Global tax software giant Avalara powers customer growth with GitLab

A global organization headquartered in Durham, North Carolina, Avalara is a privately held company with 43,000 worldwide customers. Founded in 2004, it focuses on helping customers with sales tax calculation, filing, and remittance, enabling businesses of all sizes to manage complex tax requirements across multiple states and countries. With a core mission to make tax compliance less taxing, it is widely recognized as a leader in its market.

Rachael Marshman, director of product management at Avalara, spotted an opportunity to strengthen customer relationships: providing more precise delivery timelines for software updates and new applications. The key was optimizing Avalara's existing development toolchain and standardizing the processes around it. "When customers needed new functionality for compliance, we wanted to deliver confident timelines," Marshman says. "Standardizing our processes would make us more predictable and efficient, freeing up engineering resources to focus on innovation rather than coordination — better for both our teams and customers." Working with Matt Buckley, vice president of engineering at Avalara, Marshman set out to unify their DevSecOps team on a single platform while implementing pipeline gates and security processes.

Over more than 20 years of company growth, including numerous acquisitions, Avalara has accumulated various software development tools, such as Jenkins and GitHub. That approach worked for a while, but Marshman and Buckley knew they'd need a more comprehensive solution to power the next phase of Avalara's growth. To support their ambitious growth trajectory, their existing toolchain presented opportunities for optimization, such as:

• Opportunities to accelerate cycle times for code reviews and merge requests
• Potential to automate and standardize security processes for greater efficiency
• Scope to streamline toolchain management and reduce complexity
• Ability to enhance visibility into engineering productivity metrics
• Capacity to optimize deployment processes and remove bottlenecks
• Potential to accelerate feature delivery and reduce time-to-market

These optimization opportunities represented significant potential for efficiency gains that could enhance the organization's ability to exceed customer expectations and strengthen their competitive position in the market.

“We were deploying approximately 30 times a year and saw significant room for improvement," says Marshman. "Our release cycles typically ran monthly, though our thorough integration and testing processes sometimes extended timelines to ensure quality. “We recognized that streamlining these processes could increase both our deployment frequency and consistency while maintaining our high standards.” Buckley also notes that since Avalara’s systems are integrated with their clients’ systems, a deployment problem could affect the customers as well.

"Precision is absolutely critical in our industry," says Buckley. "When you're managing tax calculations that impact billions of dollars in transactions, accuracy isn't just important — it's fundamental to our customers' success. This environment requires robust deployment processes and multiple validation layers to maintain the reliability our customers depend on."

Recognizing this opportunity for optimization, Avalara strategically selected a single DevSecOps platform.

The company strategically selected GitLab, consolidating Jenkins and GitHub into a single, end-to-end DevSecOps platform. This strategic decision launched a major transformation for Avalara — one that unified developers from around the globe on a shared platform, streamlined manual processes through automation, and standardized security controls and quality gates across all projects.

“With GitLab’s CI/CD pipelines, it’s been transformative,” says Buckley. “GitLab has been transformational in enabling our current capabilities. We've evolved from monthly deployments to deploying Monday through Thursday, with exceptional reliability. Our operations run smoothly with minimal disruption. GitLab's unified platform made this level of efficiency and scale possible.”

Today, the organization has unified all builds and deployments through GitLab pipelines, seamlessly integrating everything from commit runs of unit tests to automatic code reviews within GitLab. "GitLab pipelines unlocked comprehensive capabilities, including automated quality gates and enhanced visibility," says Buckley. "I can access a unified dashboard that shows real-time system performance, trends, and optimization opportunities. This level of insight enables continuous improvement across all our processes. Marshman highlights the significant performance improvements since adopting GitLab.

Merge request cycle times have been optimized from four weeks to just a few hours. And Seattle-based Uplevel, an engineering metrics and insights company, reported that since adopting GitLab, Avalara has experienced a 1,100% improvement in deployment frequency, and deployment problems have been reduced by 90%. Buckley notes that these metrics provide the ability to quantify the impact of the changes they’ve made.

“We can easily say that we went from maybe 30 deployments a year to easily 30 a month,” says Buckley, who used Uplevel's engineering intelligence platform to establish baseline performance metrics before the transformation. “That’s a huge change. I was specifically looking for metrics that would give me feedback on whether things were working well and if our efficacy was improving. The Uplevel metrics help me see how well this really is going.”

One signpost of improvement for Marshman is that she can now give customers target dates for when updates and new software will launch.

“Now I can give customers a launch date with confidence,” she adds. “With everyone working in the same environment, we're able to move quickly. We're able to deploy the same day if we need to. And when you're a compliance business, that’s critical.”

With GitLab’s end-to-end platform, Avalara has been enhancing and managing its flagship piece of software — AvaTax. A cornerstone of the organization’s offerings, it is aimed at replacing manual, complex, and error-prone tax processes, enabling real-time tax calculation for the vast majority of their customers' transactions. AvaTax is not just one of their products: It is the central nervous system of Avalara's tax compliance automation platform.

“We brought everything onto GitLab, so, of course, our most important piece of software is run using that platform,” says Buckley. “GitLab has made it easier to build it out, to integrate, to secure it, and to keep giving our customers what they need. The fact that we have one, consistent platform that everyone works on has made everything easier.

“AvaTax is our business,” he adds. “Without it, we have no business.”

Both Buckley and Marshman note that one of the core reasons their DevSecOps teams can keep software like AvaTax updated so smoothly and efficiently is because of their teams’ new ability to collaborate. Beyond the platform's enhanced visibility, the truly transformative element is their ability to share secured, well-built code components. This enables developers to leverage existing solutions and focus their expertise on innovation rather than rebuilding functionality that already exists across the organization.

It also means there is more consistency in the organization’s software.

“GitLab transformed our collaboration model," says Marshman. "Previously, teams operated more independently, but now they can easily discover and leverage existing components across the organization. Now, since they’re all engaged in building and deploying software into the same system, it’s easy and natural to share code across teams. It means teams can concentrate on the overall solution, instead of every single piece of it, so they can be more innovative.”

Using a shared repository on the platform, each team is connected, enabling them to contribute reusable code components for needed components and even update pieces of shared code. "GitLab's centralized approach has unified our development resources," says Marshman. “Now, it’s much easier to find what you need, so a lot more is being reused. And our developers like contributing to other projects. They like being able to say, ‘I found a way to make this better, so I updated it.’”

Buckley adds that the ability to collaborate and share work also means developers are less stressed and they’re happier.

Because Avalara processes and stores sensitive financial information, security is critical. Buckley points out that GitLab has increased their confidence in the security of their code by allowing teams to share and reuse code that has been tested and is known to be secure. “As a company that is responsible for protecting our clients’ data, we have to be the best in the industry in terms of security and our ability to keep things running," says Buckley. Because we now can, for example, have standardized processes, quality gates in the pipelines, and easily reuse secure software components, we can avoid downstream problems.” Before using GitLab, there was an opportunity to standardize controls and processes. “We needed automated testing and we just didn’t have it before,” says Buckley. “Automating security scans and processes, along with automating documentation, has strengthened our compliance posture and even customer trust.” With GitLab, Avalara can consistently implement controls over all of their source code and deployment mechanisms. They’re also able to track who is making changes to code, along with why and when. And they can automatically track what was deployed and what was included in MRs.

Automating security and documentation has strengthened Avalara's operational excellence and competitive position. It’s also allowing them to do more with the same number of team members, and that is enabling them to grow their customer base significantly.

“Since the adoption, we’ve been able to scale, and our customer base has grown,” says Buckley. “We’re also in more regions and more industries. We have tens of thousands of customers, and they have confidence in the software being shipped. That’s critically important.”

Marshman also says Avalara is strengthening its competitive stance in the market.

“When we had a lot of technical debt and we were slow to respond, we simply couldn’t move quickly, but those days are over,” she adds. “With GitLab, our increased deployment cadence is putting us back at the top spot in the market where we’d historically been.”

Buckley adds that Avalara is already implementing advanced technologies to further enhance their development processes. “We're currently using agentic AI internally,” says Buckley. “We build and deploy our own agentic systems and some of those we have co-opted and used in our deployment and software delivery processes as well.”

Marshman was clear that Avalara is all in with GitLab as they continue to grow and scale — both with their workflows and with their customer base. “GitLab is the only solution that we'll use now for deploying our products,” says Marshman. “We will grow and scale with GitLab in mind, as it helps us organize all of our code bases, streamline those processes, and deploy effectively.”