mainly via AI code assistants.
Our vendor evaluation encompasses all functional areas of the DevOps process: plan, code, build and test (the “inner loop”), alongside release, deploy, operate and monitor (the “outer loop”). Vendors typically expand from one loop to the other, striving for comprehensive solutions.
Currently, no vendor offers a complete solution, as evaluated against Gartner’s DevSecOps reference model (see Reference Architecture Brief: DevSecOps Platform). While offerings have improved, raising scores since our last report, challenges remain:
  • Transitioning from existing investments is tough, due to inertia and insufficient migration tools.
  • Large organizations grapple with complexities from diverse user bases (including engineering and nonengineering roles).
  • While a platform approach may be preferable, many organizations use breakpoints between plan, build/validate, and deploy to mix platforms, because the disparate roles complicate the cost/value equation from platform-priced offerings.
Organizations relying on OSS solutions and self-integrated tool chains face costs of integration and maintenance as well as collaboration challenges; the resulting siloed insights limit GenAI’s potential. Balancing new tool adoption with integrated experiences is vital for enhancing productivity and business value. Our updated DevSecOps reference model underscores this balance, emphasizing detailed data and consistent capabilities across use cases.
We are experiencing increased amounts of questions around MLOps as organizations seek to build AI functionality into their products, but there are mixed results with the vendors. Many platforms can deploy to a variety of models, and dealing with analytic code is certainly no issue, but there is limited support for managing versions of models, creating training data and performing other operations.

Analysis

Critical Capabilities Use-Case Graphics

Vendors’ Product Scores for Agile Software Delivery Use Case
Vendors’ Product Scores for the Agile Software Delivery use case, based on a 1 to 5 score. GitLab scores highest in this use case.
Vendors’ Product Scores for Cloud-Native Application Delivery Use Case
Vendors’ Product Scores for the Cloud-Native Application Delivery use case, based on a 1 to 5 score. GitLab scores highest in this use case.
Vendors’ Product Scores for Mobile Application Delivery Use Case
Vendors’ Product Scores for the Mobile Application Delivery use case, based on a 1 to 5 score. Microsoft scores highest in this use case.
Vendors’ Product Scores for Platform Engineering Use Case
Vendors’ Product Scores for the Platform Engineering use case, based on a 1 to 5 score. GitLab scores highest in this use case.
Vendors’ Product Scores for MLOps Use Case
Vendors’ Product Scores for the MLOps use case, based on a 1 to 5 score. Microsoft scores highest in this use case.
Vendors’ Product Scores for Regulated Delivery Use Case
Vendors’ Product Scores for the Regulated Delivery use case, based on a 1 to 5 score. GitLab scores highest in this use case.

Vendors

Atlassian
Atlassian offers Bitbucket, Confluence, Jira, and Jira Service Management, which can be deployed as Cloud or Data Center editions.
Atlassian’s platform includes:
  • Extensive platform integration capabilities
  • Internal developer portal (IDP) through Compass
  • Enterprise agile delivery tools
  • Independent pricing model for diverse roles
Since 2024, Atlassian has added:
  • Rovo, a set of generative AI features that includes chat, search and agents, enabling easy search across Jira, Confluence and Bitbucket to understand work in progress, optimize task assignments and support autoreview of changes. Rovo is included in Cloud editions, but a “connector” enables use with Data Center.
  • Increased platform scale and compliance for the cloud on all products, supporting an increased number of users, as well as other performance enhancements, six new cloud regions and FedRAMP status.
Atlassian is consistently strong across all use cases except MLOps, where it still meets basic needs but lacks some of the abilities to version models and data that others provide. Its approach to IDP (Compass) varies from others who are building on the open-source Backstage platform, but it utilizes the broad knowledge graph of data contained in Confluence and Jira. Utilizing this knowledge graph, Rovo has a foundation to enable cross-SDLC workflow automation.
However, Atlassian lags competitors in terms of developer tooling, such as an integrated development environment (IDE), package management and security tools. The incorporation of multiple components can significantly increase implementation costs. These limitations also currently impact our client conversations on GenAI, which generally focus on the code/test loop.
Buildkite
Buildkite offers Pipelines, Test Engine, and Package Registries, which can be deployed with a hybrid approach or as a fully hosted offering.
Buildkite includes:
  • High-performance CI/CD pipelines integrated into complete platforms or best-of-breed components
  • Integration with Git repositories and Slack
  • Test Engine for insights into test performance and issue detection
Since 2024, Buildkite has added:
  • Buildkite Package Registries, providing universal package management and securing the supply chain
  • A new fully hosted offering, offering a fast path to use without managing self-hosted agents
  • Support for AI/ML workflows, operationalizing AI/ML at scale and managing model delivery
  • Buildkite Mobile Delivery Cloud, optimized for mobile app delivery with high-performance hosted compute
Buildkite’s strongest use cases are cloud-native and mobile delivery, as well as MLOps. In particular, its hybrid architecture, flexibility and extensibility differentiate it from competitors.
However, Buildkite lags competitors because of its focus on CI/CD, giving it gaps that lowers its scores as a platform. The lack of embedded GenAI capabilities and documentation that often lags product changes are areas for improvement. User satisfaction varies based on familiarity with Docker, YAML and Bash, and the hybrid user-managed infrastructure requires significant operational overhead.
Potential users should watch for feedback on the performance of the new fully hosted offering and balance the ease of fully hosted versus hybrid infrastructure. Despite these challenges, Buildkite remains a suitable tool for organizations focused on high-performance CI/CD workflows.
CircleCI
CircleCI offers a unified platform solution supporting CI/CD and core pipeline metrics. It is available as hosted SaaS, hybrid combining a hosted control plane with a self-hosted runner, or fully on-premises (this edition only supports all GitHub variants).
CircleCI includes:
  • High-performance CI/CD capabilities
  • Support for GitHub, GitLab, and Bitbucket, including cross-repository support in a single project
  • Support for MLOps, particularly with Amazon SageMaker
  • Orbs, which are reusable build components created by CircleCI and third parties
  • Prebuilt Docker images for various technologies
Since 2024, CircleCI has added:
  • M2 Pro resource class for high-performance Mac resources
  • An updated project model that supports cross-repository pipelines
  • Single sign-on for GitHub, GitLab and Bitbucket Cloud organizations
  • User group management and OpenID Connect (OIDC) support for enhanced security
  • The ability to orchestrate evaluations of LLM-enabled applications
  • General orchestration for runners and runner spot instance support
  • Release orchestration support for monitoring, progressive deployments and automatic rollbacks
  • CircleCI deploys, a release agent for visualization and control for deployments over K8S clusters and SageMaker services
CircleCI’s strongest capabilities are mobile- and cloud-native application delivery. In particular, its AI integration for recommendations and debugging, along with enhancements to its intelligence platform for cost optimization and test execution, differentiate it from competitors.
However, CircleCI lags competitors in terms of agile delivery support, with limited capabilities for planning and collaborative development. The pricing model based on build minutes and resource class consumption can become expensive for high-usage scenarios, and some users have reported occasional performance variability.
CircleCI provides a comprehensive CI/CD platform that needs to be paired with another DevOps platform or best-in-class tools to be a complete solution. Despite these challenges, CircleCI remains a powerful and flexible solution for organizations seeking a core CI/CD platform to integrate and automate workflows.
CloudBees
CloudBees offers two pathways within its DevOps platform: one for cloud-native Kubernetes-style applications using Tekton, and another designed around traditional applications using Jenkins, which utilizes a single governance and analytics control plane. The platform is available as SaaS, self-managed cloud or on-premises formats.
CloudBees includes:
  • Tekton-based CI/CD system for cloud-native applications that includes feature management, AI-driven smart tests, and DevOps analytics
  • Jenkins integration for traditional applications
  • Release orchestration
  • Extensive compliance framework support, including CIS, CSA, FedRAMP, PCI, GDPR, NIST and HIPAA
Since 2024, CloudBees has added:
  • Continued development of the platform designed to address DevSecOps, supportingJenkins-integrated workflows for a seamless experience together with its Tekton container native pipeline
  • A new domain-specific language (DSL) for workflows that is based on the GitHub Actions DSL, so that Jenkins can interact with Actions
  • AI-driven Smart Tests that leverage the acquisition of Launchable, providing support for AI-powered test analytics such as flaky tests and test efficacy
CloudBees’ strongest use case is cloud-native application delivery. In particular, its dual-pathway approach, robust compliance support and native feature toggles differentiate it from competitors.
However, CloudBees lags competitors in terms of agile delivery and platform engineering, lacking agile planning and development tools. It was not evaluated for MLOps, due to the lack of support for managing models. Users transitioning from Jenkins-based CloudBees CI need to build new scripts, although existing Jenkins can be wrapped into an action for continuity.
Despite these challenges, CloudBees remains highly rated for scale, compliance and metrics capabilities, making it a strong choice for organizations focused on modern container-based deployments and hybrid environments.
GitLab
GitLab offers its DevSecOps platform in two editions: Premium and Ultimate, available as cloud-based or self-hosted solutions, with a new single-tenant managed service.
GitLab includes:
  • A comprehensive, integrated toolset for all use cases
  • Robust planning tools and extensive security features
  • Package management and feature flags
  • Comprehensive metrics capabilities for value stream management
Since 2024, GitLab has added:
  • GitLab Duo Pro, Chat, Enterprise and Self-Hosted, enhancing AI-powered code completion, natural language interfaces, and secure AI-driven workflows across the software development life cycle
  • GitLab Duo with Amazon Q integrated offering, providing AI-powered developer experiences with Amazon Q
  • Acquisition of Oxeye to advance application security and governance capabilities
  • FedRAMP Moderate certification for GitLab Dedicated for Government
  • GitLab AI Transparency Center, offering resources on AI ethics and features
  • Expanded integrations with Google Cloud for faster, more secure software delivery
  • GitLab for Startups program, offering free and discounted access to GitLab Ultimate
  • Additional security enhancements, including custom roles, expanded policies and improved scanner accuracy
GitLab’s strongest use case is cloud-native delivery and it scores highly across all use cases. In particular, its comprehensive nature, rapid feature delivery and AI integration differentiate it from competitors.
However, users report that GitLab can be light on documentation, especially for newer components, as it races to maintain functional advantages. The continued absence of a marketplace poses limitations, although third-party integrations are improving.
Despite these challenges, GitLab remains a strong choice for organizations seeking a comprehensive DevSecOps platform with a focus on continuous innovation and community-driven enhancements.
Harness
Harness offers a DevOps platform available in Startup and Enterprise editions (as well as open source), deployable as SaaS or self-managed using Kubernetes clusters.
Harness includes:
  • A code repository, CI/CD, feature flags, artifact registry, chaos engineering, infrastructure-as-code management and database DevOps
  • An IDP and extensive reporting, including engineering metrics and cost management
  • Harness AI, a contextually powered AI capability with agentic interfaces
Since 2024, Harness has added:
  • Acquisition of Armory assets, enhancing cloud-native capabilities across the product delivery life cycle
  • Acquisition of Split Software, significantly enhancing feature management and experimentation capabilities
  • Multiagent AI architecture with AI DevOps Agent, AI Code Agent and AI Test Automation, which are embedded into the platform to accelerate development
  • Enhanced cloud cost management with governance tools for optimizing cloud spend and enforcing compliance
  • New platform engineering services in partnership with AHEAD
  • Ongoing development of key modules like the Harness Code Repository and IDP, focusing on workflow orchestration and user interface improvements
Harness’ strongest use case is cloud-native application delivery. In particular, its integration with leading planning and development tools, as well as its strategic acquisitions and AI-driven enhancements, differentiate it from competitors.
Some users report that certain features aren’t always fully developed before release, and long-term users have experienced disruptive upgrades. The platform excels in maintaining a unified user experience, despite growing its functionality organically and through acquisitions.
Harness remains a strong choice for organizations seeking a flexible DevOps platform with a comprehensive set of features.
Huawei
Huawei offers CodeArts, part of a broad set of tools from the Chinese hyperscaler that includes requirements management, agile planning, source management and CI/CD. It has been primarily adopted in Asia, with a growing global presence, including South Africa, Latin America and Europe. CodeArts is primarily available as SaaS hosted on the Huawei cloud, with components for CI/CD that integrate with on-premises resources.
CodeArts includes:
  • Agile development planning and collaboration
  • Distributed code management and CI/CD pipelines, including cloud-native GitOps and artifact life cycle management
  • Static and security checks for multiple programming languages
  • Management of test activities, as well as performance testing
  • Monitoring and managing of production software performance
  • Metric insights to improve development efficiency
Since 2024, Huawei has added:
  • Open-source software governance, enhancing security and compliance control within CodeArts Governance.
  • CodeArts Doer, a smart assistant for R&D engineers that autogenerates code and tests based on developer instructions
CodeArts’ strongest use cases are platform engineering and mobile application delivery. In particular, its broad set of integrations and support for Huawei R&D best practices differentiate it from competitors.
However, CodeArts lags in MLOps capabilities. While it integrates well with other DevOps products and supports a wide range of languages and frameworks, the lack of specific MLOps features impacts its performance in this area.
Despite these challenges, CodeArts remains a comprehensive DevSecOps platform, offering a full-life-cycle solution with a focus on security and reliability.
JetBrains
JetBrains offers TeamCity, YouTrack and several IDEs, which can be deployed as self-hosted on various hardware or on JetBrains’ hosted cloud.
JetBrains’ DevOps offerings include:
  • Agile project management
  • Core CI/CD pipelines
  • IDE offerings
  • AI assistant and GenAI integrations
Since 2024, JetBrains has added:
  • AI assistant and GenAI capabilities integrated into IDEs and YouTrack, reducing context switching and enhancing developer experience
  • Qodana, a static code analysis facility available as both stand-alone and included in TeamCity. It provides quick fixes based on known patterns and builds on JetBrains’ IDE history in code analysis.
Jetbrains strongest use case is Agile Delivery with TeamCity and YouTrack and a broad set of IDE offerings providing Agile planning, development and strong tools for creating and managing CI/CD pipelines. In particular, the integration of AI capabilities with YouTrack to aid in creating and summarizing work items is a spot that many vendors miss. The addition of Qodana static code analysis to CI pipelines differentiates JetBrains by identifying issues in source and providing potential fixes.
However, JetBrains lags competitors in terms of a cohesive user experience. The limited presence of YouTrack and the end of support for Space in May 2025 highlight challenges in product integration and vision clarity. The lack of built-in security features and broader DevOps functions also contribute to its lower scores. Despite these challenges, JetBrains maintains a strong presence in IDEs, though with mixed results in user experience.
JetBrains continues to be a good choice for organizations using the company’s IDEs with a general focus on developer productivity and CI/CD that works well across varied source code management (SCM) platforms, as well as a strong visual pipeline model.
Microsoft
Microsoft’s DevOps offering centers on GitHub Enterprise (with access to Azure DevOps Basic). Microsoft also provides complementary tools, including Visual Studio for development and Azure services like Azure Monitor and Azure Load Testing. Both GitHub and Azure DevOps are available as SaaS or on-premises.
Microsoft includes:
  • GitHub Enterprise as the core collaborative platform, offering source management, CI/CD, secure supply chain support, and GitHub Copilot AI code assistant.
  • Visual Studio products for development, including VS Code.
  • Azure DevOps with Agile planning, test management, and services spanning testing and MLOps.
Since 2024, Microsoft has added:
  • Native model evaluation and experimentation in GitHub and VS Code.
  • Access to Azure AI models via GitHub Marketplace for generative AI apps and APIs.
  • GitHub Copilot for Azure, integrating AI features into the Azure environment.
  • Enhanced Azure Boards and GitHub integration, including commit-to-work item linking and branch creation from work items.
  • GitHub Advanced Security for Azure DevOps (GHAzDO), adding secret and code scanning.
  • Expanded security with Copilot Autofix for AI-powered fixes and security campaigns for vulnerability management.
  • Improved YAML pipeline checks, adding approval sequencing, deferred approvals, and stage traceability.
Microsoft’s strengths are agile, mobile and regulated delivery, with MLOps as its standout use case. Its robust team and developer capabilities, extensive hosted runners for mobile DevOps, and GitHub Copilot adoption set it apart.
However, Microsoft trails in cloud-native delivery and platform engineering, lacking native progressive release support and an integrated IDP. GitHub’s innovation pace has slowed, with limited cross-SDLC capabilities, though broader investments—such as Playwright and Copilot integration—are emerging.
Despite these challenges, Microsoft remains a strong choice for organizations seeking a comprehensive DevOps platform focused on agile and MLOps delivery.
Octopus
Octopus offers a comprehensive DevOps platform featuring Octopus Deploy and Codefresh, available as cloud-based or on-premises solutions.
Octopus includes:
  • Octopus Deploy, a deployment automation tool for managing application deployments across various environments, supporting complex scenarios like rolling, blue-green, and canary deployments.
  • Codefresh, a CI/CD platform designed for cloud-native applications, with GitOps as its central paradigm.
  • A release management function that facilitates automated runbooks for application operations and environment progression.
  • Deployment orchestration that efficiently orchestrates software delivery across multicloud, Kubernetes, data centers and hybrid environments.
  • Infrastructure management, which supports tenanted deployments and configuration as code.
  • Governance, risk and compliance (GRC) features that enable enterprise compliance and observability.
Since 2024, Octopus has added:
  • New features for Kubernetes CD at scale, including a Kubernetes agent and external feed triggers for container images and Helm
  • Octopus extension for GitHub Copilot, which integrates with GitHub Copilot Chat for enhanced developer efficiency
  • Acquisition of CodeFresh, strengthening Kubernetes support and unifying CD, CI, and GitOps into one platform
Octopus’ strongest abilities are supporting complex deployment scenarios and platform engineering. The addition of Codefresh adds support for CI and its use of Argo CD begins to extend the overall platform story beyond the original deployment-centric view of Octopus Deploy.
However, Octopus may require additional configuration for certain tool integrations, and the initial setup can be complex. More work needs to be done to weave the Octopus Deploy and Codefresh functionalities together and there are many gaps within the broader DevOps platforms.
Despite these challenges, Octopus remains a viable choice for organizations seeking a comprehensive deployment solution with robust support for modern DevOps practices.

Context

The DevOps platform market is evolving, merging technologies across the software development life cycle into cohesive platforms. These platforms streamline CI/CD processes, enhancing build, test and deployment orchestration while minimizing the need for disparate integrations.
This report complements the Magic Quadrant for DevOps Platforms, focusing on six use cases and 11 critical capabilities. Unlike the Magic Quadrant, this research emphasizes product functionality, not vision or execution, and excludes company performance indicators like customer and partner metrics.
Key vendor gaps persist within this market despite solid core offerings, necessitating partner components. Over 18 months, themes like GenAI and developer experience have dominated and will continue to do so, alongside demands for metrics and integrated security. While the use cases and capabilities in this research remain the same as last year, we gathered more detailed information about them through our Reference Architecture Brief: DevSecOps Platform.
Software engineering leaders should leverage this research for informed product selection, aligning with organizational priorities.
Most tools score Fair to Good, but some excel. Change is rapid, driven by both organic growth and acquisitions, which are slow to integrate due to the need for unified user experiences and scripting models. However, many users still rely on OSS solutions and self-integrated tool chains, which hampers collaboration and limits GenAI gains due to siloed insights. Balancing new tool adoption with integrated experiences is crucial for maximizing productivity and business value.

Market Definition

Gartner defines DevOps platforms as those that provide fully integrated and orchestrated capabilities to enable continuous delivery of software using agile and DevOps practices. The capabilities span the development and delivery life cycle built around the continuous integration/continuous delivery (CI/CD) pipeline, including planning, creation, artifact management, security, quality engineering, change management, compliance, environment management, deployment and monitoring. DevOps platforms support team collaboration, consistency, tool simplification and measurement of software delivery metrics. They are delivered primarily as cloud-hosted services with some options for on-premises deployment.
DevOps platforms simplify the creation, maintenance and management of the components required for the delivery of various types of modern software. Platforms create common workflows and data models, simplify user access, provide production-like development and test environments, and provide a consistent user experience (UX) to reduce cognitive load. They lead to improved visibility, auditability and traceability for the software delivery value stream. This end-to-end view encourages a systems-thinking mindset and accelerates feedback loops.
Organizations use DevOps platforms to minimize tool friction resulting from complex toolchains, manual handoffs and lack of consistent visibility throughout the software development life cycle (SDLC). This enables product teams to deliver faster customer value without compromising quality. The DevOps platforms market reflects the consolidation of technologies across development, security, infrastructure and operations to streamline software delivery.
DevOps platforms support multiple use cases, including, but not limited to:
  • Agile software delivery — Operationalize agile development practices.
  • Cloud-native application delivery — Build and deliver cloud-native applications across hybrid and multicloud environments.
  • GitOps — Support the operation of applications using declarative constructs stored in Git in a closed-loop, automated system.
  • MLOps — Provide support for the management of machine learning (ML) models including versioning and feedback loops.
  • Platform engineering — Provide self-service, internal developer platforms to scale DevOps and software engineering practices.
  • Regulated delivery — Support for compliance, auditing, traceability and governance.

Mandatory Features

  • Continuous integration via native support for build automation and the orchestration of verification and validation functions such as test automation, security scans and compliance scans
  • Continuous delivery and release orchestration including both ungated continuous deployment and release orchestration with gated approval mechanisms (e.g., to meet regulatory requirements)
  • Delivery of web applications including, but not limited to, containerized applications

Common Features

  • Product management and insights:
    • Agile planning, including product planning, managing features and defects, roadmapping, backlog management, Kanban and Scrum
    • Feature management, including feature flag management and experimentation
    • Software engineering intelligence (SEI), including value stream analytics, flow metrics, DORA metrics, developer productivity metrics (SPACE framework support), developer experience metrics (DevEx framework support)
  • Development support:
    • Integrated development environments (IDEs)
    • Unit testing framework support
    • Code review facilitation
    • Package management
    • Static code analysis
    • Internal developer portal
  • Artifact management:
    • Source code repository
    • Artifact repository
    • Container registry
    • Software bill of materials (SBOM) support
  • Quality engineering:
    • Performance testing, chaos testing, fuzz testing, and automated acceptance testing
    • Test case management
    • Code coverage analysis
    • Test platform support
    • Test data management
    • Test suite optimization
  • Change management:
    • Release management
    • Policy management
  • Environment provisioning and management:
    • Cloud platform environment provisioning and management
    • Infrastructure provisioning
    • Configuration management
    • Configuration drift detection
    • Infrastructure as code
  • Application monitoring and observability:
    • Collection of production telemetry (e.g., logs, metrics, events, traces)
    • Automated incident response support
    • Customer feedback collection
  • Team collaboration:
    • Visualization of development workflows
    • Knowledge base
    • Communication via messaging/chat
  • Orchestration of security functions:
    • Threat modeling
    • Security requirements
    • Secure coding practices
    • Software supply chain security
    • Security testing
    • Web application and API protection
    • Runtime application security
  • AI augmentation:
    • AI-assisted and AI-powered continuous integration and deployment
    • Process optimization
    • Analysis of SEI and telemetry data

Product/Service Trends

The core functions of DevOps platforms span the entire SDLC and include product planning, version control, continuous integration, test automation, continuous deployment and release orchestration. The move toward agentic AI will increase the value of integrated support for monitoring and observability. Core to the platform is support for the culture of collaboration used in agile and DevOps practices, and ensuring consistency and security via automated workflows and checkpoints.
DevOps platforms serve multiple user needs, including:
  • Product owners, product managers and project managers
  • Software engineers, quality engineers and software engineering leaders
  • Security engineers who are building or supporting a DevSecOps pipeline
  • Platform engineers
  • Release managers and release engineers
  • Site reliability engineers and infrastructure and operations engineers and leaders

Critical Capabilities Definition

DevX
Encompasses the environment and tools for organizing work, writing and reviewing code, and managing that code, along with any facilities that aid with these processes, such as cloud development environments, GenAI and wikis.
Continuous Integration
Provides native support for continuously building code and orchestrating verification and validation functions (including test automation, security and compliance scans).
Continuous Delivery/ARO
Provides continuous delivery that enables teams to build critical software quickly, while ensuring the software can be released reliably at any time.
Dependable, low-risk releases through application release orchestration (ARO) allow continuous adaptation of the software to incorporate user feedback, market shifts and business strategy changes. This approach requires the engineering discipline to facilitate complete automation of the software delivery pipeline.
Environment Management
Supports creating, maintaining and using environments, including cloud development environments (CDEs), test environments and cloud-hosted pipelines, which provide standardization of libraries and tools and the ability to control settings and access.
Pipelines are a foundation of DevOps platforms, and CDEs are newer and a key component of DevX.
Software Delivery Metrics
Provides value stream metrics to measure the flow of work, as well as the flow of value, across the complete software delivery value stream (e.g., SPACE or DORA metrics).
Secure Delivery
Supports orchestration of security functions as an integral part of the software development life cycle.
IDP
Enables self-service discovery, automation and access to reusable components, tools, platform services and knowledge assets in modern software development environments.
MLOps
Aims to streamline end-to-end ML model development, testing, validation, deployment and instantiation, supporting release, activation, monitoring, experimentation, performance tracking, management, reuse, updating, maintenance, version control, risk and compliance management, and governance.
Integrations
Supports the ability to integrate. Basic levels of integration are webhooks and APIs, whereas more complete solutions include specific UI and workflow integrations and may include catalogs and marketplaces.
Compliance
Supports standards (e.g., SOC 2, PCI, HIPAA), including the ability to aid in measuring compliance of software moving through the pipeline and the ability to support traceability via integration or facilities for requirements and test management, security metrics and signed builds.
Scale
Supports scale that can come in many forms, such as knowledge management, parallel builds, reporting and the ability to support large user bases.

Use Cases

Agile Software Delivery
Support agile planning, collaborative development and CI practices, while also covering the inner loop of planning, source management, code development/review and CI.
Cloud-Native Application Delivery
Support containers, package management, and push or pull deployment.
Much of the DevOps world is oriented to web applications and delivery to cloud-based server infrastructure.
Mobile Application Delivery
Build and deliver native mobile applications.
The key function is supporting hosted macOS builders and environments for OS versions and tools, and integrating with mobile device clouds and test frameworks. An additional ability includes delivering applications to test users.
Platform Engineering
Build and operate self-service developer platforms for software development and delivery.
A platform is a layer of tools, automations and information maintained as products by a dedicated platform team, designed to support software developers or other engineers by abstracting underlying complexity. The goal of platform engineering is to optimize the developer experience and accelerate the delivery of customer value.
MLOps
Streamline the end-to-end development, testing, validation, deployment and instantiation of ML models.
Support includes release, activation, monitoring, experimentation and performance tracking, management, reuse, updating, maintenance, version control, risk and compliance management, and governance of ML models.
Regulated Delivery
Support regulatory compliance, including auditing, traceability, governance and strong native security functionality, at the source and binary level.
Environment management and platform engineering support are emerging components for reducing challenges with contracted development.

Vendors Added and Dropped

Added

  • Huawei expanded its geographic reach to meet the inclusion criteria for this research.
  • Octopus acquired Codefresh, adding the ability for CI to their prior CD support.

Dropped

  • Amazon Web Services: Ended ongoing development to several DevOps components and is focused on helping users utilize AWS services, rather than general DevOps.
  • JFrog: Dropped support for its CI functionality and emphasizes its focus on a secure supply chain.
  • Red Hat: Has refocused on OpenShift and Ansible from an application platform perspective.

Inclusion and Exclusion Criteria

DevOps platform vendors included in this Critical Capabilities research met the following criteria as of 1 January 2025.

Market Participation Inclusion Criteria

To be considered a participant in the market, the vendor must:
  • Provide a dedicated, generally available (GA) DevOps platform as of 1 January 2025. GA means the product or service is available on a public-facing price sheet/card for purchase directly by clients. The vendor must be able to furnish the link to a pricing page for their DevOps platform.
  • Sell the solution directly to paying customers without requiring them to engage in professional services. The vendor must provide at least first-line support for these capabilities, including the use of bundled open-source software. This includes, but is not limited to, comprehensive product documentation, installation guidance (e.g., build runners, Kubernetes cluster setup) and reference examples (e.g., in the case of pipelines as code).
  • Demonstrate an active product roadmap, go-to-market and selling strategy for the solution.
  • Have phone, email and web customer support. The vendor must offer a contract, console/portal, technical documentation and customer support in English (either as the product’s default language or as an optional localization).
  • Have at least 10% of their paying customers in each of two of the three following geographic regions:
    • U.S. and Canada
    • Europe (including the U.K. and Ireland)
    • Asia/Pacific

Platform Capabilities Inclusion Criteria

The DevOps platforms must offer native support for the following standard capabilities as described in the market definition:
  1. Continuous integration — native support for continuously building code and orchestrating verification and validation functions (test automation, security and compliance scans)
  2. Continuous delivery and release orchestration — continuous deployment (no gates), as well as gated approval mechanisms (e.g., to meet regulatory requirements or organizations transitioning from ITIL)
  3. Integrated solution for secure development, team collaboration and visualization of development workflows, with a unified dashboard across multiple user personas
  4. Value stream metrics to measure the flow of work, as well as the flow of value across the complete software delivery value stream (e.g., flow metrics, DORA metrics2)
  5. Secure software delivery — support for orchestrating security functions as an integral part of the software development life cycle

Performance Inclusion Criteria

The vendor is required to meet only one of the following financial performance criteria (reported in U.S. dollars). The default accounting standard is generally accepted accounting principles (GAAP):
  • The DevOps platform offering must have generated at least $60 million in annual GAAP revenue during the 12 calendar months before January 2024. The DevOps platform must have at least 200 paying, production (non-beta-test) customers (excluding sales to managed service providers), with at least 75 seats per customer on average utilizing the must-have functionality (CI/CD).
  • The DevOps platform offering must have generated a minimum of $15 million in annual revenue and gained 35 net-new customers in the calendar year 2023 when compared to the calendar year 2022 utilizing the must-have functionality (CI/CD).
In addition, the vendor must rank among the top 20 organizations in the Customer Interest Indicator defined by Gartner for this report. The Customer Interest Indicator for this Magic Quadrant was calculated using a balanced set of measures, including:
  • Gartner customer search, inquiry volume or pricing requests
  • Frequency of mentions as a competitor to other vendors in the report in reviews for similar use cases on Gartner’s Peer Insights forum as of 1 January 2025
  • Scores and frequency of mentions, as measured in Gartner Peer Insights
  • Significant innovations in the market, as noted by major publications, product enhancements or introductions, or industry awards
  • Other significant developments in corporate posture (e.g., M&A activity)
  • The volume of job listings that specify the DevOps platform on a range of employment websites in the Americas, Europe and APAC

Exclusion Criteria

Vendors were excluded from the analysis if:
  • The primary use case for the DevOps platform was the delivery of low-code applications, packaged business applications or SaaS-based applications (i.e., developing, extending, configuring or customizing applications such as Salesforce, Microsoft Dynamics 365, Oracle, SAP or ServiceNow).
  • The platform is only sold as part of custom software development or professional services engagements (e.g., professional services providers using a custom solution for their clients).

Weighting for Critical Capabilities in Use Cases

Critical CapabilitiesAgile Software DeliveryCloud-Native Application DeliveryMobile Application DeliveryPlatform EngineeringMLOpsRegulated Delivery
Continuous Integration
15%
20%
20%
5%
10%
5%
Continuous Delivery/ARO
10%
20%
20%
5%
5%
5%
Environment Management
5%
10%
10%
20%
15%
5%
DevX
25%
5%
15%
5%
5%
10%
Software Delivery Metrics
10%
5%
5%
0%
0%
5%
Secure Delivery
10%
10%
5%
5%
0%
20%
IDP
15%
10%
0%
30%
5%
10%
MLOps
0%
0%
0%
0%
60%
0%
Integrations
5%
10%
15%
20%
0%
10%
Compliance
5%
5%
5%
5%
0%
25%
Scale
0%
5%
5%
5%
0%
5%
As of 24 May 2025
Source: Gartner (September 2025)
This methodology requires analysts to identify the critical capabilities for a class of products/services. Each capability is then weighted in terms of its relative importance for specific product/service use cases.
Each of the products/services that meet our inclusion criteria has been evaluated on the critical capabilities on a scale from 1.0 to 5.0.

Critical Capabilities Rating

Product/Service Rating on Critical Capabilities

Critical CapabilitiesAtlassianBuildkiteCircleCICloudBeesGitLabHarnessHuaweiJetBrainsMicrosoftOctopus
Continuous Integration
4.5
4.0
4.5
3.7
4.5
4.5
4.5
3.5
4.5
3.7
Continuous Delivery/ARO
4.2
4.0
4.5
4.4
5.0
4.8
4.2
2.5
4.3
3.0
Environment Management
3.7
1.0
3.5
3.5
4.0
3.9
3.3
1.0
3.9
3.5
DevX
4.1
1.3
1.8
1.1
4.3
2.9
3.4
2.9
4.8
0.0
Software Delivery Metrics
5.0
0.0
1.2
2.1
5.0
4.0
3.9
2.6
4.0
1.4
Secure Delivery
3.3
1.8
2.6
1.9
4.5
4.0
3.8
1.1
4.0
1.3
IDP
4.0
0.0
2.9
1.5
4.5
4.7
3.5
1.3
3.0
0.0
MLOps
2.8
2.7
2.3
0.0
3.1
2.8
1.1
0.0
3.7
0.0
Integrations
5.0
2.0
3.0
3.3
4.0
3.8
5.0
2.3
5.0
3.3
Compliance
4.5
3.4
3.5
3.5
3.5
4.0
3.3
1.8
3.8
2.6
Scale
4.5
2.8
2.5
2.5
4.5
3.5
2.8
3.1
4.5
3.3
As of 24 May 2025
Source: Gartner (September 2025)
Table 3 shows the product/service scores for each use case. The scores, which are generated by multiplying the use-case weightings by the product/service ratings, summarize how well the critical capabilities are met for each use case.

Product Score in Use Cases

Use CasesAtlassianBuildkiteCircleCICloudBeesGitLabHarnessHuaweiJetBrainsMicrosoftOctopus
Agile Software Delivery
4.21
1.83
2.89
2.41
4.45
3.97
3.82
2.32
4.19
1.60
Cloud-Native Application Delivery
4.25
2.46
3.45
3.10
4.47
4.22
3.97
2.29
4.21
2.52
Mobile Application Delivery
4.34
2.60
3.36
3.13
4.42
4.03
4.02
2.51
4.44
2.62
Platform Engineering
4.20
1.47
3.14
2.67
4.27
4.14
3.81
1.80
3.98
2.06
MLOps
3.30
2.44
2.82
N/A
3.60
3.34
2.16
N/A
3.86
N/A
Regulated Delivery
4.19
2.13
2.98
2.66
4.21
3.98
3.71
1.96
4.09
1.99
As of 24 May 2025
Source: Gartner (September 2025)
To determine an overall score for each product/service in the use cases, multiply the ratings in Table 2 by the weightings shown in Table 1.

Evidence

As part of our analysis, we have collected information from Gartner Peer Insights, client inquiries and publicly available sources to supplement the information provided by participating vendors.
1 Gartner Software Engineering Survey for 2025. The survey was conducted to provide a comprehensive understanding of the current landscape in software engineering. It aims to identify the demand for various roles, essential skills and upskilling strategies within the software engineering organization. It explores the integration of AI in software engineering workflows, their leadership experiences and prior roles of the current leaders. It also assesses their budget expectations, team structures, organizational outcomes and priorities. The survey was conducted online from October through December 2024 among 400 respondents from the U.S. (n = 320) and U.K. (n = 80). Qualifying organizations operated in multiple industries (excluding the IT software industry involved in the development of commercial software and the education sector) and reported enterprisewide revenue for fiscal year 2023 of at least $250 million or equivalent. Qualified participants were highly involved in managing software engineering/application development teams and the activities they perform. Disclaimer: The results of this study do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
2 DevOps Research and Assessment, Google Cloud.

Critical Capabilities Methodology

This methodology requires analysts to identify the critical capabilities for a class of products or services. Each capability is then weighted in terms of its relative importance for specific product or service use cases. Next, products/services are rated in terms of how well they achieve each of the critical capabilities. A score that summarizes how well they meet the critical capabilities for each use case is then calculated for each product/service.
"Critical capabilities" are attributes that differentiate products/services in a class in terms of their quality and performance. Gartner recommends that users consider the set of critical capabilities as some of the most important criteria for acquisition decisions.
In defining the product/service category for evaluation, the analyst first identifies the leading uses for the products/services in this market. What needs are end-users looking to fulfill, when considering products/services in this market? Use cases should match common client deployment scenarios. These distinct client scenarios define the Use Cases.
The analyst then identifies the critical capabilities. These capabilities are generalized groups of features commonly required by this class of products/services. Each capability is assigned a level of importance in fulfilling that particular need; some sets of features are more important than others, depending on the use case being evaluated.
Each vendor’s product or service is evaluated in terms of how well it delivers each capability, on a five-point scale. These ratings are displayed side-by-side for all vendors, allowing easy comparisons between the different sets of features.
Ratings and summary scores range from 1.0 to 5.0:
1 = Poor or Absent: most or all defined requirements for a capability are not achieved
2 = Fair: some requirements are not achieved
3 = Good: meets requirements
4 = Excellent: meets or exceeds some requirements
5 = Outstanding: significantly exceeds requirements
To determine an overall score for each product in the use cases, the product ratings are multiplied by the weightings to come up with the product score in use cases.
The critical capabilities Gartner has selected do not represent all capabilities for any product; therefore, may not represent those most important for a specific use situation or business objective. Clients should use a critical capabilities analysis as one of several sources of input about a product before making a product/service decision.
More on This Topic
This is part of an in-depth collection of research. See the collection: