Key takeaways
- Ona is the September 2025 rebrand of Gitpod (founded 2016, ~$41M raised) — pivoting from cloud dev environments to "the platform for background agents"
- Agent + Environment model — background agents run in sandboxed cloud environments with kernel-level policy enforcement and audit trails
- Enterprise focus: VPC deployment, SOC 2, SSO/OIDC; customers include BNY, Vanta, Pearson, and Hargreaves Lansdown
- Public pricing now exists — Core from $20/month with usage-based OCU credits; Enterprise is custom
- Claims 2M developers (from the Gitpod era) and quadrupled enterprise ARR YoY at the time of the rebrand
FAQ
What is Ona?
Ona is the rebrand of Gitpod — a platform for running background AI software engineering agents in sandboxed cloud development environments with organizational guardrails and enterprise compliance features.
Is Ona the same company as Gitpod?
Yes. Gitpod rebranded to Ona on September 2, 2025, shifting from a cloud dev environment product to an AI agent platform built on top of that environment technology.
Is Ona secure for enterprise use?
Yes — Ona offers VPC deployment, SOC 2 compliance, SSO/OIDC, RBAC, and audit trails on every human and AI action. It is deployed at major banks and pharmaceutical companies.
How does Ona differ from other coding agents?
Ona bundles agents with secure, isolated cloud environments and kernel-level organizational controls — the environment is the product, not just the AI model.
Who competes with Ona?
Devin, Factory, GitHub Codespaces + Copilot coding agent, and orchestration platforms like Tembo.
Executive Summary
Ona is the September 2025 rebrand of Gitpod, the cloud development environment (CDE) pioneer. The company now positions itself as "the platform for background agents" — run a team of AI software engineers in the cloud, "orchestrated, governed, secured at the kernel." [1] Unlike tools that focus solely on the AI agent, Ona bundles its battle-tested sandboxed environments with the agents themselves, addressing enterprise concerns about where agent execution actually happens. Deployed at major banks (BNY, Hargreaves Lansdown) and Fortune 500 companies. [1]
| Attribute | Value |
|---|---|
| Company | Ona (formerly Gitpod) |
| Founded | 2016 (rebranded September 2, 2025) [2] |
| Funding | ~$41M (investors include Bright Pixel, GTMfund, Kinled, MongoDB Ventures) [3] |
| Employees | ~77 [3] |
| Headquarters | Kiel, Germany [3] |
Product Overview
Ona's approach is environment-first: rather than just providing an AI agent that runs in your existing setup, Ona provides the entire sandboxed environment where the agent operates — the legacy of five-plus years building Gitpod's CDE technology. [1][4]
This addresses a key enterprise concern: when AI agents execute code and access systems, where does that execution happen? Ona's answer is isolated, controlled environments with kernel-level policy enforcement and full audit trails.
Key Capabilities
| Capability | Description |
|---|---|
| Background Agents | Execute end-to-end tasks autonomously, returning pull requests |
| Automations | Agent fleets triggered across codebases via PRs, schedules, or webhooks |
| Connected Environments | Full cloud environments with tools, network access, and permissions |
| Runtime AI Security | VPC deployment, audit trails, scoped credentials, kernel-level policies |
| Multi-Interface | Agent conversations, full VS Code in the browser, works on mobile |
Product Surfaces / Editions
| Surface | Description | Availability |
|---|---|---|
| Ona Agents | Background AI software engineering agents | GA |
| Ona Environments | Sandboxed cloud dev environments | GA |
| Ona Automations | Fleet-scale agent runs across many repos | GA |
| Ona Guardrails | Organizational controls, RBAC, audit trails | GA |
Technical Architecture
Ona provides the entire stack: environment + agent + controls.
Key Technical Details
| Aspect | Detail |
|---|---|
| Deployment | Ona cloud or "bank-grade" VPC deployment in your own cloud [5] |
| Model(s) | Not the differentiator — uses frontier models (Claude among them) inside its sandbox |
| Integrations | GitHub, GitLab, AWS, VS Code, SSO/OIDC providers |
| Open Source | Platform is proprietary; the company re-launched its open source program in 2025 |
Environments: Pre-configured with tools, dependencies, and controls. Available in Ona's cloud or inside your VPC for complete control over source, secrets, and network. [6]
Recent Developments (since February 2026)
- Automations is now a headline product surface — agent fleets triggered by PRs, schedules, or webhooks; one top-100 global company reports "90-95% of migration work is done by Ona Automations," and another modernized 400+ Python repos in 6 months [1]
- Security research: published "How Claude Code escapes its own denylist and sandbox" (March 2026), reinforcing its runtime-security positioning [1]
- "Software factory" livestream: demonstrated 130+ PRs generated in week one [1]
- Homepage now claims "83% of PRs co-authored by Ona" internally, up from 60% at rebrand time [1][2]
Strengths
- Proven environment technology — five-plus years of Gitpod CDE engineering underneath the agent layer [4]
- Security-first architecture — kernel-level policy enforcement and OS-level isolation, not just container sandboxing [1]
- Compliance ready — SOC 2, GDPR, audit trails on every human and AI action [6]
- Enterprise traction — named customers include BNY, GSR, Vanta, Pearson, EquipmentShare, and Hargreaves Lansdown; quadrupled enterprise ARR YoY with a near 8-figure contract at rebrand time [1][2]
- Scale — 2M developers reached during the Gitpod era [2]
- Transparent entry pricing — Core plan from $20/month with usage-based credits [5]
- VPC option — complete control over source, secrets, and network [6]
Cautions
- Identity-shift risk — the pivot away from the beloved Gitpod CDE alienated part of its developer community; HN reaction to the rebrand was notably mixed [7]
- Cost vs. local agents — early reviewers found it "quite a bit more expensive than a local solution" for comparable assistant capability [8]
- Usage-based pricing complexity — OCU credit metering makes costs harder to predict than seat-based competitors [5]
- Self-reported metrics — the 4× throughput and 83% PR co-authorship figures are company-reported, not independently audited [1]
- Enterprise sales cycle for full platform — VPC deployment, SLAs, and guardrails require custom Enterprise contracts [6]
- Environment lock-in — using Ona environments and Automations may create switching costs
What Developers Say
From the Hacker News thread on the rebrand [7] and early hands-on reviews [8]:
"RIP to Gitpod, once a great Remote Development Environment, now a generic AI agent." — tempaccount420, Hacker News
"With what Gitpod already offers, it totally makes sense for them to go down this route." — sakesun, Hacker News
"Seems more like an agent layer on top of their existing CDE product. Which is a bit different than a cursor/windsurf/etc clone." — notfromhere, Hacker News
"Comparable to other coding assistants, but quite a bit more expensive than a local solution." — The Friday Deploy review
Pricing & Licensing
| Tier | Price | Includes |
|---|---|---|
| Core | From $20/month | Up to 100 team members, pooled OCUs (80–2,200/month), unlimited parallel environments, up to 32 cores / 128GB RAM / 200GB disk, prebuilds |
| Add-on credits | From $10 per 40 OCUs | Additional agent/environment usage |
| Enterprise | Custom | VPC deployment, SSO/OIDC, audit trails, warm pools, MCP usage controls, SLAs, dedicated forward-deployed engineer |
Licensing model: Subscription + usage-based OCU (Ona Compute Unit) credits; Enterprise negotiated directly.
Hidden costs: OCU consumption scales with agent usage — heavy background-agent workloads can exceed the base allotment.
Competitive Positioning
Direct Competitors
| Competitor | Differentiation |
|---|---|
| Devin | Devin is agent-focused; Ona bundles environment + agent with kernel-level controls |
| Factory | Both enterprise-focused; Factory leads with agent orchestration, Ona with environments |
| GitHub Codespaces + Copilot coding agent | Microsoft's environment + AI combination, deeper GitHub lock-in |
| Tembo | Tembo is agent-agnostic orchestration without environment lock-in |
When to Choose Ona Over Alternatives
- Choose Ona when: You need bundled secure environments with enterprise compliance and fleet-scale automations
- Choose Devin when: You want a proven autonomous agent without environment bundling
- Choose GitHub when: You're already all-in on the GitHub/Codespaces ecosystem
- Choose Tembo when: You want agent orchestration without environment lock-in
Ideal Customer Profile
Best fit:
- Regulated enterprise environments (financial services, healthcare, pharma)
- Organizations needing complete audit trails on every human and AI action
- Companies requiring VPC deployment
- Teams running large-scale migrations or modernization (Automations)
- Existing Gitpod CDE customers adding agents
Poor fit:
- Solo developers happy with local agents (cost disadvantage)
- Teams wanting purely seat-based, predictable pricing
- Companies preferring to run agents in their existing local environments
Viability Assessment
| Factor | Assessment |
|---|---|
| Financial Health | ~$41M raised; quadrupled enterprise ARR YoY at rebrand (self-reported) [3][2] |
| Market Position | Strong niche — enterprise agents-in-environments, built on CDE incumbency |
| Innovation Pace | High — Automations, security research, and agent features shipping steadily through 2026 |
| Community/Ecosystem | Mixed — 2M Gitpod-era developers, but rebrand cost some community goodwill |
| Long-term Outlook | Improving — named enterprise logos and a near 8-figure contract suggest the pivot is landing |
Bottom Line
Ona's bundled environment + agent approach is compelling for enterprises where security and compliance are non-negotiable, and the Gitpod CDE heritage gives it real infrastructure credibility that pure agent startups lack. As of June 2026, named customers (BNY, Hargreaves Lansdown, Vanta, Pearson) and self-reported ARR growth suggest the September 2025 pivot is finding enterprise traction.
The trade-offs: usage-based OCU pricing is harder to predict than seats, costs run higher than local agent setups, and the rebrand alienated part of the original Gitpod community.
Recommended for: Regulated industries (financial services, healthcare, pharma) where security, compliance, and audit trails are mandatory — and for fleet-scale code modernization via Automations.
Not recommended for: Solo developers or small teams for whom local agents are cheaper, or organizations wanting purely predictable seat-based pricing.
Outlook: The pivot from CDE to agent platform looks credible — Ona kept its enterprise environment moat and put agents on top of it. Watch whether public pricing and the re-launched open source program rebuild the developer goodwill the rebrand spent.
Research by Ry Walker Research • methodology