AI security firm depthfirst has announced a major Series A raise, securing forty million dollars as cyber threats driven by artificial intelligence continue to escalate at an unprecedented pace. The funding highlights growing investor confidence in AI-native security platforms as enterprises struggle to protect rapidly expanding codebases, cloud workloads, and software supply chains from increasingly automated attacks.
Depthfirst was founded in October twenty twenty four with a clear mission to close the widening gap between how fast software is built and how slowly it can be secured. Since then, the company has focused on building security tooling designed from the ground up for an AI-driven threat landscape. The new Series A round was led by Accel Partners, with participation from SV Angel, Mantis VC, and Alt Capital. The raise positions depthfirst as one of the most well-capitalized early-stage players focused specifically on AI-powered cyber defense.
At the core of the company’s offering is a platform it calls General Security Intelligence. Unlike traditional security tools that bolt AI features onto legacy systems, depthfirst says its platform is fully AI-native. The system continuously scans and analyzes codebases, development workflows, and production environments to identify risks that often slip through conventional defenses. These include exposed credentials, insecure dependencies, and vulnerabilities introduced through open source or third-party components.
As modern software teams ship updates at high velocity, security reviews often lag behind. This imbalance has created fertile ground for attackers who now use AI to automate reconnaissance, generate malware, and scale social engineering campaigns. Depthfirst argues that human-led security alone can no longer keep pace. Its platform aims to act as a persistent intelligence layer that adapts as fast as attackers do.
The company says General Security Intelligence goes beyond static scanning. It monitors how software evolves over time and how components interact across environments. By analyzing patterns instead of single events, the platform can surface subtle indicators of compromise or risk exposure that might otherwise remain hidden until damage is done. This approach reflects a broader shift in cybersecurity toward continuous, behavior-driven defense.
Depthfirst plans to deploy the new capital aggressively. The company intends to expand its applied research and engineering teams to deepen its AI capabilities. It also plans to invest heavily in product development and go-to-market efforts as demand grows from security-conscious enterprises. As AI adoption accelerates across industries, so too does the urgency to secure the systems that rely on it.
According to co-founder and chief executive Qasim Mithani, the company was created in response to a structural change in how software is built and attacked. He has said that the industry has entered an era where automation allows attackers to move faster than defenders using traditional tools. Mithani previously worked at Databricks and Amazon, where he saw firsthand how scale and speed can outstrip security processes. He believes AI must now be used just as fundamentally on the defensive side.
The leadership team behind depthfirst reflects a blend of deep expertise in artificial intelligence and security engineering. Co-founder Daniele Perito previously served as director of security and risk engineering at Square, part of Jack Dorsey’s Block. The company’s chief technology officer and co-founder, Andrea Michi, was previously an engineer at Google DeepMind, where he worked on advanced AI systems. This mix of backgrounds has shaped depthfirst’s focus on both rigorous security principles and cutting-edge machine learning.
The timing of the funding is notable. Cybercriminals are increasingly using AI to automate malicious activity at scale. These techniques range from generating convincing phishing messages to scanning vast numbers of systems for exploitable weaknesses. Attackers can now move faster, cheaper, and with fewer human operators than ever before. This trend has raised alarm across both the private sector and governments worldwide.
In late twenty twenty five, Anthropic publicly disclosed that it had disrupted what it described as the first AI-orchestrated cyber espionage campaign. The incident underscored the reality that AI is no longer just a productivity tool but also a weapon for sophisticated threat actors. Security teams now face adversaries that can adapt in real time and operate continuously.
Depthfirst positions its platform as a direct response to these emerging threats. The company says it can help organizations protect themselves from a wide range of AI-driven exploits by identifying weaknesses before attackers can weaponize them. By integrating directly into development and operational workflows, the platform aims to reduce friction between security and engineering teams, a long-standing challenge in the industry.
The startup has already begun forming partnerships with prominent technology companies, including AngelList, Lovable, and Moveworks. These early relationships suggest that demand for AI-native security tools is no longer limited to large enterprises but extends to fast-growing technology firms that depend on rapid development cycles.
Investors backing the round see depthfirst as part of a broader transformation in cybersecurity. As AI becomes embedded across software stacks, security tools must evolve from reactive systems into proactive intelligence platforms. Accel Partners has increasingly focused on companies that address infrastructure-level challenges created by AI adoption, and depthfirst fits squarely within that thesis.
The Series A also reflects a shift in how security startups differentiate themselves. Rather than focusing on narrow use cases, depthfirst is positioning General Security Intelligence as a foundational layer that can adapt as threats change. This flexibility may prove critical as attackers continue to experiment with new AI-driven techniques.
While the cybersecurity market is crowded, the company believes its AI-first architecture gives it an advantage. Legacy tools often struggle to analyze modern, distributed systems at scale. Depthfirst argues that starting fresh allowed it to design models and data pipelines suited for today’s development environments, from cloud-native applications to complex software supply chains.
As enterprises face mounting pressure from regulators, customers, and insurers to improve their security posture, platforms that offer continuous visibility and automated defense are gaining traction. The cost of breaches continues to rise, both financially and reputationally. In that context, investments like depthfirst’s forty million dollar Series A signal where the market believes the future of defense lies.
The company is still early in its journey, but the funding provides runway to accelerate growth and refine its technology. If AI continues to reshape both offense and defense in cybersecurity, depthfirst aims to ensure that defenders are no longer a step behind.
