Get Silicon Valley Top 1000 Contacts List

Patchstack Raises $5M Series A for Open-Source Cybersecurity Tool

by

Estonian cybersecurity startup Patchstack has secured $5 million in Series A funding to enhance its open-source security solutions. Led by Karma Ventures, the round also saw participation from G+D Ventures and Emilia Capital, the investment firm of Yoast founders Marieke van de Rakt and Joost de Valk.

Patchstack aims to address the rising threat of security vulnerabilities in open-source software. The company’s platform allows developers to identify, prioritize, and auto-mitigate vulnerabilities in real-time without needing user intervention or code changes. By integrating its vulnerability intelligence with application vPatching technology, Patchstack provides swift protection for over five million websites.

The funding will help Patchstack expand its cybersecurity capabilities and prepare for the upcoming European Cyber Resilience Act. Expected to become law later this year, the act will require cybersecurity standards, including automatic updates and incident reporting for digital products in the EU. Patchstack has also released a free tool, co-funded by the EU, to help open-source vendors comply with these new regulations.

Currently, Patchstack serves major clients like GoDaddy, DigitalOcean, and Plesk, and plans to broaden its support for more content management systems and open-source software ecosystems. The company, which started as a WordPress-focused solution, has become a leader in open-source security intelligence, publishing 76% of all known WordPress vulnerabilities in 2023.

Patchstack’s bug bounty program has attracted ethical hackers, allowing the company to grow its vulnerability database, making it the largest CVE Naming Authority. With this extensive dataset, Patchstack was selected for Google’s AI for Cybersecurity accelerator program to further improve its AI capabilities.

Patchstack co-founder and CEO Oliver Sild shared the company’s vision to automate the entire open-source software security lifecycle, with plans to scale their product development and marketing teams following the Series A funding.

Related News