Software supply chain security firm RapidFort announced on Tuesday that it has raised $42 million in a Series A funding round to accelerate the development of its automated vulnerability elimination technology.
The investment was led by Blue Cloud Ventures and Forgepoint Capital, with participation from Felicis Ventures, Alumni Ventures, Boulder Ventures, Brave Capital, Evolution Ventures, Florida Funders, Gaingels, and Mana Ventures.
The San Francisco-based company has raised more than $50 million to date and will use the latest capital to scale its go-to-market efforts and expand its platform’s capabilities.
RapidFort provides a software attack surface management platform that secures the entire lifecycle by continuously analyzing and hardening software artifacts. The technology is designed to eliminate vulnerabilities before they reach production environments.
The platform offers a three-step approach to security, starting with tools that scan and profile containers in the CI/CD pipeline. This process generates a Software Bill of Materials (SBOM) and identifies unused packages that can be removed.
The company also maintains a catalog of thousands of curated, near-zero-CVE container images built on major Linux distributions. These images allow teams to replace vulnerable third-party base images with hardened versions that are FIPS 140-3 validated and STIG/CIS benchmarked.
RapidFort’s runtime intelligence further reduces the attack surface by removing components that are never executed during an application’s operation. The company claims this hardening process occurs with less than 1% compute overhead while ensuring compliance with federal standards such as FedRAMP and CMMC.
“The problem isn’t that organizations don’t know they have vulnerabilities, it’s that they can’t fix them fast enough,” said Mehran Farimani, founder and CEO of RapidFort. “RapidFort exists to eliminate vulnerabilities continuously — at machine speed — before they reach production.”
Related: Kasada Raises $20 Million for Anti-Bot Expansion
Related: Aisy Launches Out of Stealth to Transform Vulnerability Management
