Listen to this articleDepthfirst, an applied AI lab specializing in software security, secured $40 million in Series A funding. The round was led by Accel, with participation from Alt Capital, BoxGroup, Liquid 2 Ventures, Mantis VC, and SV Angel. Proceeds are earmarked for advancing research and development, enhancing go to market strategies, and expanding the team across applied research, engineering, product, and sales roles.
Founded in San Francisco by a team with roots at Google DeepMind, Databricks, and Faire, Depthfirst develops the General Security Intelligence platform, which uses AI agents to analyze code, infrastructure, and business logic. This approach detects complex vulnerabilities, reduces false positives by up to 85%, and provides ready to merge fixes, outperforming traditional static analysis tools by uncovering 8x more true positives. Early customers include Lovable, Supabase, Moveworks, and AngelList, where the platform has been praised for acting like an “autonomous senior product security engineer.”
The investment underscores the growing urgency for AI powered defenses against AI amplified threats, such as automated exploits and vulnerabilities in AI generated code. With a reported 24-month runway, Depthfirst is poised to scale its agentic platform, which has achieved state of the art performance on benchmarks like CyberGym, improving success rates by 90%. This could challenge established players in the $400 billion software security market by addressing gaps in legacy tools ill-equipped for modern, agentic threats.
Depthfirst’s $40 million Series A funding round marks a pivotal moment for the young San Francisco-based startup, positioning it at the forefront of AI native cybersecurity solutions in an era where software vulnerabilities are proliferating at an unprecedented rate. Founded just over a year prior in October 2024, the company has quickly emerged as a key player in addressing the dual edged sword of AI: its potential to both empower attackers and fortify defenses.
At its core, Depthfirst is an applied AI lab dedicated to securing modern software systems through its flagship General Security Intelligence platform. Unlike traditional security tools that rely on rule based scans and pattern matching, Depthfirst employs a holistic, AI first approach. Its agents build a unified view of a company’s code repositories, infrastructure, business logic, and interdependencies to identify complex vulnerabilities (such as cross service authentication bugs, hidden data exposures, and logic flaws) that legacy systems often miss. The platform not only detects issues but also triages them based on contextual relevance, separates true threats from noise, and delivers automated, ready to merge pull requests for remediation. This end to end capability is particularly vital in an environment where AI generated coding tools are accelerating software development, inadvertently introducing new risks at a pace that outstrips human oversight.
The founding team brings formidable expertise to this mission. CEO Qasim Mithani, drawing from experiences at leading tech firms, emphasizes the shift in the threat landscape: “We’ve entered an era where software is written faster than it can be secured. AI has already changed how attackers work. Defense has to evolve just as fundamentally.” Co-founders and key contributors hail from Google DeepMind, Databricks, and Faire, blending deep AI research with practical security engineering. In the mere four months since launching its product, Depthfirst has demonstrated tangible results, signing on high profile customers like Lovable, Supabase, Moveworks, and AngelList. Feedback from these users highlights the platform’s efficiency: AngelList’s Head of Security, Alberto Martinez, described it as “adding an autonomous senior product security engineer,” while Moveworks’ CISO, Damian Hasse, noted improvements in code quality and review efficiency.
Performance metrics further underscore Depthfirst’s edge. Its agents uncover 8x more true-positive vulnerabilities than traditional static analysis tools while slashing false positives by 85%. On the CyberGym benchmark (a rigorous evaluation framework for vulnerability exploitation) the company achieved a 90% improvement, elevating success rates from 20-28% to 53% through innovations like situational context, runtime instrumentation, and modular multi agent architectures. Depthfirst also maintains a proactive stance on ethical security practices, discovering new vulnerabilities in open source software weekly and adhering to a coordinated disclosure policy to allow maintainers time to patch issues.
The Series A round itself was led by Accel, a venture firm renowned for backing transformative tech companies like Slack and Dropbox. Partner Sara Ittelson praised Depthfirst’s potential to disrupt the $400 billion enterprise security market: “Software security is plagued by claims of ‘better signal to noise’ and legacy tools that are generally ill-equipped to meet the heightened risks of modern day threats.” The investor syndicate is equally impressive, combining institutional players like Liquid 2 Ventures (Joe Montana’s fund) and Mantis VC with angels who are luminaries in AI and tech. This backing not only provides capital but also strategic networks, particularly from AI experts like Jeff Dean and Julian Schrittwieser, to refine Depthfirst’s models.
Post funding valuation reportedly exceeds $200 million, offering a 24 month runway for growth. With no prior disclosed funding rounds evident, consistent with its recent inception, this Series A represents a significant vote of confidence in Depthfirst’s vision. The funds will fuel expansion in a market ripe for innovation. Global cybersecurity spending is projected to reach $520 billion annually by 2026, driven by the imperative to safeguard digitized infrastructure across sectors like healthcare, finance, and critical utilities. Within this, AI in cybersecurity is exploding: forecasts indicate growth from $44.24 billion in 2026 to $213.17 billion by 2034, at a CAGR of 21.71%. North America, Depthfirst’s home base, leads with a 34.90% market share in 2025, bolstered by government initiatives and tech adoption.
To contextualize, consider the following market projections:
| Year | Global AI in Cybersecurity Market Size (USD Billion) | CAGR (%) | Source |
| 2026 | 44.24 | 21.71 (2026-2034) | Fortune Business Insights |
| 2034 | 213.17 | – | Fortune Business Insights |
| 2026 | 35.40 | 18.93 (2026-2035) | Precedence Research |
| 2035 | 167.77 | – | Precedence Research |
| 2026 | Overall Cyber Spending: 520 | 15 (annual growth) | Cybersecurity Ventures |
This growth is propelled by rising AI powered attacks, where adversaries leverage automation for always-on exploits, outpacing human scale defenses. Depthfirst’s platform counters this by matching attacker speed with intelligent, context aware agents, potentially hardening the global software stack and enabling safer AI deployment.
Recommended: How To Set Up And Use Cash App For Seamless Transactions And Banking Features
Competitively, Depthfirst operates in a crowded yet fragmented space. It differentiates through its focus on agentic, end to end security rather than siloed tools. Key rivals include:
| Competitor | Focus | Key Differentiation | Funding/Valuation (Latest Known) |
| Vectra AI | Network threat detection | Visibility into attacker movements | $300M+ raised; Valued at $1.2B+ |
| Radiant Security | SOC automation | AI powered incident response | Early stage; Focus on automation |
| Cyera | Data security posture | Cloud and data centric protection | $300M Series C; $1.4B valuation |
| Abnormal Security | Email and social engineering | Behavioral AI for fraud detection | $210M Series C; $4B valuation |
| Rapid7 | Vulnerability management | Attack surface visibility | Public (NASDAQ: RPD); Market cap ~$2B |
| SentinelOne | Endpoint protection | Advanced threat hunting | Public (NYSE: S); Market cap ~$7B |
| CrowdStrike | Endpoint and cloud security | User behavior monitoring | Public (NASDAQ: CRWD); Market cap ~$70B |
| Darktrace | Novel threat neutralization | Self learning AI | Acquired by Thoma Bravo for $5.3B |
Depthfirst’s emphasis on software specific vulnerabilities and automated fixes sets it apart, potentially appealing to dev-sec-ops teams in fast moving tech firms. However, scaling against incumbents like CrowdStrike or Microsoft will require sustained innovation and customer wins.
This funding could catalyze Depthfirst’s role in reshaping cybersecurity. By bridging AI offense and defense, it addresses a critical need: securing the software foundation of modern society against autonomous threats. Challenges remain, including talent acquisition in a competitive AI space and navigating regulatory scrutiny on AI ethics. Yet, with robust backing and proven early traction, Depthfirst is well equipped to influence the trajectory of secure, resilient software ecosystems.
Please email us your feedback and news tips at hello(at)superbcrew.com
Activate Social Media:
