AI security startup Socket hits $1B valuation after $60M raise to stop software supply chain attacks

AI-generated code is flooding into enterprise software faster than security teams can review it, and investors are betting that startups capable of spotting threats before they reach production could become one of the hottest categories in cybersecurity.

That bet is helping Socket join the unicorn club.

The developer security startup announced Thursday it has raised $60 million in Series C funding at a $1 billion valuation. The round was led by Thrive Capital, with participation from Andreessen Horowitz (a16z), Abstract Ventures, and Capital One Ventures.

Founded in 2020, Socket is trying to solve a growing problem inside modern software development. AI coding tools are helping engineers ship code faster than ever, though much of that code relies heavily on open-source packages pulled from outside repositories. That has created new openings for attackers targeting software supply chains.

The company counts Anthropic, xAI, Replit, Cursor, Figma, Vercel, Gusto, Mercado Libre, and Cribl among its customers, as well as Fortune 100 companies in financial services and media.

As AI speeds up coding, Socket raises $60M to stop malicious open-source threats

The timing of the raise reflects a broader shift happening across enterprise security. Software supply chain attacks have moved from a niche developer concern to a boardroom issue as organizations increasingly rely on open-source dependencies and AI-generated code.

A recent OWASP Top 10:2025 community survey ranked software supply chain failures as the top concern among respondents. A separate 2025 Linux Foundation report found that only 36% of organizations evaluate the direct dependencies of open source software before introducing new components into production environments.

Recent attacks have exposed how vulnerable the ecosystem has become. The compromise of Axios, one of the most widely used JavaScript packages, showed how quickly malicious code can spread once a dependency is poisoned. Socket said it identified the malicious dependency within six minutes and helped organizations block it before it entered production systems. The company added that more than 2,000 organizations onboarded to its platform within 24 hours of the incident.

Socket’s platform focuses on analyzing the behavior of open-source dependencies before they enter a company’s codebase. Instead of relying entirely on public vulnerability databases that often surface threats only after disclosure, the company says its system detects suspicious behavior patterns in real time, including previously unseen attack techniques. The platform combines AI-assisted analysis with human review to flag malicious packages, prioritize exploitable vulnerabilities, and reduce dependency risk.

“AI is changing how software gets built at every level,” said Feross Aboukhadijeh, founder and CEO of Socket. “Teams are moving faster, more code is being generated, and more of what ends up in production now comes from outside the company. The hard part is keeping that speed without losing visibility into what’s actually getting shipped, and that’s where Socket comes in.”

Investors see the shift as part of a larger change in cybersecurity. Traditional vulnerability scanners were built for an era when threats moved slower, and security teams had more time to react after weaknesses became public.

“Security is changing radically and rapidly,” said Philip Clark, Partner at Thrive Capital. “Legacy tools were designed to react to known vulnerabilities and assumed there was sufficient time to prevent a breach. Today, AI models can identify vulnerabilities so well and so quickly that this is no longer an option. We need tools like Socket that can identify threats in third-party code before they enter production, and we believe there is no team better positioned to meet that demand.”

The funding comes as enterprises race to secure software pipelines increasingly shaped by AI-generated code, autonomous coding agents, and open-source libraries maintained outside corporate walls. Investors appear convinced that securing the software supply chain may become one of the defining cybersecurity battles of the AI era.

Socket founder and CEO Feross Aboukhadijeh (Image credit: Socket)