Artificial intelligence‑native security platform startup depthfirst Inc. revealed today that it had raised $40 million in new funding to support its research and development, go‑to‑market efforts and hiring across applied research, engineering, product and sales.

Founded in 2024, depthfirst was created in response to a rapidly changing threat landscape where software is developed faster than traditional security tools can keep up and where attackers are increasingly using AI to find and exploit weaknesses. The company has as its mission to secure the world’s software by building tools that understand and protect code at the speed and scale of both development and attack.

Depthfirst’s General Security Intelligence platform uses custom AI agents to actively analyze and interpret a company’s codebases, infrastructure and workflows. The platform uses deep context and machine learning to detect subtle, complex vulnerabilities that traditional tools often miss.

The company takes a continuous, context‑aware vulnerability detection approach, in that the platform doesn’t just look for known patterns but also builds an understanding of how systems are structured and how they operate in real time. By doing so, the platform can catch not only obvious bugs but also logic flaws, insecure configurations and emergent threats that arise when software components interact in unexpected ways.

Along with detection, depthfirst also offers triage and remediation support, with its AI agents able to assess the severity of findings, reduce false positives and generate actionable recommendations and sometimes even ready‑to‑merge fixes so that developers can remediate issues more efficiently.

Depthfirst only formally launched to the public four months ago and in that time, its agents have uncovered eight times more true‑positive vulnerabilities than traditional static analysis tools, while reducing false positives by 85 %. In that short time, the company has managed to sign Lovable Inc., Supabase Inc., Moveworks Inc. and AngelList LLC as customers.

“Depthfirst felt like adding an autonomous senior product‑security engineer to our team at AngelList,” said Alberto Martinez, head of security at AngelList. “It quickly surfaced our top issues and got smarter over time by tracking context across scans, eliminating false positives and opening ready‑to‑merge fixes our developers immediately understand. It’s doubled the efficiency of our security‑engineering team.”

The Series A round was led by Accel Partners LP, with Alt Capital, BoxGroup, Liquid 2 Ventures, Mantis VC, SV Angel and angel investors including Jeff Dean, Kirsten Green, Colin Evans, Logan Kilpatrick and Julian Schrittwieser also participating.

“Software security is plagued by claims of ‘better signal to noise’ and legacy tools that are generally ill‑equipped to meet the heightened risks of modern‑day threats,” said Sara Ittelson, partner at Accel. “Depthfirst has the industry background and team best poised to transform this $400 billion corner of the enterprise market and just in time as AI and agentic tools become widely adopted.”

Photo: depthfirst