Breaking News: Megalodon - CI/CD Malware Spreading Across GitHub Repositories
Read the Latest Research

Security at the Core. Trust by Design.

At OX Security, protecting your data is not an afterthought; it’s our foundation. We’ve built our platform and our company on the principles of security, privacy, and transparency. From day one, we’ve embraced rigorous controls and secure development practices that go far beyond compliance checkboxes. Our customers trust us because we treat their security like our own.

We are proud to be SOC 2 Type II complaint, ISO 27001:2022 certified and GDPR compliant, continuously investing in security to meet the highest standards. Whether you’re evaluating us for the first time or expanding your relationship with us, you can be confident that OX is secure by design.

Email us at security@ox.security if you have any additional questions.

Trusted by Security Teams Worldwide

OX Security powers and protects some of the most forward-thinking companies around the globe. Our partners rely on us to deliver secure, scalable, and reliable solutions without compromise.
naor
Naor Penso
Director of Product Security at FICO
OX is truly changing how companies secure their software supply chain, ensuring that all code comes from secure and trusted builds.
111
Golan Barash
CISO at 888 holdings
OX is changing the software supply chain security game. It gives a complete and reliable snapshot of code security before deployment.
seth
Seth Kirschner
Application Security Manager
“We’ve gone from weeks to hours when it comes to identifying and resolving issues. Before OX, some issues might linger for a month or two just because we didn’t know about them. Now, with OX we’re notified immediately, and we aim to remediate within hours. We’re no longer playing catch-up with updates to packages”
  • Banner OX Security
  • SINET16 Badge v1
  • AicpaSOC
  • GCV2023
  • WEFTP2023

Trusted by the most software forward organizations

  • Etoro
  • Forward Networks
  • Capitolis
  • DoubleVerify
  • microsoft
  • intel logo w
  • ibm
  • SoFi
  • ihg intercontinental hotels group vector logo 3
  • Etoro
  • Forward Networks
  • Capitolis
  • DoubleVerify
  • microsoft
  • intel logo w
  • ibm
  • SoFi
  • ihg intercontinental hotels group vector logo 3

Certified. Compliant. Transparent.

We don’t just say we care about security; we prove it.
Untitled design (77)
SOC 2 Type II
Available upon request
 Group 1000002391
GDPR Compliance
 ISO 27001
ISO 27001:2022
Certified

Built Securely.
Monitored Continuously.

Comprehensive
Vulnerability Disclosure Program (VDP)

We welcome responsible security research and offer a safe harbor for good-faith reports. More information about our Vulnerability Disclosure Program can be found here.

Efficient
Application Security Practices

Secure SDLC, code review, dependency management, SBOM, SAST, DAST, and runtime context visibility. OX is built with secure coding and continuous validation in mind.

Trusted
Secure Development Lifecycle

Security gates are embedded in every stage of our software development, from design to deployment. Our CI/CD workflows are protected with artifact integrity verification, policy enforcement, and PR/MR blocking to prevent misconfigurations and vulnerable code.

Transparency with Control

We believe in transparency while maintaining responsible access control. Below are publicly available documents, along with others available by request for customers or prospects under NDA.

Subprocessors

mongodb icon 2 1
Amazon Web Services
Compute Hosted in the EU
mongodb icon 2 1 1
MongoDB | EU
Database and data at rest encryption
mongodb icon 2 1 2
Auth0 | EU
Admin management and authorization
mongodb icon 2 1 3
DataDog | EU
Runtime and historical log analysis
azure (1)
Azure OpenAI | US
AI model hosting and generation (limited to AI features)

Getting started is easy

Bake security into your software pipeline. A single API integration is all you need to get started.
Book a demo Start Free