The all-remote company that decided software's entire lifecycle belonged in one application - and then sold it to the enterprise.
A developer in Lagos opens a laptop. A reviewer in Lisbon approves the merge. A security scan in São Paulo flags a dependency. Somewhere, an AI agent drafts the fix. No one is in the same room. No one is in the same country. The software ships anyway. This is a normal Tuesday at GitLab.
GitLab is a publicly traded software company with no headquarters, no office floor, and roughly two thousand team members scattered across about sixty countries. It builds a single application that tries to hold the entire job of making software - planning, writing, testing, securing, shipping - in one place. The company runs the way its product works: distributed, documented, and slightly allergic to the idea that you need to be in a building for any of it to count.
What GitLab sells is the absence of a problem most engineering teams have learned to live with. The average software team stitches together a dozen tools: one for the code, another for the pipeline, a third for security, a fourth for tracking the work. Each handoff is a place where things break, slow down, or quietly leak a vulnerability. GitLab's pitch is that the handoffs themselves are the enemy.
The boundary between a tool you code in and a tool you ship from should not exist. GitLab's whole argument is that the seams are where software goes to die.
By the early 2010s, building software had quietly become an exercise in integration management. Teams spent real engineering hours wiring their version control to their CI server, their CI server to their issue tracker, their issue tracker to their deployment system. Every connection was a contract that could break on a Friday afternoon.
The cost was rarely on anyone's budget line, which is exactly why it kept growing. You cannot easily invoice "the forty-five minutes we lost because the security scanner and the pipeline disagreed about a version number." But multiply that across every team, every sprint, every company, and you get an industry paying an enormous, invisible tax for the privilege of using best-of-breed tools that refuse to talk to each other.
Best-of-breed sounds like a compliment. To an engineering team drowning in integrations, it can feel more like a sentence.
In 2011, a Ukrainian developer named Dmitriy Zaporozhets wanted a self-hosted alternative to GitHub. So he built one and put it online as open source. It was, at first, a tool to scratch his own itch - a personal project that happened to be useful to other people.
A year later, a Dutch entrepreneur named Sytse Sijbrandij - everyone calls him Sid - spotted GitLab on Hacker News. He saw two things at once: a strong piece of engineering and a business waiting to be built around it. The two founders lived about two thousand kilometers apart, one in Ukraine, one in the Netherlands. Their first hire was in Serbia. A traditional company would have started by picking a city. They started by deciding they didn't need one.
That was the bet, and it was really two bets stacked on top of each other. The first: that the entire software lifecycle could live in a single application. The second: that a company could be built entirely remote, from day one, on purpose - not as a concession but as a strategy. In 2015 Y Combinator backed them. Most people thought at least one of the two bets was reckless.
Picking a headquarters is the first thing most startups do. GitLab's founders treated it as the first thing they could skip.
The center of GitLab is deceptively boring to describe: it is software that holds your software. Source code management sits next to the CI/CD pipelines that build and test it, which sit next to the security scanners that check it, which sit next to the boards that plan it. Because it is all one application, the parts share context instead of arguing about it.
It comes in a few shapes. You can use GitLab.com as a hosted service, run it yourself on your own infrastructure, or buy GitLab Dedicated when your compliance team has opinions about data residency. The free, open-source core remains, with paid Premium and Ultimate tiers stacking on advanced security, compliance, and governance for the enterprises that now make up the serious money.
Plan, code, secure, and deploy in one app. The seams between tools are simply gone.
AI across the lifecycle - suggestions, chat, vulnerability fixes, and an agent platform for human-AI work.
Enterprise tiers adding security, compliance, and portfolio governance, sold by seat.
Single-tenant SaaS for teams with strict isolation and data-residency requirements.
The newest chapter is AI, and GitLab is making a specific bet about it. GitLab Duo is not just another autocomplete in the editor. With GitLab 18 and the Duo Agent Platform, the company is arguing that AI should reach across the whole pipeline - understanding the code, the security posture, and the compliance rules at once - rather than cleverly finishing your next line and forgetting everything else.
Anyone can autocomplete a line of code. GitLab's wager is that the valuable AI is the one that understands the entire factory, not just the worker at the desk.
A nice thesis is worth nothing without customers willing to pay for it. GitLab's are. The platform reaches millions of registered developers and tens of thousands of paying organizations, from two-person startups to large enterprises and governments. The enterprise end is where the story compounds.
The growth is interesting, but the company is more interesting for how it grew. GitLab built this without ever renting a corporate floor, and it did something almost nobody does: it wrote the whole operation down. The GitLab company handbook is public, runs into thousands of pages, and tells anyone on the internet exactly how the company hires, decides, disagrees, and ships. Transparency at GitLab is not a poster in a lobby. There is no lobby.
The all-remote model gets treated as the headline, and it is a good one, but it is really a consequence of the same thinking that drove the product. If you believe handoffs are where work goes wrong, you design them out everywhere - between tools, and between people. An async-first company that writes decisions down instead of holding them in meetings is just the single-application thesis applied to humans. The same instinct shows up in both: reduce the number of places where context can get lost. GitLab did not stumble into being remote during a pandemic. It had been operating that way for the better part of a decade before the rest of the industry was forced to try.
Cloud infrastructure, marketplace reach, and deep integrations across both platforms.
Foundation models, including Claude, power GitLab Duo's AI features.
A free, contributable base keeps developers in the funnel and the product honest.
Most companies guard how they really operate. GitLab published the manual and dared the competition to read it.
GitLab's mission fits on a sticky note: everyone can contribute. It sounds like the kind of thing companies say and don't mean. GitLab built the whole organization around taking it literally. The boundary between a user and a contributor is kept as thin as the team can make it - on the product, where the open-source core invites changes, and on the company itself, where the handbook makes the inner workings public.
That value system has a name internally - the team summarizes it as CREDIT: Collaboration, Results, Efficiency, Diversity-Inclusion-Belonging, Iteration, and Transparency. It is the rare set of corporate values that you can actually audit, because the company keeps publishing how it lives up to them, and where it doesn't.
Software is being rewritten by AI, and the question is no longer whether machines will write code but who will be accountable for what they ship. That is a governance problem dressed as a productivity story, and it happens to land exactly where GitLab has spent a decade building: the place where code, security, and compliance already sit together.
If AI agents are going to plan, write, review, and deploy, they need a system of record for all of it - a single place that knows what changed, why, and whether it was allowed. GitLab's bet on one application was, in hindsight, a bet on exactly the substrate that autonomous software development will need. Whether the company wins that future is unsettled. That it is positioned for the argument is not.
The hard part of AI writing software was never the writing. It is knowing who signed off. That is the question GitLab was already built to answer.
The developer in Lagos closes the laptop. The merge in Lisbon is live. The flag from São Paulo is resolved, and the AI agent's fix is logged with a name and a reason next to it. Nobody drove to an office. Nobody waited for a tool to talk to another tool. The software shipped on a normal Tuesday, the way it is supposed to.
That is the whole point. GitLab took an industry that had quietly accepted friction as the cost of doing business and removed enough of it that a company with no walls could build software better than companies with plenty. The tanuki, it turns out, was never really about Git. It was about how few rooms you actually need.