Open-Source Supply Chain Security Company Tidelift Secures $27 Million

By Annie Baker • Jun 2, 2022
  • Tidelift recently announced it raised $27 million in funding. These are the details.

Tidelift – the premier provider of solutions for managing open source software supply chain health and security – announced $27 million in Series C funding led by Dorilton Ventures with Kaiser Permanente and Atlassian Ventures joining existing investors General Catalyst and Foundry Group. And as part of the transaction, Daniel Freeman of Dorilton Ventures has joined the Tidelift Board of Directors.

This new funding round comes as open-source software health and security have become a pressing priority for organizations and governments around the world. And recent threats to the software supply chain like the Log4Shell vulnerability has led organizations to reassess how they manage the health and security of the open-source software comprising the bulk of their applications. 

Plus the US Government is leading a coordinated and multi-agency effort to improve software security standards in order to fulfill the directives from the White House Cybersecurity Executive Order. And this also adds pressure to organizations seeking to comply with these new standards in order to continue selling to the government, including creating software bills of materials (SBOMs) listing all of their application components, while simultaneously vouching for their security and provenance, including open source elements.

As organizations increase the use of open source in their applications, they face the growing challenge of keeping it well maintained and secure at scale. And the Tidelift approach to managing open source is being embraced across industries, including healthcare, finance, technology, and government. New and expanding Tidelift customers include Fannie Mae, Bloomberg, Hughes, Adobe, NASA Jet Propulsion Laboratory, IEEE, the United States Geological Survey, and the United States Air Force.

A central element of Tidelift’s model is that the company pays the independent open-source maintainers behind thousands of open source components to ensure their projects meet enterprise standards now and into the future. And the more subscribers that use an open-source component, the more its maintainers get paid, with no cap on potential earnings.


“Against a backdrop of increasing security threats and more stringent government software security standards, Tidelift is uniquely positioned to work with our open source maintainer partners to help maximize the value organizations get from open source while reducing risk. Our recent survey further supports this with findings showing 35% of respondents from large organizations believe open source software supply chain security is the most urgent issue for application development teams.” 

— Donald Fischer, Tidelift co-founder and CEO

“Tidelift’s unique approach marries the needs of enterprise application development teams and open source maintainers in a win-win way where everyone benefits. We’re looking forward to being a part of realizing the Tidelift vision of making open source work better for everyone.”

— Daniel Freeman, General Partner at Dorilton Ventures

“Atlassian is always looking for ways to improve the experiences of our 200,000+ Cloud customers, especially those using Compass, our new mission control for distributed architecture. With help from Tidelift and their maintainer partners, our Cloud customers can continuously and proactively improve the health of the open source software supply chain, not just when they are ready to ship.”

— Matt Sonefeldt, Head of Atlassian Ventures