depthfirst, an applied AI laboratory specializing in software security, announced today the close of its $40 million Series A funding round, led by Accel, with additional participation from Alt Capital, BoxGroup, Liquid 2 Ventures, Mantis VC, and SV Angel, alongside individual angel investors.

The investment will support depthfirst’s research and development, go-to-market strategies, and hiring initiatives across applied research, engineering, product, and sales. The company’s platform, General Security Intelligence, employs AI to detect, triage, and remediate vulnerabilities across software and infrastructure layers.

In a period where AI-generated coding tools are accelerating software production, the security landscape faces new challenges from automated, autonomous, and persistent threats. depthfirst aims to counter these advanced adversaries by developing AI agents that comprehend company systems end-to-end, enabling rapid and intelligent responses. The company’s mission, founded in 2024, is to secure the global software stack, facilitating resilient businesses and safe AI development.

Qasim Mithani, co-founder and CEO of depthfirst, noted, “We’ve entered an era where software is written faster than it can be secured. AI has already changed how attackers work. Defense has to evolve just as fundamentally.”

Since its product launch four months prior, depthfirst has demonstrated its agents uncover eight times more true-positive vulnerabilities than conventional static analysis tools, while simultaneously reducing false positives by 85%. The platform also achieved a 90% performance improvement over its prior benchmarks on CyberGym, a cybersecurity evaluation framework. The company has secured industry customers including Lovable, Supabase, Moveworks, and AngelList.

Alberto Martinez, Head of Security at AngelList, stated, “depthfirst felt like adding an autonomous senior product-security engineer to our team at AngelList. It quickly surfaced our top issues and got smarter over time by tracking context across scans, eliminating false positives, and opening ready-to-merge fixes our developers immediately understand. It’s doubled the efficiency of our security-engineering team.”

Traditional security tools, often designed for past threats, are proving inadequate against the rapid pace of AI-driven offense. In contrast, depthfirst’s General Security Intelligence platform utilizes an AI-first defense approach, analyzing a customer’s code, context, and threat model to identify vulnerabilities before exploitation.

Damian Hasse, CISO at Moveworks, commented, “depthfirst has fundamentally changed how we think about code security and quality at Moveworks. They not only find code defects and complex threats like backdoors and malware, but also proactively offer fixes. The result is stronger security and a measurable lift in code quality and review efficiency across the board.”

The depthfirst founding team includes technical leaders from Google DeepMind, Databricks, and Faire, combining expertise in AI and security research. Sara Ittelson, Partner at Accel, remarked on the state of software security, citing a market plagued by legacy tools. “depthfirst has the industry background and team best poised to transform this $400B corner of the enterprise market, and just in time as AI and agentic tools become widely adopted,” Ittelson added.