GitLab Acquires Oxeye to Advance Application Security & Governance Capabilities

Already recognized as the only Leader in Integrated Software Delivery Platforms by an independent research firm, GitLab’s DevSecOps platform combines best-in-class, robust security, governance, and AI/ML across the software development lifecycle

SAN FRANCISCO – March 20, 2024 – All Remote -GitLab Inc., the most comprehensive AI-powered DevSecOps platform, today announced it has acquired Oxeye, the provider of an award-winning, cloud-native application security and risk management solution. With the acquisition of Oxeye, GitLab will accelerate its Static Application Security Testing (SAST) roadmap. Oxeye’s capabilities will also augment GitLab’s software composition analysis and compliance tools.

Oxeye offers an automated cloud-native application security testing solution to help customers identify and resolve application-layer risks across the software development lifecycle. Its capabilities beyond SAST include the ability to trace vulnerabilities from “code to cloud” by providing runtime context via different types of data collection and analysis.

Following the acquisition, GitLab’s security capabilities will include enhanced SAST scanning technology to reduce false positives and deliver highly accurate results and actionable insights. These capabilities will provide developers and security professionals with the information needed to streamline vulnerability management and remediation, making it even easier for customers to build secure applications.

Recently, Forrester recognized GitLab as the only Leader in The Forrester Wave™: Integrated Software Delivery Platforms, Q2 2023. The report included a customer’s comment on the platform, noting that “The CI/CD experience using secrets, environments, runners, and SAST/DAST/license scans/etc. is unparalleled.” The acquisition announced today marks GitLab’s continued commitment to deliver best-in-class performance to customers.

Financial terms of the transaction were not disclosed. For more information, read the blog.

Supporting Quotes

“We’re excited to welcome Oxeye as the team shares our vision for delivering value throughout the entire software development lifecycle,” said David DeSanto, chief product officer, GitLab. “This acquisition will accelerate GitLab’s SAST category roadmap and expand GitLab’s risk management capabilities. By combining Oxeye’s cloud-native application security solution with GitLab’s industry-leading DevSecOps platform, customers benefit from the ability to secure new and emerging technologies while increasing developer velocity and expanding governance risk visibility.”

“Our goal with building Oxeye was to enable development and security teams to identify application-layer risks quickly, focus on the most exploitable ones, and promptly resolve these as an integral part of the software development lifecycle,” said Dean Agron, co-founder and CEO of Oxeye. “We look forward to joining the GitLab team, which is at the cutting edge of technology and culture for developers. Together, we will provide value to GitLab customers by helping organizations to reduce security and compliance risks as they accelerate digital transformation.”

About GitLab

GitLab is the most comprehensive AI-powered DevSecOps platform for software innovation. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 30 million registered users and more than 50% of the Fortune 100 trust GitLab to ship better, more secure software faster.

Media Contact

Kristen Butler

[email protected]

Take GitLab for a spin

See what your team can do with a single platform for software delivery.

Get free trial
Headshots of three people

Have a question? We're here to help.

Talk to an expert