RapidFort, a San Francisco, CA-based company that specializes in software supply chain security, has raised $42 million in a Series A funding round led by Blue Cloud Ventures and Forgepoint Capital.
The round also saw participation from prior lead investor Felicis Ventures. Additional participants included Alumni Ventures, Boulder Ventures, Brave Capital, Evolution Ventures, Florida Funders, Gaingels, and Mana Ventures.
Read More:Mitra EV Raises $27M in Funding
The company plans to use the funds to speed up growth in product innovation, platform expansion, and enterprise adoption.
- Go-to-Market Expansion: Grow sales, marketing, and partnerships to meet rising demand for automated remediation.
- Platform Innovation: Enhance automated remediation, near zero-CVE software delivery and continuous attack surface reduction.
- Enterprise Adoption: Enable deployments in regulated industries with better integrations, easier onboarding and scalable operations.
- Software Supply Chain Assurance: Extend security across the whole software lifecycle, from build to runtime, for continuous protection and compliance.
This funding comes at a critical time for cybersecurity and software delivery. AI is speeding up how software is built and shipped, while attackers are moving just as fast. With the gap between vulnerability disclosure, and exploitation shrinking, companies can’t rely on quarterly patches, manual checks, or basic scanning. RapidFort’s growing revenue shows the market is moving toward continuous, automated vulnerability removal. Verizon’s latest report shows vulnerabilities now cause 20% of breaches, nearly as much as credential abuse at 22%, highlighting the need to shift from reactive detection to continuous elimination.
RapidFort, a leader in software supply chain security, sets a new standard with remediation at machine speed, built directly into the software delivery pipeline. It protects the entire software lifecycle—from build to runtime—by continuously analyzing, fixing, hardening, and securing software to resolve vulnerabilities before they cause incidents.
RapidFort pairs automated vulnerability fixes with an extensive catalog of hardened, near-zero-CVE container images for major Linux distributions, helping teams reduce risk in days rather than months.
RapidFort does more than scan and detect, The platform reduces risk by:
- Automated remediation: Vulnerabilities are continuously fixed within CI/CD workflows so issues are resolved as software ships rather than weeks later.
- Near-zero-CVE containers: Hardened drop in images for major Linux distributions reduce CVEs without changing code eliminating security debt from day one.
- Runtime intelligence: Behavioral analytics and image optimization remove unused components cutting the attack surface by up to 90%.
- End to end hardening: Security is automated and validated from build to production for consistent protection across environments.
- Compliance-ready security: Designed for regulated environments, supporting FedRAMP, CMMC, ATO, CRA, and NIS2 with continuous risk reduction and auditable controls.
“RapidFort marks the shift in software supply chain security from reactive to proactive,” said Ernie Bio, Managing Director at Forgepoint Capital. “In today’s AI-driven threat landscape, detecting issues isn’t enough—eliminating them is key. RapidFort is the only platform that offers full profiling, automated rebuilding, smart patching, and continuous validation at enterprise scale. We’re excited to partner with Mehran and the team as they set the new standard in software supply chain security.”
“Software teams are moving faster than ever and attackers are even faster. RapidFort is delivering what the market needs, continuous vulnerability remediation that keeps up with modern development. Their platform doesn’t just identify risks it removes them. We’re excited to partner with RapidFort as they shape the future of software supply chain security,” said Rami Rahal, Managing Partner at Blue Cloud Ventures.
“The problem isn’t that organizations don’t know about vulnerabilities—it’s that they can’t fix them fast enough,” said Mehran Farimani, Founder, and CEO of RapidFort. “AI has sped up both software delivery and attacks, shrinking the time between disclosure and exploitation. RapidFort continuously eliminates vulnerabilities at machine speed before they reach production.”
About RapidFort
supply chain security platform designed for the AI era. With automated vulnerability fixes, curated near-zero-CVE container images, runtime intelligence and continuous hardening, RapidFort helps organizations quickly remove vulnerabilities and accelerate compliance. From startups to Fortune 500 companies, RapidFort helps teams reduce attack surfaces, cut security debt and deliver safer software with less effort.
Read More:Midi Health Raises $100M in Series D Funding
