Ostium, the Arbitrum perps platform with nearly $20B of traded volume, integrated Octane directly into its CI/CD pipeline. Now every commit is analyzed by Octane’s offensive security platform, enabling the team to identify issues during development and fix them immediately.
Ostium Shifts Security Left With Octane Integration
Ostium, the Arbitrum perps platform with nearly $20B of traded volume, integrated Octane directly into its CI/CD pipeline. Now every commit is analyzed by Octane’s offensive security platform, enabling the team to identify issues during development and fix them immediately.
Continuous Security for Perpetual Markets
Ostium is a leveraged trading platform on Arbitrum for currencies, indices, commodities, and crypto. It delivers self-custody, real-time transparency, and instant deposits and withdrawals, opening access to markets and instruments once reserved only for prime-brokered institutions.
Ostium’s markets settle more than $2B of monthly volume, with cumulative volume about to cross the $20B mark.
With a proven track record of securing such large (and growing) sums in production, Ostium decided to shift its security strategy left by integrating Octane into its development process.
Protection at Speed and Scale
With continued growth and ongoing active development, Ostium needs security that’s built into its codebase and feature set, enabling the team to ship fast and stay ahead of market demands.
Octane’s always-on, AI-powered offensive security platform addresses this exact need. With just a couple of clicks, Ostium integrated Octane into its main code branch, enabling automated security checks on every pull request. Every code change is now analyzed in CI, as each new commit triggers Octane’s automated vulnerability detectors.
Early Results for Ostium
From the initial CI/CD integration, Octane began surfacing meaningful, actionable findings for the Ostium team.
Octane’s multi-pass analysis built and analyzed cross-contract call graphs, covering access control and signature verification, upgrade/initializer flows, pricing/price-impact logic, and trade-closure safeguards.
The initial analysis surfaced a number of issues and delivered each with a PR-ready diff for review. Ostium then remediated these findings and ran additional analyses on the fixes, ensuring every line of code was covered before deployment.
- 51 total security analyses performed
- 493,249 lines of code analyzed by Octane
- 368 total findings identified during development
- $2 billion+ monthly trading volume protected
By running on every commit, Octane catches bugs that would otherwise stack up and create buggy states, helping Ostium ship clean, production-ready code with confidence.
Shift Security Left with Octane
Ostium is pushing new boundaries in onchain trading, combining the sophistication of TradFi with the openness of DeFi. We’re proud to support them as they scale this mission with proactive CI-native offensive security.
If you’re building an onchain platform, shifting security left is the right move. Embed Octane in your pipeline and sleep soundly knowing your contracts are analyzed on every commit.
Book your demo today with Octane’s expert security team to see what proactive protection can do for you.