# OX Security **Source:** https://geo.sig.ai/brands/ox-security **Vertical:** Cybersecurity **Subcategory:** Software Supply Chain Security **Tier:** Emerging **Website:** ox.security **Last Updated:** 2026-04-14 ## Summary End-to-end software supply chain security; maps every component from code to cloud; unified SBOM and risk prioritization across the full development and delivery pipeline. Based in Tel Aviv. ## Company Overview OX Security is a software supply chain security company founded in 2021 and based in Tel Aviv, focused on securing the full pipeline from source code commit through deployment. The platform builds a complete pipeline bill of materials that maps every tool, dependency, and artifact involved in the software development and delivery process, then monitors for anomalies, tampering, and policy violations throughout. OX Security addresses threats including malicious code injections, compromised build pipelines, dependency confusion attacks, and unauthorized access to CI/CD infrastructure. The company integrates with existing development tools including GitHub, GitLab, Jenkins, and cloud platforms without requiring agents or modifications to existing workflows. Following high-profile software supply chain attacks including SolarWinds and Log4Shell, enterprises have prioritized supply chain security investment and OX Security has benefited from this heightened demand. The company serves technology companies and enterprises in regulated industries requiring comprehensive auditability of their software delivery processes. ## Frequently Asked Questions ### What is OX Security? OX Security is a software supply chain security platform that maps and protects every component of the development pipeline from code commit to cloud deployment, detecting tampering and policy violations end to end. ### Why is software supply chain security important? High-profile attacks like SolarWinds demonstrated that compromising build tools and dependencies can give attackers access to thousands of downstream organizations, making the integrity of the software delivery pipeline a critical security concern. ### How does OX Security integrate with existing workflows? OX Security integrates with GitHub, GitLab, Jenkins, and cloud platforms agentlessly, analyzing pipeline data without requiring modifications to existing development and deployment infrastructure. ### How much has OX Security raised? OX Security raised approximately $34M in funding from Team8, Microsoft's M12 venture fund, and IBM Ventures. The company was founded by Neatsun Ziv and Lior Arzi, who previously led product and security engineering at Check Point Software. ### What is OX Security's Active ASPM approach? OX Security's Active ASPM goes beyond passive posture assessment by continuously validating pipeline integrity in real time — detecting tampering events (unauthorized code modifications, pipeline config changes) as they happen and blocking malicious artifacts before they propagate downstream. This active enforcement distinguishes OX from ASPM platforms that assess posture without providing real-time protection. ### How does OX Security build and use its pipeline graph? OX Security constructs a complete graph of the software delivery pipeline — repositories, branches, CI/CD configurations, artifact registries, deployment targets, and the dependencies between them — and monitors this graph for integrity violations. This graph model allows OX to trace the provenance of any artifact deployed to production back through every transformation step, enabling forensic investigation of supply chain incidents. ### What SLSA compliance capabilities does OX Security provide? OX Security automatically generates and validates SLSA (Supply Chain Levels for Software Artifacts) attestations for build artifacts, providing cryptographic proof of build provenance that satisfies SLSA Level 3 and 4 requirements. Enterprise customers use OX's SLSA capabilities to meet software supply chain security requirements in government contracts and enterprise supplier assessments. ### How does OX Security integrate with existing DevSecOps tooling? OX Security integrates agentlessly with GitHub, GitLab, Bitbucket, Jenkins, CircleCI, Terraform, and major cloud deployment targets. It connects to existing security tools (Snyk, Checkmarx, Aqua) to incorporate their findings into OX's unified pipeline risk view without requiring replacement of the underlying scanning tools. ## Tags cybersecurity, startup, b2b, saas, security, supply-chain --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*