RapidFort Raises $42M Series A Led by Blue Cloud Ventures and Forgepoint Capital to Power the Next Generation of Software Supply Chain Defense

SAN FRANCISCO--(BUSINESS WIRE)--RapidFort, the technical leader defining the next generation of software supply chain security, today announced $42 million in Series A funding led by Blue Cloud Ventures and Forgepoint Capital, with participation from prior lead investor Felicis Ventures. Additional participants include Alumni Ventures, Boulder Ventures, Brave Capital, Evolution Ventures, Florida Funders, Gaingels, and Mana Ventures.

This funding arrives at a defining moment for cybersecurity and software delivery. AI has dramatically accelerated how software is built and shipped, and attackers are moving just as fast. As the window between vulnerability disclosure and exploitation continues to shrink, organizations can’t rely on quarterly patch cycles, manual triage, or “scan-and-pray” security. RapidFort’s accelerating revenue momentum reflects the market’s shift toward continuous, automated vulnerability elimination. According to Verizon’s latest Data Breach Investigations Report, vulnerability exploitation now accounts for 20% of breaches, nearly matching credential abuse at 22%. The message is unmistakable: vulnerability management must shift from reactive detection to continuous elimination.

“Software teams are shipping faster than ever—and attackers are moving even faster. RapidFort is building what the market urgently needs: continuous vulnerability remediation that keeps pace with modern development. Their end-to-end platform doesn’t just surface risk—it eliminates it. We’re excited to partner with RapidFort as they define the next era of software supply chain security,” said Rami Rahal, Managing Partner at Blue Cloud Ventures.

A New Category: Continuous Remediation for the Software Supply Chain

RapidFort is setting a new standard: remediation at machine speed, built directly into the software delivery pipeline. RapidFort secures the entire software lifecycle—from build through runtime—by continuously analyzing, remediating, hardening, and protecting software artifacts so vulnerabilities don’t survive long enough to become incidents.

“The problem isn’t that organizations don’t know they have vulnerabilities, it’s that they can’t fix them fast enough,” said Mehran Farimani, Founder and CEO of RapidFort. “AI has accelerated software delivery and attacker capability at the same time. The window between disclosure and exploitation has collapsed. RapidFort exists to eliminate vulnerabilities continuously—at machine speed—before they reach production.”

RapidFort combines automated vulnerability remediation with one of the industry’s most comprehensive catalogs of hardened, near-zero-CVE container images across major Linux distributions, enabling teams to dramatically reduce risk in days, not months.

Why RapidFort Wins: From “Finding Fires” to “Stopping Them”

RapidFort goes beyond scanning and detection. The platform eliminates risk through:

• Automated remediation: Continuous vulnerability removal embedded in CI/CD workflows, enabling teams to fix issues as software ships, not weeks later.
• Near-zero-CVE containers: Drop-in, hardened images across major Linux distributions that dramatically reduce CVEs without code changes, eliminating security debt from day one.
• Runtime intelligence: Behavioral analytics and image optimization that remove unused components, reducing attack surface by up to 90 percent.
• End-to-end hardening: Automated hardening and validation from build through production for consistent security across environments.
• Compliance-ready security: Built for regulated environments, supporting programs such as FedRAMP, CMMC, ATO, CRA and NIS2 with continuous risk reduction and auditable security controls.

Investing in the Future of Software Security for the AI Era

The Series A funding will accelerate RapidFort’s next phase of growth across product innovation, platform expansion, and enterprise adoption:

• Go-to-Market Expansion: Scaling sales, marketing, and partnerships to meet increasing demand for automated remediation
• Platform Innovation: Advancing automated remediation, near-zero-CVE software delivery, and continuous attack surface reduction
• Enterprise Adoption: Supporting deployments in regulated industries with deeper integrations, smoother onboarding, and operational scalability
• Software Supply Chain Assurance: Expanding end-to-end lifecycle security from build through runtime to ensure continuous protection and compliance

“RapidFort represents the evolution of software supply chain security from reactive to proactive,” said Ernie Bio, Managing Director at Forgepoint Capital. “In an AI-accelerated threat landscape, detection alone is table stakes. What matters is elimination. RapidFort is the only platform that combines comprehensive profiling, automated rebuilding, intelligent patching, and continuous validation at enterprise scale. We’re thrilled to partner with Mehran and the team as they define the new standard for software supply chain security.”

“What’s compelling about RapidFort is that it treats software artifacts as infrastructure. By hardening and validating images continuously, the platform creates a security foundation that scales across teams, tools, and environments—without forcing developers to change how they build,” said Jimmy Park, Vice President at Forgepoint Capital.

Learn more at rapidfort.com.

About RapidFort

RapidFort delivers the modern software supply chain security platform built for the AI era. Through automated vulnerability remediation, curated near-zero-CVE container images, runtime intelligence, and continuous hardening, RapidFort helps organizations eliminate vulnerabilities at the speed of development and accelerate compliance readiness. From startups to Fortune 500 enterprises, RapidFort enables teams to reduce attack surface, shrink security debt, and ship safer software with less overhead.