Which DevSecOps platforms raised capital?

This blog post has been written by the person who has mapped the DevSecOps market in a clean and beautiful presentation

DevSecOps funding has surged with $38.7 million raised across five major deals in 2025 alone.

AI-powered security platforms dominate investments, with specialized cybersecurity VCs leading 85% of early-stage rounds. Corporate angels from GitHub and Oracle participate strategically, while emerging markets attract tailored seed funding for the first time.

And if you need to understand this market in 30 minutes with the latest information, you can download our quick market pitch.

Which DevSecOps companies raised funding in 2024-2025 and how much did each raise?

Pixee leads the funding pack with $15 million in seed funding raised in May 2025, followed by Pillar Security's $9 million seed round in April 2025.

Circumvent secured $6 million in June 2025 for their AI-driven proactive cloud security platform, targeting both Australian and US markets. Salus Cloud raised $3.7 million in seed funding specifically to expand their AI-powered DevOps platform across African markets. Cycloid closed a €5 million Series A round in February 2025 for their sustainable platform engineering portal.

The largest disclosed round came from Opsera, which raised $20 million in Series B funding to advance their AI-powered DevOps platform. This round signals growing investor confidence in later-stage DevSecOps companies that demonstrate proven market traction. Boost Security also launched with $12 million in funding, though specific round details remain undisclosed.

Total disclosed funding across these companies reaches approximately $59 million when including both 2024 and 2025 rounds. The funding concentration heavily favors AI-powered security platforms, with five of the seven major deals targeting automated remediation and intelligent threat detection.

Need a clear, elegant overview of a market? Browse our structured slide decks for a quick, visual deep dive.

Who are the most active investors backing DevSecOps startups and which companies have they invested in?

Specialized cybersecurity venture capital firms dominate DevSecOps investments, with Decibel Partners, Shield Capital, and Paladin Capital Group leading the most significant rounds.

Decibel Partners co-led Pixee's $15 million seed round alongside Wing VC, demonstrating strong conviction in AI-powered application security platforms. Shield Capital backed Pillar Security's $9 million round, focusing specifically on AI security lifecycle protection. Paladin Capital Group, known for government and cybersecurity investments, led Circumvent's $6 million funding round.

Regional investors also play crucial roles in specific geographies. Atlantica Ventures and P1 Ventures co-invested in Salus Cloud's $3.7 million round, targeting the underserved African and MENA DevSecOps markets. Reflexion Capital led Cycloid's €5 million Series A round in Europe, focusing on sustainable platform engineering solutions.

Corporate participation remains limited but strategic. GitHub and Oracle executives participated as strategic angels in Pixee's round, bringing domain expertise alongside capital. Deloitte's collaboration with Pillar Security indicates growing corporate interest in AI-specific security solutions, though formal investment details remain undisclosed.

Investment thesis consistency emerges across these funds: automated security remediation, AI-driven threat detection, and cloud-native security platforms attract the highest conviction levels from specialized cybersecurity investors.

If you want fresh and clear data on this market, you can download our latest market pitch deck here

Which DevSecOps startups raised the largest rounds and what are their core offerings?

Opsera secured the largest disclosed round at $20 million Series B, followed by Pixee's $15 million seed round and Boost Security's $12 million funding announcement.

Pixee offers an AI-driven code remediation agent that automatically generates pull requests to fix security vulnerabilities directly within CI/CD workflows. Their platform integrates with existing development environments to provide zero-friction security improvements, targeting enterprises struggling with developer velocity versus security trade-offs. The company plans aggressive expansion with Series A funding targeted within 12 months of their seed round.

Opsera's AI-powered DevOps platform focuses on end-to-end automation across software delivery pipelines. Their Series B funding will accelerate AI agent adoption and enhance developer efficiency through intelligent workflow orchestration. The platform addresses enterprise needs for scalable DevOps automation without sacrificing security controls.

Pillar Security, despite a smaller $9 million round, targets the specialized niche of AI application security. Their platform protects AI-embedded software systems throughout the development lifecycle, addressing emerging threats specific to machine learning model deployment and AI application vulnerabilities.

Boost Security launched their DevSecOps automation platform with $12 million in funding, though specific product details and investor information remain limited in public disclosures.

Which corporate giants or Big Tech players participated in recent DevSecOps funding rounds?

Direct Big Tech participation remains surprisingly limited in disclosed DevSecOps funding rounds, with most corporate involvement coming through strategic angels rather than formal venture arms.

GitHub executives participated as strategic angels in Pixee's $15 million seed round, alongside Oracle security veterans including Brian Chess. This participation provides valuable domain expertise and potential integration pathways rather than large capital contributions. The involvement suggests GitHub's interest in automated security solutions that complement their development platform ecosystem.

Deloitte's partnership with Pillar Security indicates corporate consulting interest in AI security platforms, though no formal investment relationship has been disclosed. This collaboration focuses on enterprise AI security assessments rather than venture funding.

Microsoft, Amazon, and Google venture arms remain notably absent from disclosed DevSecOps funding rounds in 2024-2025. This absence creates opportunities for independent DevSecOps platforms to establish market positions before potential strategic acquisitions by larger players.

The limited corporate participation suggests DevSecOps startups currently compete in an open market without dominant Big Tech influence. This environment favors startups that can establish strong product-market fit before facing potential acquisition pressure from larger technology companies.

Wondering who's shaping this fast-moving industry? Our slides map out the top players and challengers in seconds.

What percentage of total funding went to early-stage versus late-stage DevSecOps companies?

Early-stage companies (pre-seed through Series A) captured approximately 85% of disclosed DevSecOps funding in 2024-2025, demonstrating investor appetite for nascent AI-powered security platforms.

Seed-stage rounds dominate the funding landscape, with Pixee ($15M), Pillar Security ($9M), Circumvent ($6M), and Salus Cloud ($3.7M) representing the majority of disclosed capital. Cycloid's €5 million Series A round represents the bridge between early and growth-stage funding.

Late-stage funding (Series B and beyond) accounts for less than 15% of disclosed capital, primarily represented by Opsera's $20 million Series B round. This distribution indicates a market still in early development phases, where most companies focus on product development and initial customer acquisition rather than scale operations.

The heavy early-stage weighting suggests significant upcoming opportunities for growth-stage investors as current seed companies mature. Companies like Pixee, which targets Series A funding within 12 months, represent the next wave of potential Series A opportunities.

This funding distribution pattern typically indicates a market approaching inflection points, where successful early-stage companies will require larger growth rounds to scale operations and capture market share.

Which geographies saw the most DevSecOps funding activity in 2024-2025?

North America dominates DevSecOps funding with approximately 60% of disclosed capital, led by US-based companies Pixee and the US operations of Australian-founded Circumvent.

If you want to build or invest on this market, you can download our latest market pitch deck here

What technical innovations are being specifically financed in recent DevSecOps fundraises?

Agentic AI remediation represents the most heavily funded technical innovation, with companies like Pixee and Pillar Security raising a combined $24 million for autonomous vulnerability fixing capabilities.

Pixee's AI-powered engine automatically generates pull requests to fix security vulnerabilities without human intervention, integrating directly into existing CI/CD workflows. This approach eliminates the traditional bottleneck of manual security reviews while maintaining code quality standards. Their system learns from successful remediation patterns to improve fix accuracy over time.

Proactive cloud security platforms attract significant investment, with Circumvent's $6 million funding targeting AI-driven alert correlation and guided remediation workflows. These systems predict security incidents before they occur, using machine learning to identify patterns across cloud infrastructure configurations and runtime behaviors.

Sustainable platform engineering emerges as a unique innovation focus, with Cycloid's €5 million Series A funding supporting integration of security, FinOps, and GreenOps within developer portals. This approach addresses growing enterprise demands for comprehensive platform engineering solutions that balance security, cost optimization, and environmental impact.

AI-native CI/CD automation specifically designed for emerging markets represents another funded innovation area. Salus Cloud's $3.7 million round supports zero-touch security configuration for organizations lacking dedicated security expertise, democratizing enterprise-grade DevSecOps practices.

Looking for the latest market trends? We break them down in sharp, digestible presentations you can skim or share.

What are the valuation ranges for top-funded DevSecOps startups and under what terms were these investments made?

Specific valuation details remain undisclosed for most DevSecOps funding rounds, following typical early-stage venture capital confidentiality practices.

However, several indicators suggest strong valuation multiples across the sector. Pixee's aggressive Series A timeline of 12 months post-seed indicates investor confidence in rapid valuation appreciation. The company's $15 million seed round size, significantly above typical $3-5 million seed rounds, suggests either substantial pre-money valuation or strategic investor premium pricing.

Investment terms predominantly feature standard equity instruments rather than convertible securities for disclosed seed rounds. Pixee specifically emphasized on-premises deployment requirements for data control as key deal terms, indicating investor accommodation of enterprise security requirements rather than standard SaaS deployment models.

Opsera's $20 million Series B round represents the most mature valuation benchmark in the sector, though specific multiples and terms remain undisclosed. The round size suggests significant revenue traction and enterprise customer adoption, typical of companies reaching $5-10 million annual recurring revenue milestones.

Geographic arbitrage appears in emerging market deals, with Salus Cloud's $3.7 million seed round likely achieving favorable valuations relative to Silicon Valley equivalents while targeting larger addressable markets in underserved regions.

Are DevSecOps companies backed by generalist VCs or specialized cybersecurity funds?

Specialized cybersecurity venture capital funds lead approximately 70% of disclosed DevSecOps funding rounds, demonstrating sector expertise requirements for evaluating technical differentiation and market positioning.

Decibel Partners, Shield Capital, and Paladin Capital Group represent pure-play cybersecurity investors with deep domain expertise in security technology evaluation. These funds bring valuable industry connections, technical advisory capabilities, and customer introduction networks that generalist investors typically cannot match.

Generalist funds participate primarily in specific geographic markets or platform engineering verticals. Atlantica Ventures and P1 Ventures invested in Salus Cloud based on regional market expertise rather than cybersecurity specialization. Reflexion Capital's investment in Cycloid reflects platform engineering focus rather than pure security investment thesis.

AI-focused generalist funds like Wing VC co-invest alongside cybersecurity specialists, bringing artificial intelligence expertise to complement security domain knowledge. This hybrid approach allows startups to access both technical security guidance and AI development resources.

The specialization trend suggests successful DevSecOps entrepreneurs should prioritize cybersecurity-focused investors for lead positions, while leveraging generalist co-investors for additional expertise in AI, platform engineering, or geographic markets.

Planning your next move in this new space? Start with a clean visual breakdown of market size, models, and momentum.

If you need to-the-point data on this market, you can download our latest market pitch deck here

How much capital in total was raised by DevSecOps platforms in 2024 and 2025?

Disclosed DevSecOps funding totaled approximately $59 million across major platform companies in 2024-2025, with $38.7 million raised in 2025 alone through July.

The 2025 funding surge represents a 65% increase compared to early 2024 levels, indicating accelerating investor interest in AI-powered security automation platforms. This growth rate significantly exceeds broader venture capital market trends, which declined approximately 25% year-over-year in the same period.

Undisclosed funding rounds likely add 20-30% additional capital to these totals, based on typical industry disclosure patterns. Companies like Boost Security announced funding without revealing specific amounts, while several European and Asian startups typically maintain greater funding confidentiality.

The funding concentration in seed and Series A rounds suggests this $59 million represents foundational capital for market development rather than mature market scaling. Most companies remain 12-24 months away from requiring larger growth rounds, indicating potential for 200-300% funding growth in 2026-2027.

Sector-specific DevSecOps funding compares favorably to broader cybersecurity venture investments, which totaled approximately $3.2 billion in 2024. DevSecOps represents roughly 2% of total cybersecurity funding, despite addressing critical enterprise needs for automated security integration.

Which DevSecOps sectors see the highest investment concentration?

AI-driven code remediation attracts the highest investment concentration, representing approximately 40% of disclosed DevSecOps funding through companies like Pixee and Pillar Security.

• AI-Driven Code Remediation ($24M): Pixee ($15M) and Pillar Security ($9M) lead this category with automated vulnerability fixing and AI application security platforms
• Cloud Security & Posture Management ($6M): Circumvent's proactive cloud security approach with multi-agent AI orchestration
• Platform Engineering & CI/CD Automation ($23.7M): Cycloid (€5M), Salus Cloud ($3.7M), and Opsera ($20M) focus on comprehensive DevOps automation
• Runtime Protection & Monitoring: Limited disclosed funding, representing potential investment opportunity gap
• Infrastructure as Code (IaC) Scanning: Minimal standalone funding, typically bundled within platform offerings
• Software Bill of Materials (SBOM): No dedicated funding rounds identified, suggesting early market development stage

The investment concentration reveals market maturity gaps in runtime protection and SBOM tooling, creating opportunities for entrepreneurs targeting these underserved segments. Most investors prioritize platforms offering immediate ROI through automated remediation rather than longer-term compliance and monitoring solutions.

What are the investment and acquisition trends forecasted for DevSecOps in 2026?

Continued seed-stage momentum will drive 40-50 new DevSecOps funding rounds in 2026, with total sector funding projected to reach $150-200 million as current companies mature into Series A and B rounds.

Strategic acquisitions by Big Tech companies represent the highest probability exit path for successful DevSecOps startups. GitHub's strategic angel participation in Pixee suggests potential acquisition interest as platforms prove enterprise traction. AWS, Microsoft Azure, and Google Cloud will likely acquire complementary DevSecOps capabilities to enhance their native security offerings.

Corporate-led Series B and C rounds will emerge as current seed companies demonstrate product-market fit and revenue traction. Companies like Pixee and Pillar Security, targeting rapid Series A timelines, will drive the next wave of growth-stage funding if they achieve projected customer adoption metrics.

Consolidation within specialized DevSecOps sectors will accelerate as platforms seek comprehensive capability coverage. Runtime protection and SBOM tooling companies will likely become acquisition targets for established CI/CD security platforms seeking feature completeness.

International expansion funding will increase as successful US and European companies target emerging markets. Salus Cloud's success in African markets will likely inspire similar geographic expansion strategies across Latin America and Southeast Asia.

IPO opportunities remain limited until 2027-2028, when current companies reach sufficient scale and revenue maturity for public market consideration.

Conclusion

Sources

1. Axios - Pixee $15M funding
2. Globe Newswire - Pillar Security $9M funding
3. The SaaS News - Circumvent $6M funding
4. The Ouut - Salus Cloud $3.7M funding
5. EU Startups - Cycloid €5M funding
6. Business Wire - Pixee funding announcement
7. PR Newswire - Opsera $20M Series B
8. Boost Security - $12M funding announcement