RapidFort, a leader in software supply chain security, has announced $42 million in Series A funding led by Blue Cloud Ventures and Forgepoint Capital, with additional participation from prior lead investor Felicis Ventures and others, to accelerate its continuous vulnerability elimination platform. Other participants in the funding round include Alumni Ventures, Boulder Ventures, Brave Capital, Evolution Ventures, Florida Funders, Gaingels, and Mana Ventures.

The funding arrives amidst a period of rapid change in cybersecurity and software delivery. The accelerated pace of software development, driven by AI, has been mirrored by attackers. The window between vulnerability disclosure and exploitation is shrinking, making traditional quarterly patch cycles and manual vulnerability management less effective. RapidFort’s increasing revenue momentum indicates a market shift towards continuous, automated vulnerability elimination. A recent Verizon Data Breach Investigations Report highlighted that vulnerability exploitation now accounts for 20% of breaches, closely approaching credential abuse at 22%.

Mehran Farimani, Founder and CEO of RapidFort, stated, “The problem isn’t that organizations don’t know they have vulnerabilities, it’s that they can’t fix them fast enough. AI has accelerated software delivery and attacker capability at the same time. The window between disclosure and exploitation has collapsed. RapidFort exists to eliminate vulnerabilities continuously—at machine speed—before they reach production.”RapidFort is establishing a new standard for remediation within the software delivery pipeline, operating at machine speed. The platform secures the entire software lifecycle, from build through runtime, by continuously analyzing, remediating, hardening, and protecting software artifacts. This approach aims to eliminate vulnerabilities before they can become incidents.

The platform eliminates risk through several key features. It provides automated remediation embedded in CI/CD workflows, allowing teams to address issues as software ships. RapidFort also offers a comprehensive catalog of hardened, near-zero-CVE container images across major Linux distributions, designed to reduce CVEs without code changes and mitigate security debt from the outset. Furthermore, its runtime intelligence uses behavioral analytics and image optimization to remove unused components, potentially reducing attack surfaces by up to 90%. The platform also ensures end-to-end hardening from build through production and offers compliance-ready security, supporting programs such as FedRAMP, CMMC, ATO, CRA, and NIS2 with continuous risk reduction and auditable security controls.

Rami Rahal, Managing Partner at Blue Cloud Ventures, commented, “Software teams are shipping faster than ever—and attackers are moving even faster. RapidFort is building what the market urgently needs: continuous vulnerability remediation that keeps pace with modern development. Their end-to-end platform doesn’t just surface risk—it eliminates it.”The Series A funding is intended to accelerate RapidFort’s next phase of growth across product innovation, platform expansion, and enterprise adoption. This includes scaling sales, marketing, and partnerships; advancing automated remediation, near-zero-CVE software delivery, and continuous attack surface reduction; supporting deployments in regulated industries with deeper integrations and smoother onboarding; and expanding end-to-end lifecycle security from build through runtime to ensure continuous protection and compliance.

Ernie Bio, Managing Director at Forgepoint Capital, noted, “RapidFort represents the evolution of software supply chain security from reactive to proactive. In an AI-accelerated threat landscape, detection alone is table stakes. What matters is elimination. RapidFort is the only platform that combines comprehensive profiling, automated rebuilding, intelligent patching, and continuous validation at enterprise scale.”Jimmy Park, Vice President at Forgepoint Capital, added, “What’s compelling about RapidFort is that it treats software artifacts as infrastructure. By hardening and validating images continuously, the platform creates a security foundation that scales across teams, tools, and environments—without forcing developers to change how they build.”