GitLab has acquired the static application security testing startup Oxeye, led by an Imperva and Check Point veteran, to improve application-layer risk detection and reduce false positives. The technology will allow for static application security testing across the software development life cycle, improving detection and vulnerability management. The acquisition, which cost between $30 million and $40 million, will integrate Oxeye’s capabilities into GitLab’s SAST product to enhance security scanning for Python, Go, Java, and JavaScript.
Oxeye’s distinctive approach to identifying and resolving application-layer risks, tracing vulnerabilities from code to cloud, sets it apart from competitors. The integration of Oxeye’s capabilities will result in a more accurate and actionable list of security findings, with fewer false positives and more true positive detections. Existing customers of both GitLab and Oxeye will benefit from these improvements, as well as enhanced security and compliance capabilities.
The acquisition demonstrates GitLab’s commitment to helping customers build more secure software efficiently. Oxeye will complement GitLab’s existing capabilities in dynamic application security testing, fuzz testing, container scanning, and dependency scanning. The goal is to help users deliver secure applications and find and correct security vulnerabilities in their software sooner.
The combined company will focus on advancing security and compliance capabilities, reinforcing GitLab’s position in the application security testing market. The acquisition will help customers build secure software faster and eliminate inefficiencies in the software development process. GitLab was recognized as a contender in last year’s static application security testing Forrester Wave and as a challenger in software composition analysis and application security testing Gartner Magic Quadrant.
Overall, the acquisition of Oxeye by GitLab promises enhanced application security, reduced false positives, and improved security scanning for various programming languages. The integration of Oxeye’s capabilities will benefit existing customers and help GitLab strengthen its position in the application security testing market, ultimately helping users deliver secure software more efficiently.