Socket, transforming how organizations protect their applications from the rising threat of software supply chain attacks, led by Feross Aboukhadijeh and the team, has raised $60 million Series C at a $1 billion valuation, led by Thrive Capital, with participation from Andreessen Horowitz, Abstract Ventures, and Capital One Ventures, bringing the total funding to $125 million.

AI has fundamentally changed how engineering teams write and ship code, dramatically increasing the amount of open-source software flowing into production systems. At the same time, attackers have continued exploiting a long-standing trust gap in open source, a risk the industry has historically struggled to address at scale.

The original bet behind Socket was that dependency security needed to move beyond reactive vulnerability scanning, which left a gap between malicious package release and detection.

That problem has intensified as AI-generated code increases reliance on unfamiliar open-source dependencies, while the volume of third-party code entering production continues to outpace human review and legacy security tools.

Open source is facing sustained supply chain attacks, with incidents increasingly becoming frequent and systematic rather than isolated.

Recent examples include repeated waves of the Shai-Hulud worm across npm, PyPI, and Packagist, compromise of Aqua Security’s Trivy scanner, and social engineering campaigns targeting Node.js maintainers, including contributors at Socket and the compromise of Axios.

Package hijackings and maintainer compromises, once rare, are now occurring weekly, exposing a long-standing trust gap in open-source ecosystems that traditional vulnerability disclosure processes are not designed to detect in real time.

Since closing its Series B in October 2024, Socket has grown from 7,500 to over 27,000 organizations, now protecting 1.5 million repositories and securing more than 11.6 million commits each month.

The platform blocks over 10,000 supply chain attacks weekly, and the company has scaled to a team of 100+ people.

The most ambitious AI companies, including Anthropic, xAI, Replit, Cursor, Vercel, Figma, Gusto, Mercado Libre, and Cribl, along with Fortune 100 enterprises in financial services and media, use Socket to secure fast-moving development workflows.

Since the last funding round, Socket has expanded its platform with capabilities like Socket Firewall, which blocks malicious packages at install time, reachability-based CVE triage (via Coana), and Socket Certified Patches, enabling teams to detect, prioritize, and remediate supply chain vulnerabilities with greater speed and precision.

When the Axios compromise occurred, Socket detected the malicious dependency within six minutes, with 2,000+ organizations onboarding within 24 hours to block it.

Thrive Capital led the round, highlighting that legacy security tools are no longer sufficient in an era where AI accelerates vulnerability discovery and exploitation.

With this round, Socket is focusing on five priorities: expanding Socket Firewall to improve real-time malicious package blocking, scaling Certified Patches to speed up safe CVE remediation, extending protection beyond packages into extensions, CI/CD, and AI tooling, and preparing new product launches that expand the platform into a new category.

The company will also continue growing its team while maintaining a high technical bar, alongside a refreshed brand and redesigned website.

Leaders from Thrive Capital, Anthropic, Abstract Ventures, and Andreessen Horowitz highlighted that Socket has become critical infrastructure for AI-era development, with adoption driven by leading AI companies and its ability to block malicious code in real time rather than detect it after the fact.

Investors emphasized Socket’s real-time protection model, strong product-market fit across frontier AI teams, and a self-reinforcing security flywheel that strengthens detection as adoption grows, positioning it as a category-defining company in supply chain security.

Customers, including Anthropic, Vanta, Replit, Vercel, JupiterOne, Doctolib, and Chia, highlight that Socket helps detect supply chain threats in real time, block malicious packages before they reach production, and significantly reduce alert noise and false positives.

Across teams, Socket is described as improving dependency hygiene, reducing security overhead, and enabling faster, safer development in AI-driven engineering environments.