Software supply chain security startup RapidFort Inc. announced today that it has raised $42 million in early-stage funding to expand go-to-market efforts, advance automated remediation, deepen enterprise adoption in regulated industries, and expand software supply chain security from build through runtime.

Founded in 2020, RapidFort secures modern software supply chains by eliminating vulnerabilities before they reach production, with a focus on helping development and security teams shift from slow, reactive vulnerability scanning to continuous, automated remediation that keeps pace with fast-moving development cycles.

RapidFort’s platform automatically identifies and removes unnecessary components and vulnerabilities from container images, rather than detecting and reporting vulnerabilities after code is written or deployed. According to RapidFort, teams can help reduce their exposure to known threats by up to 95% without rewriting code or adding manual effort.

“The problem isn’t that organizations don’t know they have vulnerabilities, it’s that they can’t fix them fast enough,” said founder and Chief Executive Mehran Farimani. “Artificial intelligence has accelerated software delivery and attacker capability at the same time. The window between disclosure and exploitation has collapsed. RapidFort exists to eliminate vulnerabilities continuously — at machine speed — before they reach production.”

One of the company’s core offerings is near-zero-CVE hardened container images, prebuilt software images based on popular Linux distributions that have been optimized to contain very few known Common Vulnerabilities and Exposures. The idea is that by starting with images that are already hardened and free of many unnecessary packages, development teams can dramatically cut the attack surface of their applications from the very beginning of the build process.

RapidFort also provides runtime intelligence and protection that monitors applications as they run, profiles execution paths to distinguish what code is used versus what is not and further reduces attack surface by removing unused components in live environments.

The Series A round was led by Blue Cloud Ventures and Forgepoint Capital, with Felicis Ventures Management Company, Alumni Ventures, Group Boulder Ventures, Brave Capital, Evolution Ventures, Florida Funders, Gaingels, and Mana Ventures also participating.

“Software teams are shipping faster than ever and attackers are moving even faster,” said Rami Rahal, managing partner at Blue Cloud Ventures. “RapidFort is building what the market urgently needs: continuous vulnerability remediation that keeps pace with modern development.”

The new funding takes the total raised by RapidFort to $51.42 million, according to data from Tracxn.

Image: RapidFort