depthfirst, an applied AI lab focused on software security, has raised a $40 million Series A funding round as it positions its “General Security Intelligence” platform as a response to a fast-changing threat landscape shaped by AI-generated code and increasingly automated attacks. The round was led by Accel and included participation from Alt Capital, BoxGroup, Liquid 2 Ventures, Mantis VC and SV Angel, alongside angel investors Jeff Dean, Kirsten Green, Colin Evans, Logan Kilpatrick and Julian Schrittwieser, the company said.
Based in San Francisco, depthfirst is building an AI-native approach to detecting, triaging and remediating vulnerabilities across software and infrastructure. The company argues that traditional tools are struggling to keep pace as development speeds up and attackers adopt autonomous, always-on techniques that operate beyond “human-scale” exploitation.
In the four months since launching its product, depthfirst said its agents have uncovered eight times more true-positive vulnerabilities than conventional static analysis tools while cutting false positives by 85%. The company also reported state-of-the-art performance on CyberGym, a cybersecurity evaluation framework, citing a 90% improvement versus its prior benchmarks.
Since making the product generally available, depthfirst said it has signed customers including Lovable, Supabase, Moveworks and AngelList. Customer feedback highlighted the platform’s ability to track context across scans, reduce alert noise and generate fixes that are ready for developer review and merging.
Founded in 2024, depthfirst said its founding team includes technical leaders from Google DeepMind, Databricks and Faire. Proceeds from the Series A are expected to support research and development, go-to-market expansion and hiring across applied research, engineering, product and sales.
KEY QUOTES:
“We’ve entered an era where software is written faster than it can be secured. AI has already changed how attackers work. Defense has to evolve just as fundamentally.”
Qasim Mithani, Co-founder and CEO, depthfirst
“depthfirst felt like adding an autonomous senior product-security engineer to our team at AngelList. It quickly surfaced our top issues and got smarter over time by tracking context across scans, eliminating false positives, and opening ready-to-merge fixes our developers immediately understand. It’s doubled the efficiency of our security-engineering team.”
Alberto Martinez, Head of Security, AngelList
“depthfirst has fundamentally changed how we think about code security and quality at Moveworks. They not only find code defects and complex threats like backdoors and malware, but also proactively offer fixes. The result is stronger security and a measurable lift in code quality and review efficiency across the board.”
Damian Hasse, CISO, Moveworks
“Software security is plagued by claims of ‘better signal to noise’ and legacy tools that are generally ill-equipped to meet the heightened risks of modern day threats. depthfirst has the industry background and team best poised to transform this $400B corner of the enterprise market, and just in time as AI and agentic tools become widely adopted.”
Sara Ittelson, Partner, Accel
