Oxeye.io is a startup specializing in Application Security Posture Management (ASPM). The company provides advanced security solutions aimed at identifying, prioritizing, and mitigating application risks. Oxeye's primary focus is on filtering out the 90% of application security (AppSec) risks that are unlikely to be exploited, allowing businesses to concentrate on the most critical vulnerabilities.

Oxeye serves a diverse range of clients, including software development companies, enterprises with in-house development teams, and organizations that rely heavily on third-party code. The market it operates in is the cybersecurity sector, specifically targeting application security, which is a rapidly growing field due to the increasing number of cyber threats and the need for robust security measures in software development.

The business model of Oxeye revolves around providing a subscription-based service. Clients pay for access to Oxeye's platform, which offers continuous analysis of signals and data throughout the software development lifecycle. This enables clients to gain a customized view of actual application risks in their environment, rather than theoretical ones. The platform includes features such as Augmented Static Application Security Testing (SAST), which scans code both during development and in the testing stage to find vulnerabilities in custom and third-party code.

Oxeye makes money through these subscription fees, which are likely tiered based on the size of the client and the level of service required. By offering a comprehensive and proactive approach to application security, Oxeye helps its clients achieve AppSec maturity quickly, reducing the time and resources spent on chasing individual vulnerabilities.

Keywords: Application Security, ASPM, SAST, Cybersecurity, Vulnerability Management, Software Development, Risk Mitigation, Custom Code, Third-Party Code, Subscription Service.