LoginSign Up
← Back to all sparks
D

Devin

DEVOPS
Velocity6.3

Devin's quarter is one long enterprise hardening push, headlined by stacked review permissions and network policy.

ai coding agententerprisesecuritygovernancemcppr review
Current state
Devin is Cognition's autonomous software engineer, and the last six weeks of releases are almost entirely about making the agent enterprise-deployable. Admins now get tiered PR Review access levels, network policies that constrain Devin's outbound traffic, IDP group management, repo-permission decoupling, SSO connection picking, sensitive-value toggles for secrets, and an enterprise commit-email lock for audit consistency. The pace of incremental UX work — blueprint editor revamp, theme selector, sidebar performance — continues alongside, but it's not the headline.
Where it's heading
Cognition is treating enterprise admin surface as the bottleneck rather than agent capability. The cadence reads like a team systematically working through a procurement checklist: identity (SSO, IDP groups), network (egress policies), data (sensitive secret masking), audit (commit email lock, PR digest), and governance (review permissions). MCP integrations and the remote MCP marketplace are growing in parallel as the connection layer to enterprise tooling.
Prediction
Expect the next batch to extend the same admin surface into observability and audit reporting — Devin session logs that satisfy SOC/ISO controls, role-based access across the new IDP groups, and likely a managed-private-deployment story for customers who need the agent inside their VPC.

Recent moves

  1. 1mo ago

    Stacked Review Permissions

    ⚡ SPARK

    This release is the clearest single statement of Devin's enterprise posture this quarter — granular review permissions and outbound network controls are exactly what stops an agent from being adopted under shadow IT and turns it into something an enterprise admin can sign off on.

  2. 1mo ago

    Revamped Blueprint Authoring Experience

    A blueprint editor redesign with deep links and per-section play buttons makes environment authoring faster, and the Enterprise Commit Email Lock plus PR-auto-close removal are quiet but meaningful audit and workflow corrections.

  3. 2mo ago

    Sensitive Toggle for Secrets

    Letting users opt out of secret masking, merging consecutive file edits in the progress tab, and adding session category filters to the v3 API all chip away at agent observability — operators want to know what Devin did and admins want cleaner audit surfaces.

  4. 2mo ago

    Sensitive Toggle for Secrets (duplicate feed entry)

    Duplicate feed entry for the Sensitive Toggle release — same content, different feed source.

    View source ↗
  5. 2mo ago

    SSO Connection Picker

    More enterprise admin plumbing — the SSO connection picker fixes a real wedge for orgs with multiple identity providers per domain, and decoupling repository permissions from git-integration settings gives admins finer-grained control during rollout.

  6. 2mo ago

    PR Digest for Disconnected Users

    GitHub Enterprise Server support and IDP Groups Management land together — both are required-but-not-sufficient line items on a typical enterprise procurement checklist, and shipping them in the same week shows Devin is checking those items methodically rather than reactively.