[{"data":1,"prerenderedAt":830},["ShallowReactive",2],{"/en-us/blog/oxeye-joins-gitlab-to-advance-application-security-capabilities":3,"navigation-en-us":39,"banner-en-us":449,"footer-en-us":459,"blog-post-authors-en-us-David DeSanto, Chief Product Officer, GitLab|Dean Agron, co-founder and CEO, Oxeye":699,"blog-related-posts-en-us-oxeye-joins-gitlab-to-advance-application-security-capabilities":727,"blog-promotions-en-us":767,"next-steps-en-us":820},{"id":4,"title":5,"authorSlugs":6,"body":9,"categorySlug":10,"config":11,"content":15,"description":9,"extension":27,"isFeatured":13,"meta":28,"navigation":13,"path":29,"publishedDate":22,"seo":30,"stem":35,"tagSlugs":36,"__hash__":38},"blogPosts/en-us/blog/oxeye-joins-gitlab-to-advance-application-security-capabilities.yml","Oxeye Joins Gitlab To Advance Application Security Capabilities",[7,8],"david-desanto-chief-product-officer-gitlab","dean-agron-co-founder-and-ceo-oxeye",null,"news",{"slug":12,"featured":13,"template":14},"oxeye-joins-gitlab-to-advance-application-security-capabilities",true,"BlogPost",{"title":16,"description":17,"authors":18,"heroImage":21,"date":22,"body":23,"category":10,"tags":24},"Oxeye joins GitLab to advance application security capabilities ","The initial focus will be on accelerating GitLab's Static Application Security (SAST) roadmap.\n",[19,20],"David DeSanto, Chief Product Officer, GitLab","Dean Agron, co-founder and CEO, Oxeye","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671969/Blog/Hero%20Images/gitlab-oxeye-blog-1800x945.png","2024-03-20","GitLab has acquired [Oxeye](https://www.oxeye.io/) to advance GitLab’s application security capabilities with an initial focus on accelerating its Static Application Security Testing (SAST) roadmap.\n\nGitLab first launched SAST in 2017. We have since continued to mature our application security capabilities as part of our vision to evolve SAST as a key part of the GitLab DevSecOps workflow. This not only means enhancing our best-in-class offering with advances in AI/ML but also reinforcing the power of SAST across the entire software development lifecycle by continuously improving the signal-to-noise ratio, reducing false positives that commonly plague SAST solutions.\n\nFor SAST to have the most impact on security, it must be used seamlessly with other security and development tools and accessible to developers. SAST is a powerful tool, but it loses much of its value if the results are unmanageable or lack appropriate context.\n\nGitLab is the most comprehensive AI-powered DevSecOps platform combining security natively with source control, build tools, repositories, and other features like issue tracking and application monitoring. Our approach to innovating in static analysis combines our focus on open source, our platform approach, and specialized investments in SAST.\n\nGitLab has a history of innovation in the SAST space:\n- We were early to include SAST in a DevOps platform in 2017.\n- We were the first DevSecOps platform to be recognized in the 2020 Gartner® Magic Quadrant™ for Application Security Testing.\n- We contribute heavily to open source SAST tools.\n\nRecently, Forrester recognized GitLab as the only Leader in [The Forrester Wave™: Integrated Software Delivery Platforms, Q2 2023](https://about.gitlab.com/blog/gitlab-leader-forrester-wave-integrated-software-delivery-platforms/). The report included a customer’s comment on the platform, noting that “The CI/CD experience using secrets, environments, runners, and SAST/DAST/license scans/etc. is unparalleled.”\n\nAcquiring Oxeye for best-in-class scanning technology is another step toward accelerating GitLab’s SAST roadmap. Its enhanced SAST scanner will streamline vulnerability management and remediation for developers. Empowering developers to have an impact on the security of their products requires security findings to be accurate and focused on the most critical and exploitable weaknesses. Oxeye’s capabilities will help GitLab to realize that vision.\n\nOxeye’s capabilities beyond SAST include the ability to trace vulnerabilities from “code to cloud” by providing runtime context via different types of data collection and analysis. We anticipate enhancing our software composition analysis and compliance tools with these capabilities to further help our customers identify and resolve all application-layer risks quickly.\n\nThe combined strength and security expertise of the GitLab and Oxeye teams will help even more organizations reduce their security and compliance risk as they accelerate their digital transformation efforts.\n\n> [Learn more about GitLab SAST](https://about.gitlab.com/solutions/application-security-testing/) and other application security capabilities.",[25,10,26],"security","DevSecOps","yml",{},"/en-us/blog/oxeye-joins-gitlab-to-advance-application-security-capabilities",{"title":16,"description":17,"ogTitle":16,"ogDescription":17,"noIndex":31,"ogImage":21,"ogUrl":32,"ogSiteName":33,"ogType":34,"canonicalUrls":32},false,"https://about.gitlab.com/blog/oxeye-joins-gitlab-to-advance-application-security-capabilities","https://about.gitlab.com","article","en-us/blog/oxeye-joins-gitlab-to-advance-application-security-capabilities",[25,10,37],"devsecops","Vi9etDCNpnVb-Y4nvyMGj6vzdqZQ5M71ToiFYevehm8",{"data":40},{"logo":41,"freeTrial":46,"sales":51,"login":56,"items":61,"search":369,"minimal":400,"duo":419,"switchNav":428,"pricingDeployment":439},{"config":42},{"href":43,"dataGaName":44,"dataGaLocation":45},"/","gitlab logo","header",{"text":47,"config":48},"Get free trial",{"href":49,"dataGaName":50,"dataGaLocation":45},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":52,"config":53},"Talk to sales",{"href":54,"dataGaName":55,"dataGaLocation":45},"/sales/","sales",{"text":57,"config":58},"Sign in",{"href":59,"dataGaName":60,"dataGaLocation":45},"https://gitlab.com/users/sign_in/","sign in",[62,89,184,189,290,350],{"text":63,"config":64,"cards":66},"Platform",{"dataNavLevelOne":65},"platform",[67,73,81],{"title":63,"description":68,"link":69},"The intelligent orchestration platform for DevSecOps",{"text":70,"config":71},"Explore our Platform",{"href":72,"dataGaName":65,"dataGaLocation":45},"/platform/",{"title":74,"description":75,"link":76},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":77,"config":78},"Meet GitLab Duo",{"href":79,"dataGaName":80,"dataGaLocation":45},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":82,"description":83,"link":84},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":85,"config":86},"Learn more",{"href":87,"dataGaName":88,"dataGaLocation":45},"/why-gitlab/","why gitlab",{"text":90,"left":13,"config":91,"link":93,"lists":97,"footer":166},"Product",{"dataNavLevelOne":92},"solutions",{"text":94,"config":95},"View all Solutions",{"href":96,"dataGaName":92,"dataGaLocation":45},"/solutions/",[98,122,145],{"title":99,"description":100,"link":101,"items":106},"Automation","CI/CD and automation to accelerate deployment",{"config":102},{"icon":103,"href":104,"dataGaName":105,"dataGaLocation":45},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[107,111,114,118],{"text":108,"config":109},"CI/CD",{"href":110,"dataGaLocation":45,"dataGaName":108},"/solutions/continuous-integration/",{"text":74,"config":112},{"href":79,"dataGaLocation":45,"dataGaName":113},"gitlab duo agent platform - product menu",{"text":115,"config":116},"Source Code Management",{"href":117,"dataGaLocation":45,"dataGaName":115},"/solutions/source-code-management/",{"text":119,"config":120},"Automated Software Delivery",{"href":104,"dataGaLocation":45,"dataGaName":121},"Automated software delivery",{"title":123,"description":124,"link":125,"items":130},"Security","Deliver code faster without compromising security",{"config":126},{"href":127,"dataGaName":128,"dataGaLocation":45,"icon":129},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[131,135,140],{"text":132,"config":133},"Application Security Testing",{"href":127,"dataGaName":134,"dataGaLocation":45},"Application security testing",{"text":136,"config":137},"Software Supply Chain Security",{"href":138,"dataGaLocation":45,"dataGaName":139},"/solutions/supply-chain/","Software supply chain security",{"text":141,"config":142},"Software Compliance",{"href":143,"dataGaName":144,"dataGaLocation":45},"/solutions/software-compliance/","software compliance",{"title":146,"link":147,"items":152},"Measurement",{"config":148},{"icon":149,"href":150,"dataGaName":151,"dataGaLocation":45},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[153,157,161],{"text":154,"config":155},"Visibility & Measurement",{"href":150,"dataGaLocation":45,"dataGaName":156},"Visibility and Measurement",{"text":158,"config":159},"Value Stream Management",{"href":160,"dataGaLocation":45,"dataGaName":158},"/solutions/value-stream-management/",{"text":162,"config":163},"Analytics & Insights",{"href":164,"dataGaLocation":45,"dataGaName":165},"/solutions/analytics-and-insights/","Analytics and insights",{"title":167,"items":168},"GitLab for",[169,174,179],{"text":170,"config":171},"Enterprise",{"href":172,"dataGaLocation":45,"dataGaName":173},"/enterprise/","enterprise",{"text":175,"config":176},"Small Business",{"href":177,"dataGaLocation":45,"dataGaName":178},"/small-business/","small business",{"text":180,"config":181},"Public Sector",{"href":182,"dataGaLocation":45,"dataGaName":183},"/solutions/public-sector/","public sector",{"text":185,"config":186},"Pricing",{"href":187,"dataGaName":188,"dataGaLocation":45,"dataNavLevelOne":188},"/pricing/","pricing",{"text":190,"config":191,"link":193,"lists":197,"feature":277},"Resources",{"dataNavLevelOne":192},"resources",{"text":194,"config":195},"View all resources",{"href":196,"dataGaName":192,"dataGaLocation":45},"/resources/",[198,231,249],{"title":199,"items":200},"Getting started",[201,206,211,216,221,226],{"text":202,"config":203},"Install",{"href":204,"dataGaName":205,"dataGaLocation":45},"/install/","install",{"text":207,"config":208},"Quick start guides",{"href":209,"dataGaName":210,"dataGaLocation":45},"/get-started/","quick setup checklists",{"text":212,"config":213},"Learn",{"href":214,"dataGaLocation":45,"dataGaName":215},"https://university.gitlab.com/","learn",{"text":217,"config":218},"Product documentation",{"href":219,"dataGaName":220,"dataGaLocation":45},"https://docs.gitlab.com/","product documentation",{"text":222,"config":223},"Best practice videos",{"href":224,"dataGaName":225,"dataGaLocation":45},"/getting-started-videos/","best practice videos",{"text":227,"config":228},"Integrations",{"href":229,"dataGaName":230,"dataGaLocation":45},"/integrations/","integrations",{"title":232,"items":233},"Discover",[234,239,244],{"text":235,"config":236},"Customer success stories",{"href":237,"dataGaName":238,"dataGaLocation":45},"/customers/","customer success stories",{"text":240,"config":241},"Blog",{"href":242,"dataGaName":243,"dataGaLocation":45},"/blog/","blog",{"text":245,"config":246},"Remote",{"href":247,"dataGaName":248,"dataGaLocation":45},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":250,"items":251},"Connect",[252,257,262,267,272],{"text":253,"config":254},"GitLab Services",{"href":255,"dataGaName":256,"dataGaLocation":45},"/services/","services",{"text":258,"config":259},"Community",{"href":260,"dataGaName":261,"dataGaLocation":45},"/community/","community",{"text":263,"config":264},"Forum",{"href":265,"dataGaName":266,"dataGaLocation":45},"https://forum.gitlab.com/","forum",{"text":268,"config":269},"Events",{"href":270,"dataGaName":271,"dataGaLocation":45},"/events/","events",{"text":273,"config":274},"Partners",{"href":275,"dataGaName":276,"dataGaLocation":45},"/partners/","partners",{"backgroundColor":278,"textColor":279,"text":280,"image":281,"link":285},"#2f2a6b","#fff","Insights for the future of software development",{"altText":282,"config":283},"the source promo card",{"src":284},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":286,"config":287},"Read the latest",{"href":288,"dataGaName":289,"dataGaLocation":45},"/the-source/","the source",{"text":291,"config":292,"lists":294},"Company",{"dataNavLevelOne":293},"company",[295],{"items":296},[297,302,308,310,315,320,325,330,335,340,345],{"text":298,"config":299},"About",{"href":300,"dataGaName":301,"dataGaLocation":45},"/company/","about",{"text":303,"config":304,"footerGa":307},"Jobs",{"href":305,"dataGaName":306,"dataGaLocation":45},"/jobs/","jobs",{"dataGaName":306},{"text":268,"config":309},{"href":270,"dataGaName":271,"dataGaLocation":45},{"text":311,"config":312},"Leadership",{"href":313,"dataGaName":314,"dataGaLocation":45},"/company/team/e-group/","leadership",{"text":316,"config":317},"Team",{"href":318,"dataGaName":319,"dataGaLocation":45},"/company/team/","team",{"text":321,"config":322},"Handbook",{"href":323,"dataGaName":324,"dataGaLocation":45},"https://handbook.gitlab.com/","handbook",{"text":326,"config":327},"Investor relations",{"href":328,"dataGaName":329,"dataGaLocation":45},"https://ir.gitlab.com/","investor relations",{"text":331,"config":332},"Trust Center",{"href":333,"dataGaName":334,"dataGaLocation":45},"/security/","trust center",{"text":336,"config":337},"AI Transparency Center",{"href":338,"dataGaName":339,"dataGaLocation":45},"/ai-transparency-center/","ai transparency center",{"text":341,"config":342},"Newsletter",{"href":343,"dataGaName":344,"dataGaLocation":45},"/company/contact/#contact-forms","newsletter",{"text":346,"config":347},"Press",{"href":348,"dataGaName":349,"dataGaLocation":45},"/press/","press",{"text":351,"config":352,"lists":353},"Contact us",{"dataNavLevelOne":293},[354],{"items":355},[356,359,364],{"text":52,"config":357},{"href":54,"dataGaName":358,"dataGaLocation":45},"talk to sales",{"text":360,"config":361},"Support portal",{"href":362,"dataGaName":363,"dataGaLocation":45},"https://support.gitlab.com","support portal",{"text":365,"config":366},"Customer portal",{"href":367,"dataGaName":368,"dataGaLocation":45},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":370,"login":371,"suggestions":378},"Close",{"text":372,"link":373},"To search repositories and projects, login to",{"text":374,"config":375},"gitlab.com",{"href":59,"dataGaName":376,"dataGaLocation":377},"search login","search",{"text":379,"default":380},"Suggestions",[381,383,387,389,393,397],{"text":74,"config":382},{"href":79,"dataGaName":74,"dataGaLocation":377},{"text":384,"config":385},"Code Suggestions (AI)",{"href":386,"dataGaName":384,"dataGaLocation":377},"/solutions/code-suggestions/",{"text":108,"config":388},{"href":110,"dataGaName":108,"dataGaLocation":377},{"text":390,"config":391},"GitLab on AWS",{"href":392,"dataGaName":390,"dataGaLocation":377},"/partners/technology-partners/aws/",{"text":394,"config":395},"GitLab on Google Cloud",{"href":396,"dataGaName":394,"dataGaLocation":377},"/partners/technology-partners/google-cloud-platform/",{"text":398,"config":399},"Why GitLab?",{"href":87,"dataGaName":398,"dataGaLocation":377},{"freeTrial":401,"mobileIcon":406,"desktopIcon":411,"secondaryButton":414},{"text":402,"config":403},"Start free trial",{"href":404,"dataGaName":50,"dataGaLocation":405},"https://gitlab.com/-/trials/new/","nav",{"altText":407,"config":408},"Gitlab Icon",{"src":409,"dataGaName":410,"dataGaLocation":405},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":407,"config":412},{"src":413,"dataGaName":410,"dataGaLocation":405},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":415,"config":416},"Get Started",{"href":417,"dataGaName":418,"dataGaLocation":405},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/get-started/","get started",{"freeTrial":420,"mobileIcon":424,"desktopIcon":426},{"text":421,"config":422},"Learn more about GitLab Duo",{"href":79,"dataGaName":423,"dataGaLocation":405},"gitlab duo",{"altText":407,"config":425},{"src":409,"dataGaName":410,"dataGaLocation":405},{"altText":407,"config":427},{"src":413,"dataGaName":410,"dataGaLocation":405},{"button":429,"mobileIcon":434,"desktopIcon":436},{"text":430,"config":431},"/switch",{"href":432,"dataGaName":433,"dataGaLocation":405},"#contact","switch",{"altText":407,"config":435},{"src":409,"dataGaName":410,"dataGaLocation":405},{"altText":407,"config":437},{"src":438,"dataGaName":410,"dataGaLocation":405},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":440,"mobileIcon":445,"desktopIcon":447},{"text":441,"config":442},"Back to pricing",{"href":187,"dataGaName":443,"dataGaLocation":405,"icon":444},"back to pricing","GoBack",{"altText":407,"config":446},{"src":409,"dataGaName":410,"dataGaLocation":405},{"altText":407,"config":448},{"src":413,"dataGaName":410,"dataGaLocation":405},{"title":450,"button":451,"config":456},"See how agentic AI transforms software delivery",{"text":452,"config":453},"Watch GitLab Transcend now",{"href":454,"dataGaName":455,"dataGaLocation":45},"/events/transcend/virtual/","transcend event",{"layout":457,"icon":458,"disabled":13},"release","AiStar",{"data":460},{"text":461,"source":462,"edit":468,"contribute":473,"config":478,"items":483,"minimal":688},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":463,"config":464},"View page source",{"href":465,"dataGaName":466,"dataGaLocation":467},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":469,"config":470},"Edit this page",{"href":471,"dataGaName":472,"dataGaLocation":467},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":474,"config":475},"Please contribute",{"href":476,"dataGaName":477,"dataGaLocation":467},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":479,"facebook":480,"youtube":481,"linkedin":482},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[484,531,583,627,654],{"title":185,"links":485,"subMenu":500},[486,490,495],{"text":487,"config":488},"View plans",{"href":187,"dataGaName":489,"dataGaLocation":467},"view plans",{"text":491,"config":492},"Why Premium?",{"href":493,"dataGaName":494,"dataGaLocation":467},"/pricing/premium/","why premium",{"text":496,"config":497},"Why Ultimate?",{"href":498,"dataGaName":499,"dataGaLocation":467},"/pricing/ultimate/","why ultimate",[501],{"title":502,"links":503},"Contact Us",[504,507,509,511,516,521,526],{"text":505,"config":506},"Contact sales",{"href":54,"dataGaName":55,"dataGaLocation":467},{"text":360,"config":508},{"href":362,"dataGaName":363,"dataGaLocation":467},{"text":365,"config":510},{"href":367,"dataGaName":368,"dataGaLocation":467},{"text":512,"config":513},"Status",{"href":514,"dataGaName":515,"dataGaLocation":467},"https://status.gitlab.com/","status",{"text":517,"config":518},"Terms of use",{"href":519,"dataGaName":520,"dataGaLocation":467},"/terms/","terms of use",{"text":522,"config":523},"Privacy statement",{"href":524,"dataGaName":525,"dataGaLocation":467},"/privacy/","privacy statement",{"text":527,"config":528},"Cookie preferences",{"dataGaName":529,"dataGaLocation":467,"id":530,"isOneTrustButton":13},"cookie preferences","ot-sdk-btn",{"title":90,"links":532,"subMenu":541},[533,537],{"text":534,"config":535},"DevSecOps platform",{"href":72,"dataGaName":536,"dataGaLocation":467},"devsecops platform",{"text":538,"config":539},"AI-Assisted Development",{"href":79,"dataGaName":540,"dataGaLocation":467},"ai-assisted development",[542],{"title":543,"links":544},"Topics",[545,550,555,560,565,568,573,578],{"text":546,"config":547},"CICD",{"href":548,"dataGaName":549,"dataGaLocation":467},"/topics/ci-cd/","cicd",{"text":551,"config":552},"GitOps",{"href":553,"dataGaName":554,"dataGaLocation":467},"/topics/gitops/","gitops",{"text":556,"config":557},"DevOps",{"href":558,"dataGaName":559,"dataGaLocation":467},"/topics/devops/","devops",{"text":561,"config":562},"Version Control",{"href":563,"dataGaName":564,"dataGaLocation":467},"/topics/version-control/","version control",{"text":26,"config":566},{"href":567,"dataGaName":37,"dataGaLocation":467},"/topics/devsecops/",{"text":569,"config":570},"Cloud Native",{"href":571,"dataGaName":572,"dataGaLocation":467},"/topics/cloud-native/","cloud native",{"text":574,"config":575},"AI for Coding",{"href":576,"dataGaName":577,"dataGaLocation":467},"/topics/devops/ai-for-coding/","ai for coding",{"text":579,"config":580},"Agentic AI",{"href":581,"dataGaName":582,"dataGaLocation":467},"/topics/agentic-ai/","agentic ai",{"title":584,"links":585},"Solutions",[586,588,590,595,599,602,606,609,611,614,617,622],{"text":132,"config":587},{"href":127,"dataGaName":132,"dataGaLocation":467},{"text":121,"config":589},{"href":104,"dataGaName":105,"dataGaLocation":467},{"text":591,"config":592},"Agile development",{"href":593,"dataGaName":594,"dataGaLocation":467},"/solutions/agile-delivery/","agile delivery",{"text":596,"config":597},"SCM",{"href":117,"dataGaName":598,"dataGaLocation":467},"source code management",{"text":546,"config":600},{"href":110,"dataGaName":601,"dataGaLocation":467},"continuous integration & delivery",{"text":603,"config":604},"Value stream management",{"href":160,"dataGaName":605,"dataGaLocation":467},"value stream management",{"text":551,"config":607},{"href":608,"dataGaName":554,"dataGaLocation":467},"/solutions/gitops/",{"text":170,"config":610},{"href":172,"dataGaName":173,"dataGaLocation":467},{"text":612,"config":613},"Small business",{"href":177,"dataGaName":178,"dataGaLocation":467},{"text":615,"config":616},"Public sector",{"href":182,"dataGaName":183,"dataGaLocation":467},{"text":618,"config":619},"Education",{"href":620,"dataGaName":621,"dataGaLocation":467},"/solutions/education/","education",{"text":623,"config":624},"Financial services",{"href":625,"dataGaName":626,"dataGaLocation":467},"/solutions/finance/","financial services",{"title":190,"links":628},[629,631,633,635,638,640,642,644,646,648,650,652],{"text":202,"config":630},{"href":204,"dataGaName":205,"dataGaLocation":467},{"text":207,"config":632},{"href":209,"dataGaName":210,"dataGaLocation":467},{"text":212,"config":634},{"href":214,"dataGaName":215,"dataGaLocation":467},{"text":217,"config":636},{"href":219,"dataGaName":637,"dataGaLocation":467},"docs",{"text":240,"config":639},{"href":242,"dataGaName":243,"dataGaLocation":467},{"text":235,"config":641},{"href":237,"dataGaName":238,"dataGaLocation":467},{"text":245,"config":643},{"href":247,"dataGaName":248,"dataGaLocation":467},{"text":253,"config":645},{"href":255,"dataGaName":256,"dataGaLocation":467},{"text":258,"config":647},{"href":260,"dataGaName":261,"dataGaLocation":467},{"text":263,"config":649},{"href":265,"dataGaName":266,"dataGaLocation":467},{"text":268,"config":651},{"href":270,"dataGaName":271,"dataGaLocation":467},{"text":273,"config":653},{"href":275,"dataGaName":276,"dataGaLocation":467},{"title":291,"links":655},[656,658,660,662,664,666,668,672,677,679,681,683],{"text":298,"config":657},{"href":300,"dataGaName":293,"dataGaLocation":467},{"text":303,"config":659},{"href":305,"dataGaName":306,"dataGaLocation":467},{"text":311,"config":661},{"href":313,"dataGaName":314,"dataGaLocation":467},{"text":316,"config":663},{"href":318,"dataGaName":319,"dataGaLocation":467},{"text":321,"config":665},{"href":323,"dataGaName":324,"dataGaLocation":467},{"text":326,"config":667},{"href":328,"dataGaName":329,"dataGaLocation":467},{"text":669,"config":670},"Sustainability",{"href":671,"dataGaName":669,"dataGaLocation":467},"/sustainability/",{"text":673,"config":674},"Diversity, inclusion and belonging (DIB)",{"href":675,"dataGaName":676,"dataGaLocation":467},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":331,"config":678},{"href":333,"dataGaName":334,"dataGaLocation":467},{"text":341,"config":680},{"href":343,"dataGaName":344,"dataGaLocation":467},{"text":346,"config":682},{"href":348,"dataGaName":349,"dataGaLocation":467},{"text":684,"config":685},"Modern Slavery Transparency Statement",{"href":686,"dataGaName":687,"dataGaLocation":467},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":689},[690,693,696],{"text":691,"config":692},"Terms",{"href":519,"dataGaName":520,"dataGaLocation":467},{"text":694,"config":695},"Cookies",{"dataGaName":529,"dataGaLocation":467,"id":530,"isOneTrustButton":13},{"text":697,"config":698},"Privacy",{"href":524,"dataGaName":525,"dataGaLocation":467},[700,714],{"id":701,"title":702,"body":9,"config":703,"content":705,"description":9,"extension":27,"meta":709,"navigation":13,"path":710,"seo":711,"stem":712,"__hash__":713},"blogAuthors/en-us/blog/authors/david-desanto-chief-product-officer-gitlab.yml","David Desanto Chief Product Officer Gitlab",{"template":704},"BlogAuthor",{"name":19,"config":706},{"headshot":707,"ctfId":708},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749660185/Blog/Author%20Headshots/david-headshot.jpg","david",{},"/en-us/blog/authors/david-desanto-chief-product-officer-gitlab",{},"en-us/blog/authors/david-desanto-chief-product-officer-gitlab","CWNslzhrEbXP6GadZytZo-1T5TW8lGehoUf1Fh5cpMU",{"id":715,"title":716,"body":9,"config":717,"content":718,"description":9,"extension":27,"meta":722,"navigation":13,"path":723,"seo":724,"stem":725,"__hash__":726},"blogAuthors/en-us/blog/authors/dean-agron-co-founder-and-ceo-oxeye.yml","Dean Agron Co Founder And Ceo Oxeye",{"template":704},{"name":20,"config":719},{"headshot":720,"ctfId":721},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749671963/Blog/Author%20Headshots/Dean_Photo__1_.jpg","6wQ0QwFZdbzAtYGZgnALkw",{},"/en-us/blog/authors/dean-agron-co-founder-and-ceo-oxeye",{},"en-us/blog/authors/dean-agron-co-founder-and-ceo-oxeye","fTBbh5fK14W0QD33io3uF9X1WXkc7gZCd_cyfpgJMIo",[728,741,753],{"content":729,"config":739},{"title":730,"description":731,"authors":732,"heroImage":734,"body":735,"date":736,"category":10,"tags":737},"GitLab named a 2026 Omdia Universe Leader","Omdia's 2026 report on AI-assisted software development ranked 19 vendors. Here is what GitLab's top scores mean for engineering teams.",[733],"Rebecca Carter","https://res.cloudinary.com/about-gitlab-com/image/upload/v1774465167/n5hlvrsrheadeccyr1oz.png","GitLab is named a Leader in the 2026 Omdia Universe for AI-assisted Software Development, IDE-based Tools. Of the nineteen vendors evaluated by the independent analyst firm, GitLab earned best-in-class scores in three categories: Solution Breadth (100%), Strategy and Innovation (88%), and Core Features (82%). Top-tier ratings followed for Extended Features and Vendor Execution.\n\n\nThis year's assessment is notable for a specific reason: Omdia expanded its evaluation criteria, and for the first time, AI development tools were scored on full software lifecycle capability, not just coding. That shift mirrors where the AI evolution is heading and shook up which vendors came out on top.\n\n\n![Omdia Universe chart](https://res.cloudinary.com/about-gitlab-com/image/upload/v1775848262/asyd6bpbtwlhicqonhit.png \"Source: Omdia, Universe: AI-assisted Software Development, Part 1: IDE-based Tools, 2026\")\n> [Download the full Omdia Universe report.](https://learn.gitlab.com/c/analyst-omdia-ai?x=fRC1cQ)\n\n## About Omdia Universe\n\nOmdia Universe plots vendors across Solution Capability and Strategy and Execution, producing three tiers: Leaders (strongest on both axes, recommended for every shortlist), Challengers (narrower feature range or earlier in maturity), and Prospects (earlier-stage or adjacent-fit vendors).\n\n## What changed in this year's assessment\n\nThe expansion of Omdia's criteria reflects something practitioners are already experiencing. AI coding tools have raised developer output significantly, and applications that once took weeks can now be prototyped in a fraction of the time. But acceleration at the coding stage does not automatically translate to faster delivery. Review backlogs grow. Security findings accumulate. Deployments still require coordination across teams using tools that were not designed to work together.\n\nOmdia captured this dynamic directly: The tools pulling ahead are the ones that handle testing, security, deployment, and orchestration. Not just code generation. That finding drove the decision to broaden the assessment criteria and separated the Leaders from the Challengers.\n\nThe other major shift in this year's report is how Omdia treated agentic AI. The 2026 assessment weighted agentic capabilities as a current evaluation dimension rather than a future consideration. This includes whether a platform can coordinate multiple tasks autonomously, orchestrate handoffs between specialized agents, and support teams at different stages of agent adoption.\n\n## Where GitLab scored\n\nGitLab earned best-in-class scores in three categories:\n\n**Solution Breadth: 100%.** Coverage of the full SDLC in a single platform, from planning and requirements through deployment and issue management. This includes lifecycle phases that most AI coding tools do not touch. For example, prebuilt agents like [Planner Agent](https://docs.gitlab.com/user/duo_agent_platform/agents/foundational_agents/planner/) and [Security Analyst Agent](https://docs.gitlab.com/user/duo_agent_platform/agents/foundational_agents/security_analyst_agent/) extend AI assistance into sprint planning, vulnerability triage, and remediation guidance: the parts of the lifecycle where delivery actually gets stuck.\n\n**Strategy and Innovation: 88%.** Differentiation through end-to-end orchestration, privacy-first architecture with no training on private data, and multi-model support via partnerships with Anthropic, Google, and AWS. Teams can select models suited to their workload and data requirements. The platform's approach to unified context, where agents collaborate across issues, merge requests, pipelines, and security findings without losing state, is an example of the architectural innovation Omdia recognized in this category.\n\n**Core Features: 82%.** This score reflects deep coverage across the parts of the lifecycle where engineering teams spend most of their time. Code is generated with real-time context from the IDE and codebase, tested across unit, integration, and security dimensions, and reviewed with prioritization built in. DevOps automation handles CI/CD, GitOps, and [root cause analysis](https://docs.gitlab.com/user/gitlab_duo_chat/examples/#troubleshoot-failed-cicd-jobs-with-root-cause-analysis) for pipeline failures. The [AI Impact Dashboard](https://docs.gitlab.com/user/analytics/duo_and_sdlc_trends/) gives teams measurable visibility into cycle times, deployment frequency, and where AI is actually moving the needle on productivity.\n\nGitLab also earned top-tier recognition for Extended Features (80%) and Vendor Execution (88%).\n\n## The changing role of human developers and AI agents\n\nOne of the more substantive findings in the Omdia report concerns the evolving role of the software developer alongside these tools. Development teams are increasingly a mix of AI engineers and their AI agents, with engineers supervising and directing agentic AI. With AI coding generating the bulk of the code, the human's job shifts toward ensuring technology requirements are actually met, supervising quality, applying right guardrails, designing autonomous production pipelines, and mediating between business goals and the use of agentic AI across the software lifecycle.\n\nThis shift has implications for how organizations evaluate their AI investments. A team that has automated code generation but still handles review, testing, and deployment manually has not yet truly accelerated software innovation. The productivity gain from faster coding compounds when the rest of the lifecycle can keep pace. It shrinks when it cannot, and the bottlenecks move downstream instead.\n\n## Enterprise readiness as table stakes\n\nSomething notable in how Omdia structured this year's assessment: enterprise controls and guardrails are no longer a bonus category. Compliance certifications, deployment flexibility, and privacy architecture appeared as baseline expectations for Leader-tier platforms, not as distinguishing features. Organizations in regulated industries and those with data sovereignty requirements are now weighing these factors as entry criteria.\n\nGitLab's posture on these dimensions highlight its unique differentiation in the market: SOC 2 and ISO 27001 certified platform, [privacy-first design](https://about.gitlab.com/blog/why-enterprise-independence-matters-more-than-ever-in-devsecops/) with no training on private customer data for its agentic AI capabilities, self-managed deployment support across cloud and on-premises (including air-gapped environments), and support for self-hosted AI models. Its consumption as a single-tenant SaaS application via GitLab Dedicated, with FedRAMP Moderate Authorized via GitLab Dedicated for Government, extends its leadership in deployment flexibility. \n\nThe Omdia report recognized these not as a feature list but as evidence of the platform's readiness for the organizations where the compliance bar is highest: financial services, government, healthcare, and other regulated sectors that cannot compromise on data residency or auditability.\n\n## Benchmark your maturity in software development\n\nFor teams actively evaluating where their AI development strategy stands, Omdia's recommendation is clear: GitLab belongs on the top of the list.\n\nThe deeper question for most engineering leaders right now is not which AI tool generates the best code. It is whether the code being generated can be put to production with the highest level of quality, security, and performance. It must be understood, governed, and maintained by the software teams responsible for it. With GitLab, coding speed translates to innovation velocity.\n\nIf you want to benchmark your organization’s maturity in software development best practices and evolution, you can get a personalized score and concrete next steps to take in these assessments for [AI Modernization](https://about.gitlab.com/assessments/ai-modernization-assessment/), [DevOps Modernization](https://about.gitlab.com/assessments/devops-modernization-assessment/), and [Security Modernization](https://about.gitlab.com/assessments/security-modernization-assessment/). \n\n[Download the full Omdia Universe report.](https://learn.gitlab.com/c/analyst-omdia-ai?x=fRC1cQ)\n","2026-04-13",[738,26,534,10],"research",{"featured":13,"template":14,"slug":740},"gitlab-named-a-2026-omdia-universe-leader",{"content":742,"config":751},{"title":743,"description":744,"authors":745,"heroImage":747,"date":748,"body":749,"category":10,"tags":750},"Introducing the GitLab Managed Service Provider (MSP) Partner Program","Build a profitable, services-led DevSecOps practice - backed by GitLab.",[746],"Karishma Kumar","https://res.cloudinary.com/about-gitlab-com/image/upload/v1772047747/ntihfmnu2fepamqemaas.png","2026-02-26","*This blog is written for managed service providers (MSPs) looking to build a GitLab practice. If you’re a developer or engineering leader, this is the program that can empower the partners who help teams like yours scale and move faster.*\n\nMany organizations know they need a modern DevSecOps platform. What they often don't have is the bandwidth to deploy, manage, and continuously optimize one while shipping software at the pace the business demands. That's a real opportunity for MSPs, and now GitLab has a defined program to support them.\n\nWe're excited to introduce the **GitLab MSP Partner Program**, a new global program that enables qualified MSPs to deliver GitLab as a fully managed service to their customers.\n\n## Why this matters for partners and customers\n\nFor the first time, GitLab has a formally defined, globally available program built specifically for MSPs. This means clear requirements, structured enablement, dedicated support, and real financial benefits, so partners can confidently invest in building a GitLab managed services practice.\n\nThe timing is right. Organizations are accelerating their DevSecOps journeys, but many are navigating complex migrations, sprawling toolchains, and growing security requirements on top of their core work of building and shipping software.\n\nGitLab MSP partners handle the operational side of running the platform, including deployment, migration, administration, and ongoing support, so development teams can stay focused on what they do best.\n\n## What MSP partners get\n\n**Financial benefits**: MSP partners earn GitLab partner margins plus an additional MSP premium on all transactions, new business, and renewals. You also retain 100% of the service fees you charge customers for deployment, migration, training, enablement, and strategic consulting. That's multiple recurring revenue streams built around a single platform.\n\n**Enablement and education**: Partners have access to quarterly technical bootcamps covering version updates, new features, best practices, ongoing roadmap updates, and peer sharing. Recommended cloud certifications (AWS Solutions Architect Associate, GCP Associate Cloud Engineer) round out the technical foundation.\n\n**Go-to-market support**: MSPs receive a GitLab Certified MSP Partner badge, co-brandable assets, eligibility for joint customer case studies, a Partner Locator listing, and access to Marketing Development Funds (MDF) for qualified demand generation activities.\n\n## What customers can expect\n\nCustomers working with a GitLab MSP partner get a structured, managed DevSecOps experience, documented and repeatable implementation methodologies, regular business reviews, and support with clearly defined response and escalation paths.\n\nThe result: Development teams can stay focused on building great software while their MSP partner focuses on running and optimizing the platform.\n\n## A new opportunity around AI\n\nOrganizations are increasingly looking to safely introduce AI into their software development workflows, and even experienced teams can benefit from a structured approach to rolling it out at scale. GitLab MSP partners are well-positioned to guide customers through GitLab Duo Agent Platform as part of a broader managed services offering.\n\nBy combining GitLab's DevSecOps platform with MSP-delivered operational expertise, customers can experiment with AI-assisted workflows in a governed environment, meet data residency and compliance requirements, and scale AI adoption across teams without overburdening internal resources.\n\n## Is this right for your business?\n\nThe GitLab MSP Partner Program is a strong fit if you:\n\n* Already deliver managed services in cloud, infrastructure, or application operations  \n* Want to add high-value DevSecOps to your portfolio  \n* Have or want to build technical talent interested in modern development platforms  \n* Prefer long-term customer relationships over one-time transactions\n\nIf you're already a GitLab Select and Professional Services Partner, the MSP program gives you a structured way to turn your existing expertise into a repeatable managed offering.\n\n## Getting started\n\nThe program launches with the **Certified MSP Partner** designation. There's no minimum ARR or customer count required to join. Here's how the path looks:\n\n1. **Confirm fit** - Verify you meet the business and technical requirements outlined in the [handbook page](https://handbook.gitlab.com/handbook/resellers/channel-program-guide/#the-gitlab-managed-service-provider-msp-partner-program).  \n2. **Apply via the GitLab Partner Portal** - Submit your application with business and technical documentation.  \n3. **Complete 90-day onboarding** - A structured onboarding journey covers contracts, technical enablement, sales training, and your first customer engagement.  \n4. **Launch your managed offering** - Package your services, set your SLAs, and begin engaging customers.\n\nCompleted applications are reviewed within approximately three business days.\n\n> Interested in building a GitLab managed services practice? New partners can apply [to become a GitLab Partner](https://about.gitlab.com/partners/). Existing partners can reach out to your GitLab representative to learn more about the program and tell us about the solutions you're currently offering customers through your MSP practice!\n",[26,10,276],{"featured":31,"template":14,"slug":752},"introducing-the-gitlab-managed-service-provider-msp-partner-program",{"content":754,"config":765},{"title":755,"authors":756,"date":760,"body":761,"category":10,"tags":762,"description":763,"heroImage":764},"DevSecOps-as-a-Service on Oracle Cloud Infrastructure by Data Intensity",[757,758,746,759],"Biju Thomas","Matt Genelin","Ryan Palmaro","2026-02-10","At GitLab, we know that many organizations choose GitLab Self-Managed for the control, customization, and security it provides. However, managing underlying infrastructure can be a significant operational challenge — especially for teams who want to focus on delivering software, not maintaining platforms.\n\nThat's why we're excited to work with [Oracle Cloud Infrastructure (OCI)](https://www.oracle.com/cloud/) and [Data Intensity](https://www.dataintensity.com/services/security-services/devsecops/), a trusted Oracle managed services provider, to offer a new managed service option, DevSecOps-as-a-Service, that brings together the best of both worlds: the control of GitLab Self-Managed with the operational ease of a fully managed service.\n\n## Why GitLab Self-Managed?\n\nGitLab Self-Managed gives you complete ownership of your DevSecOps platform. You control where your data lives, how your instance is configured, and can customize it to meet specific compliance, security, or operational requirements. This level of control is essential for organizations with strict regulatory requirements, data residency needs, or specific integration must-haves.\n\nThe challenge for some customers running on GitLab Self-Managed means managing servers, handling upgrades, ensuring high availability, and implementing disaster recovery. All require specialized expertise and dedicated resources.\n\n## A managed path to GitLab Self-Managed\n\nData Intensity's DevSecOps-as-a-Service on OCI removes these operational burdens while preserving the control benefits of GitLab Self-Managed. Instead of building and maintaining infrastructure yourself, you get a standalone GitLab instance managed by Data Intensity's team of experts, running on OCI's high-performance cloud infrastructure.\n\nHere's what's included:\n\n* Standalone GitLab instance on OCI infrastructure\n* 24x7 monitoring, alarming, and support\n* Quarterly patching scheduled during your chosen maintenance windows\n* Automated backups and disaster recovery protection\n\n## Scaling with your organization\n\nData Intensity’s managed service is designed to grow with your team, offering tiered architectures to match your specific user capacity and recovery requirements:\n\n| **Feature**        | **Standard**    | **Premier**     | **Premier +**   |\n|--------------------|-----------------|-----------------|-----------------|\n| **User Capacity**  | Up to 1,000     | Up to 2,000     | Up to 3,000     |\n| **Performance**    | 20 requests/sec | 40 requests/sec | 60 requests/sec |\n| **Availability**   | 99.9%           | 99.95%          | 99.99%          |\n| **Recovery (RTO)** | 48 hours        | 8 hours         | 4 hours         |\n\nFor more information, visit Data Intensity’s website to learn more about [DevSecOps-as-a-Service](https://www.dataintensity.com/services/security-services/devsecops/).\n\n## Why OCI for GitLab?\nOracle Cloud Infrastructure (OCI) provides a robust foundation for running GitLab Self-Managed, offering a secure, high-performance environment at a significantly lower cost than other hyperscalers. Organizations migrating workloads to OCI commonly realize infrastructure cost reductions of 40-50%, making it easier to fund and scale deployments.\n\nOCI supports a wide range of deployment models, from public cloud regions to specialized environments such as Government and EU Sovereign Clouds, as well as dedicated infrastructure deployed behind your firewall. These options come with consistent pricing, tooling, and operational experience, enabling teams to standardize GitLab deployments across regulated, hybrid, and global environments.\n\nThe combination of GitLab's comprehensive DevSecOps platform, OCI's high-performance infrastructure, and Data Intensity's managed services expertise provides a turnkey solution that lets your teams focus on what matters: building great software.\n\n## Is this right for your organization?\nConsider Data Intensity's DevSecOps-as-a-Service if you:\n* Want GitLab Self-Managed but need to minimize operational overhead\n* Require specific compliance, security, or data residency requirements\n* Need guaranteed SLAs and professional disaster recovery capabilities\n* Prefer predictable costs and expert management over building in-house infrastructure expertise\n* Are already using or planning to use OCI for your cloud infrastructure\n* Prioritize flexibility and control\n* Want a dedicated instance that’s managed externally but offers the control of a self-managed environment\n\n## Getting started\nOrganizations interested in running GitLab Self-Managed on OCI through Data Intensity's DevSecOps-as-a-Service can contact Data Intensity via the [Data Intensity website](https://www.dataintensity.com/services/security-services/devsecops/) to discuss specific requirements and begin deployment planning.\n\nModernizing your DevSecOps doesn't have to be complex. Data Intensity provides optional migration of code repositories and customizations to ensure a smooth transition to OCI.\n\nAs GitLab continues expanding our partner ecosystem, solutions like this demonstrate our commitment to giving organizations choice in how they deploy and manage GitLab — whether that's SaaS, self-managed, or managed services through trusted partners.",[276,534],"Run GitLab Self-Managed with minimal overhead. Data Intensity delivers DevSecOps-as-a-Service on OCI with expert management and disaster recovery.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1750098794/Blog/Hero%20Images/Blog/Hero%20Images/blog-image-template-1800x945%20%289%29_DoeBNJVrhv9FpF3WCsHNc_1750098793762.png",{"featured":13,"template":14,"slug":766},"devsecops-as-a-service-on-oracle-cloud-infrastructure-by-data-intensity",{"promotions":768},[769,783,795,806],{"id":770,"categories":771,"header":773,"text":774,"button":775,"image":780},"ai-modernization",[772],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":776,"config":777},"Get your AI maturity score",{"href":778,"dataGaName":779,"dataGaLocation":243},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":781},{"src":782},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":784,"categories":785,"header":787,"text":774,"button":788,"image":792},"devops-modernization",[786,37],"product","Are you just managing tools or shipping innovation?",{"text":789,"config":790},"Get your DevOps maturity score",{"href":791,"dataGaName":779,"dataGaLocation":243},"/assessments/devops-modernization-assessment/",{"config":793},{"src":794},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":796,"categories":797,"header":798,"text":774,"button":799,"image":803},"security-modernization",[25],"Are you trading speed for security?",{"text":800,"config":801},"Get your security maturity score",{"href":802,"dataGaName":779,"dataGaLocation":243},"/assessments/security-modernization-assessment/",{"config":804},{"src":805},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":807,"paths":808,"header":811,"text":812,"button":813,"image":818},"github-azure-migration",[809,810],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","Is your team ready for GitHub's Azure move?","GitHub is already rebuilding around Azure. Find out what it means for you.",{"text":814,"config":815},"See how GitLab compares to GitHub",{"href":816,"dataGaName":817,"dataGaLocation":243},"/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":819},{"src":794},{"header":821,"blurb":822,"button":823,"secondaryButton":828},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":824,"config":825},"Get your free trial",{"href":826,"dataGaName":50,"dataGaLocation":827},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":505,"config":829},{"href":54,"dataGaName":55,"dataGaLocation":827},1776444473248]