At a Glance
- Depthfirst closed a $40 million Series A round just five months after its October 2024 launch
- The startup’s AI-native platform scans code, monitors open-source risk, and flags credential leaks
- Accel Partners led the round, with SV Angel, Mantis VC, and Alt Capital joining
- Why it matters: As attackers automate with AI, defenders need equally fast, scalable tools
Depthfirst has burst onto the cybersecurity scene, announcing $40 million in fresh funding to scale an AI platform built to outpace AI-powered threats. The company, founded in October 2024, will use the capital to double down on engineering talent and sales reach.
Accel Partners led the Series A, while SV Angel, Mantis VC, and Alt Capital also bought in. The startup’s General Security Intelligence suite ingests a company’s entire codebase and workflow data, flagging vulnerabilities, exposed credentials, and risky third-party components in real time.
How Depthfirst’s AI Platform Works
The company’s pitch is simple: software ships faster than security teams can review it, so automation must close the gap. General Security Intelligence delivers:
- Continuous code scanning that surfaces flaws before release
- Credential-leak alerts that trigger immediate rotation
- Open-source and supply-chain monitoring to catch malicious updates
- Centralized dashboards that map risk across engineering pipelines
The platform runs natively on large-language-model architectures, letting it parse sprawling repositories and dependency graphs without hand-written rules.
Leadership With AI and Security Pedigrees
Co-founder and CEO Qasim Mithani previously built data platforms at Databricks and Amazon. He argues that attackers already weaponize automation, forcing defenders to evolve just as radically.
> “We’ve entered an era where software is written faster than it can be secured,” Mithani said in the funding announcement. “AI has already changed how attackers work. Defense has to evolve just as fundamentally.”
Fellow co-founders bring complementary chops:
- Daniele Perito, former director of security and risk engineering at Block’s Square unit
- Andrea Michi, ex-Google DeepMind engineer now serving as CTO
Customer Traction and Partnerships
Depthfirst claims early traction among fast-moving tech firms. AngelList, Lovable, and Moveworks are already using the platform to harden releases and monitor external packages. The company says its tools have blocked “AI-driven exploits” without detailing specific incidents.
Funding Allocation Plan
The $40 million infusion will fund:
- Applied research teams to refine detection models
- Engineering hires to expand platform capabilities
- Product managers tasked with roadmap acceleration
- Sales and marketing staff to chase enterprise accounts
Depthfirst did not disclose valuation or revenue metrics.
Broader AI Arms Race
The investment underscores a wider cyber industry race: criminals now lean on AI to craft malware, phish employees, and hunt vulnerabilities at machine speed. Last November, Anthropic said it had dismantled the first “AI-orchestrated cyber espionage campaign,” a milestone that highlights the stakes for defenders.
Key Takeaways
- Depthfirst secured one of the quickest Series A rounds in recent security history, going from zero to $40 million in five months
- Its AI-native platform aims to match the speed and scale of AI-powered attacks
- Funding will fuel staff expansion across research, engineering, and go-to-market functions
- Early adopters include AngelList, Lovable, and Moveworks, signaling confidence in the approach
