HeroDevs LLC, a leading provider of security and compliance solutions for deprecated open-source software, today announced it raised $125 million in strategic growth investment from PSG.

Deprecated open-source projects are those where the original developers no longer recommend using them or are planning to stop updating them in the future. They are essentially legacy projects in the ecosystem that remain useful features for new projects and updates, although they are no longer maintained or supported.

Deprecation doesn’t mean that a feature is immediately unusable, but it could mean that it will be phased out. Numerous enterprise applications still rely on outdated open-source software, as the effort required to upgrade can be time-consuming and expensive. However, continuing to use it does come with risks because its lack of support means there will be no further bug fixes or new features, leading to potential security issues.

“In our view, open-source software runs the world,” said Aaron Frost, co-founder and chief executive of HeroDevs. “Through this investment, we’re doubling down on our mission of ensuring everyone — from developers to startups to enterprises and governments — has the tools and support to stay safe and compliant, even when they find themselves stuck running end-of-life open-source software.”

HeroDevs helps companies secure enterprise security stacks against potential vulnerabilities and security threats using its Never-Ending Support solutions, which provide secure replacements for vulnerable, unsupported or outdated OSS versions.

The rapid adoption of artificial intelligence is increasing the use of OSS and the average codebase has numerous open-source components. This results in a higher number of vulnerabilities, as noted in the Black Duck 2025 Open Source and Risk Analysis report by CinchOps Inc., which analyzed 1,658 application codebases. From the report, 97% of audited codebases contained OSS components and on average, applications had 911 open-source components, with 86% of codebases containing at least one vulnerability.

HeroDevs also announced it intends to dedicate $20 million toward the HeroDevs Open Source Sustainability Fund to support open-source creators, maintainers and projects that follow best end-of-life practices.

The Sustainability Fund, launched in June, is officially open and accepting applications. Developers can apply and will receive between $25,000 and $250,000. They must demonstrate strong community adoption and commit to following security best practices when they announce end-of-life intentions for their software projects.

Photo: Pixabay