With $200 million in Series E funding and a new $5.5 billion valuation, Harness will scale its AI-powered platform for security, compliance and reliability in software development. The investment will support R&D into AI agents, testing, cost optimization and security for AI workloads.
Checkmarx acquired AI security startup Tromzo to jumpstart its roadmap for agentic application security. The deal gives Checkmarx a ready-built platform and team focused on enterprise-grade triage and remediation agents designed to streamline vulnerability management.
Technical debt is no longer just a developer's dilemma; it's a global business risk. As companies cling to legacy systems and monolithic code, modernization efforts stall. Rising costs, slower delivery and AI limitations highlight the urgent need for scalable, future-ready architectures.
A 2025 DORA report states that AI adoption improves software delivery throughput but increases delivery instability, suggesting development teams are adapting for speed while their underlying systems lag behind.
Hiring a fractional CISO gives your business the executive security leadership it needs - without the full-time cost. But not all providers are equal. Knowing how to evaluate talent, provider stability and delivery is key to ensuring lasting value, trust and resilience.
Dustin Kirkland of Chainguard explains how verified, hardened components and AI-powered automation can prevent malware injection and reduce software supply chain risk. He outlines why secure builds, not reactive fixes, help protect open-source ecosystems.
Software sovereignty means complete ownership and control over critical systems. In national security contexts, this means no third-party dependencies, full control of data, and the ability to operate independently of external providers, said Ian Tien, CEO of Mattermost.
Ash Kulkarni, CEO at Elastic, discussed how bug bounty projects and close scrutiny by millions of developers worldwide have made open-source projects more secure than proprietary solutions. He recommends open APIs and interoperability as the future of effective security solutions.
AI can significantly accelerate code generation - helping developers go from idea to implementation in minutes - but AI-generated code is frequently based on insecure or flawed examples found in public code repositories, explains Chenxi Wang, founder and general partner at Rain Capital.
AI agents will be crucial in the software development life cycle to eliminate bugs, improving the quality of software, which could significantly reduce security vulnerabilities. Although managing AI agents for identity and access controls will be hard, said Jason Clinton, CISO at Anthropic.
Chainguard's $356 million Series D haul will help it push beyond securing containers to protecting virtual machines and language libraries. CEO Dan Lorenc says customers want security that scales with open-source adoption, especially amid rising software supply chain threats.
With Coana's team and tools, Socket aims to strengthen its platform's ability to identify actionable vulnerabilities. The integration will help security teams eliminate busywork, focusing on high-impact issues using precomputed reachability data from open source codebases.
Code security vendor Sonar’s acquisition of software development startup AutoCodeRover brings generative AI-powered code remediation to SonarQube. The Singapore-based team will lead Sonar’s R&D center, focusing on generative AI tools for DevOps workflows and faster software fixes.
Harness and Traceable are combining forces to create a DevSecOps platform that seamlessly integrates software delivery with security. The merger addresses the growing need for continuous security along with continuous delivery, ensuring applications remain protected from development to deployment.
From Google's $5.4 billion acquisition of Mandiant to Recorded Future's fraud insights following Mastercard's $2.65 billion purchase, threat intelligence vendors are innovating with AI and are focused on operationalizing their data through automation and managed services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
