Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI

Socket is scaling to defend open source against supply chain attacks as AI accelerates software development.

SAN FRANCISCO, CA, UNITED STATES, May 20, 2026 /EINPresswire.com/ -- Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI

Led by Thrive Capital, the round brings Socket to unicorn status as enterprises race to adopt AI coding tools and look for ways to secure the third-party dependencies entering production without slowing down

Socket today announced it has raised $60 million in Series C funding at a $1 billion valuation. Led by Thrive CapitaI, with participation from a16z, Abstract Ventures, and Capital One Ventures, the round will support Socket’s next phase of growth as more organizations race to adopt AI across software development and look for better ways to secure the open source code entering production without sacrificing engineering velocity.

Founded in 2020, Socket counts Anthropic, xAI, Replit, Cursor, Figma, Vercel, Gusto, Mercado LIbre, and Cribl among its customers, as well as Fortune 100 companies in financial services and global media.

AI is accelerating software development, but it is also increasing the volume of open source code entering production. For enterprises, secure software delivery now depends on being able to evaluate that code without slowing down development.

That shift is moving software supply chain security higher on the enterprise agenda. In the OWASP Top 10:2025 community survey, software supply chain failures ranked as the top concern. A 2025 Linux Foundation report found that only 36% of organizations evaluate the direct dependencies of open source code before using a new component.

The recent compromise of Axios, one of the most widely used packages in the JavaScript ecosystem, showed how quickly malicious code in a popular dependency can spread. Socket identified the malicious dependency within six minutes and moved quickly to help users and customers block the package from entering their environments. Within 24 hours, more than 2,000 organizations had onboarded to its platform.

Socket analyzes the behavior of open source dependencies before they enter an organization’s codebase. Rather than relying only on known vulnerability databases, which typically surface issues after public disclosure, Socket is built to identify malicious behavior and other signs of supply chain risk in real time, including novel attacks that have yet to be catalogued. The platform combines AI-assisted analysis with human verification to help teams identify malicious behavior, prioritize exploitable vulnerabilities, and remediate dependency risk.

“AI is changing how software gets built at every level,” said Feross Aboukhadijeh, founder and CEO of Socket. “Teams are moving faster, more code is being generated, and more of what ends up in production now comes from outside the company. The hard part is keeping that speed without losing visibility into what’s actually getting shipped, and that’s where Socket comes in.”

“Security is changing radically and rapidly,” said Philip Clark, Partner at Thrive Capital. “Legacy tools were designed to react to known vulnerabilities and assumed there was sufficient time to prevent a breach. Today, AI models can identify vulnerabilities so well and so quickly that this is no longer an option. We need tools like Socket that can identify threats in third party code before they enter production and we believe there is no team better positioned to meet that demand.”

About Socket
Socket is a developer-first security platform that protects organizations from software supply chain attacks. By analyzing open source dependencies for malicious behavior, Socket helps teams identify and block threats before they reach production.

Sarah Gooding
Socket Inc
press@socket.dev
Visit us on social media:
LinkedIn
Bluesky
Instagram
X

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.