Oligo Security

Oligo Security is a runtime application security platform founded by three childhood friends—Gal, Nadav, and Avshalom—who previously worked in elite cybersecurity units. The company is headquartered in New York City and also has offices in Israel. Oligo's core platform centers on runtime observability and protection, distinguishing itself by analyzing not just whether a software package is present in an application, but what that package is actively doing at runtime. This approach enables the platform to identify and prioritize only those vulnerabilities where the vulnerable code is actually being executed, significantly reducing alert noise compared to traditional Software Composition Analysis (SCA) tools. The platform consists of three main components: Cloud Application Detection and Response (CADR), Runtime Vulnerability Management, and Runtime AI. These capabilities address workload protection, supply chain security, real-time software bill of materials (SBOM/VEX), AI security management, compliance and assurance, and attack detection and response. Oligo's target audience includes Security Operations (SOC), Application Security (AppSec), Cloud Security (CloudSec) professionals, and security leadership. The platform is designed to unify visibility across these teams through a single runtime-driven view of risk. The company has published research on AI infrastructure threats, including the "ShadowRay" campaign targeting AI workloads. Customer case studies include companies such as Cresta, Sage, Cellebrite, OpenWeb, and FICO, with reported vulnerability reduction rates exceeding 99% in some deployments.