Software teams move fast. Attackers move faster. That tension is the entire modern software economy in one sentence, and it is exactly where RapidFort decided to plant its flag. Not in fear, not in compliance theater, not in another dashboard that tells you what is already broken. RapidFort went after the part nobody wants to touch. The software supply chain itself, where speed, security, and sanity usually fight to the death.
Founded in 2020 and headquartered in Sunnyvale, California, RapidFort built a platform that treats software artifacts the way serious operators treat infrastructure. Harden it continuously. Validate it relentlessly. Remove what does not belong. All without forcing developers to change how they work. That philosophy just earned RapidFort a $42M Series A, led by Blue Cloud Ventures and Forgepoint Capital, with Felicis Ventures returning after leading the $8.5M seed round in 2022. Total funding now sits at approximately $50.5M, valuation undisclosed, signal very loud.
Mehran Farimani did not wander into this problem by accident. Before co-founding RapidFort, Mehran Farimani ran EFI’s core business unit and previously founded Percipo, commercializing computer vision and artificial intelligence across more than 40,000 retail locations. He has seen what happens when innovation outpaces operational reality. Alongside Rajeev Kumar Thakur, CTO and co-founder who built mass scale systems at Palo Alto Networks and F5 Networks, and Russ Andersson, COO and co-founder whose operating resume includes companies acquired by Revance, Wiley, and IG Group, RapidFort was designed to remove friction without removing control.
The results are not theoretical. More than 100 global customers, including over 40 with FedRAMP and ATO requirements. Over 15,000 curated hardened images in production. Vulnerability reduction of up to 95%. Attack surface reduction of up to 90%. Defense Unicorns cut CVEs by 98%. ColorTokens reduced attack surface by 77%. Beyond Identity cut costs by 50% and accelerated FedRAMP timelines by 3 months. That is not noise. That is math.
George Manuelian joined in 2024 as CSRO after leading SASE go to market at Palo Alto Networks past $1.2B in revenue, with prior stops at Amazon Web Services, Versa Networks, and Cisco. The message from leadership and investors is consistent. Rami Rahal of Blue Cloud Ventures called out continuous remediation that actually eliminates risk. Jimmy Park of Forgepoint Capital highlighted treating software artifacts as infrastructure, scalable across teams and environments without disrupting developers.
RapidFort’s platform stitches DevTime protection, near zero CVE containers, and runtime intelligence into a single software attack surface management workflow. FIPS 140-3 validation. STIG and CIS benchmarks. SBOM and RBOM generation. Less than 1% compute overhead. Ubuntu, RHEL, Debian, Alpine. Compliance ready for FedRAMP, CMMC, ATO, CRA, and NIS2. Security that does not slow delivery tends to get adopted. Security that removes work tends to spread.
This raise is not about funding a company. It is about funding a posture. One where software ships fast, stays hardened, and stops apologizing for existing. That is a different kind of confidence, and the market has a way of rewarding teams that build it.
