depthfirst, a San Francisco, CA-based applied AI lab developing new security solutions, has raised $80 million in a Series B funding round led by Meritech Capital.
The round also saw participation from Forerunner Ventures and The House Fund, and existing investors, including Accel, Box Group, Liquid 2 Ventures, Alt Capital, and Mantis VC. The raise brought the total amount to $120M.
The company plans to use the funds to train more security models in new areas, grow its AI research team, and expand enterprise adoption.
Depthfirst was built on the idea that success in high-risk AI areas depends on two things: creating products that solve real customer problems and building specialized models for the most important tasks in each domain.
Read More:OpenBox AI Raises $5M in Seed Funding
The company also introduced its first in-house security model, dfs-mini1. It is designed to secure cryptocurrency smart contracts and is part of a larger effort to add specialized intelligence to its security platform. The model is based on an open-source system, improved using reinforcement learning in security-focused environments, and tested on OpenAI’s EVMBench, a benchmark for smart contract vulnerabilities.
In early use, dfs-mini1 performed better than leading models while costing 10x to 30x less. Initial results also show it can work well beyond smart contracts, suggesting its training approach can be applied to other security tasks.
AI has changed how software is built, helping businesses release more code, services, and updates faster than ever. At the same time, attackers are using AI to find weaknesses more quickly, while many security systems are still outdated and not built for this new reality. Depthfirst solves this problem with an AI-based platform that understands entire software systems, finds real risks, and provides accurate fixes directly in developer workflows, helping companies secure their software at the same speed it is created.
Since launching its products in late 2025, the company has partnered with Fortune 500 companies and fast-growing software firms like ClickUp, Lovable, Supabase, incident.io, and Moveworks to improve their security systems. Depthfirst’s platform has shown strong early results, finding far more real issues with much less noise than other tools, and about 80% of its suggested fixes are accepted and used by developers.
“When you control the training process, you can focus on what matters most for your domain,” said Andrea Michi, Chief Technology Officer of depthfirst. “For us, that means finding and verifying vulnerabilities. This leads to a model that is cheaper to run, performs better at the task, and improves more easily over time than a general-purpose system.”
“Recent market trends show that investors are beginning to see how AI will disrupt traditional security systems,” said Qasim Mithani, co-founder and CEO of depthfirst. “But to succeed in security, companies need models designed specifically for security tasks and built into real workflows. Creating these models requires specialized data, domain-focused testing, and strong expertise in post-training—and our team is among the few that can do this.”
“Securing modern software is more important than ever as AI-powered attacks become more advanced,” said Arsham Memarzadeh, General Partner at Meritech Capital. “What impressed us about depthfirst is its strong mix of research skills and real security experience, which helps deliver exactly what customers need.”
“What makes depthfirst different is that they go beyond just the application layer,” said Sara Ittelson, Partner at Accel. “They are building a company that controls both the product experience and the intelligence behind it, and we believe this approach will change how modern systems are secured.”
About depthfirst
Founded by Daniele Perito, Qasim Mithani, and Andrea Michi, depthfirst is an applied AI lab building advanced security solutions for businesses facing modern AI-driven threats. Its AI-based platform, General Security Intelligence, analyzes a company’s code, infrastructure, and business logic to find complex vulnerabilities, highlight the most important risks, and provide developers with ready-to-use fixes. The company’s goal is to protect the software behind critical systems before advanced AI-powered attackers target it, and it has raised $120M from investors such as Meritech Capital, Accel, Forerunner Ventures, Liquid 2 Ventures, Alt Capital, and Mantis VC.
Read More:Sycamore Raises $65M in Seed Funding
