With the rise of vibe coding—a brand new period outlined by AI-assisted creativity, speedy prototyping, and faster-than-ever code technology—builders are delivery software program at unprecedented pace. However whereas the productiveness positive factors are simple, the safety debt is mounting. In response, cybersecurity innovator OX Safety has introduced a $60 million Collection B funding spherical to deal with probably the most urgent challenges in trendy improvement: separating sign from noise in software safety. The spherical, led by DTCP with participation from IBM Ventures, Microsoft, Swisscom Ventures, Evolution Fairness Companions, and Team8, brings OX’s complete funding to $94 million.
This funding comes at an important second. Generative AI Code Era instruments are flooding codebases with clean-looking however probably susceptible code, whereas conventional human-led engineering continues to introduce its personal dangers. Standard Utility Safety (AppSec) instruments haven’t scaled to match this new actuality — as an alternative, they bombard groups with alerts, most of which don’t characterize actual threats. The result’s developer fatigue, wasted time, and ignored vulnerabilities that may result in catastrophic breaches.
“As AI-generated code turns into the brand new regular, the dangers it introduces are sometimes hidden beneath seemingly innocuous code, flaws that conventional safety instruments should not constructed to detect,” stated Neatsun Ziv, CEO and Co-founder of OX Safety. “OX is pioneering agentic code assessment, powered by AI and enhanced with important considering modules that mimic the judgment of prime safety engineers. By repeatedly modeling threat throughout each AI and human-generated code, we establish and prioritize the vulnerabilities that really matter.”
AI-Powered Safety for an AI-Generated World
On the core of OX Safety’s method is a philosophy of precision over quantity. Somewhat than making an attempt to handle each theoretical vulnerability, OX focuses on the 5% of points which can be really exploitable, reachable, and impactful. These are the failings that might realistically be weaponized by attackers and result in precise breaches.
Their platform makes use of a strong Utility Safety Posture Administration (ASPM) engine to attach the dots between static and dynamic evaluation, software program composition, CI/CD pipelines, cloud infrastructure, and runtime behaviors. It goes past generic alerts by modeling exploitability, analyzing assault path reachability, and correlating findings with enterprise influence. The result’s a threat profile that’s significant, manageable, and instantly actionable.
OX’s AI-driven prioritization engine integrates with over 100 developer and safety instruments. Due to its trivial deployment course of—usually full in just some hours—DevOps and AppSec groups can embed OX instantly into current workflows with out slowing something down.
The Actual Drawback: Too Many Alerts, Not Sufficient Context
From SAST and DAST to SCA, CSPM, and runtime monitoring, immediately’s enterprises use a tangled net of safety instruments. However the draw back of this tooling sprawl is a crushing quantity of alerts with no unified prioritization. Builders find yourself ignoring or delaying fixes, safety groups waste time triaging low-priority points, and the important vulnerabilities get misplaced within the chaos.
“Any safety software can discover countless vulnerabilities and subject a nonstop stream of alerts,” Ziv added. “We’re right here to inform you which particular vulnerabilities will really get you breached – and make it painfully clear what to repair first.”
OX’s platform gives code-to-cloud traceability, translating safety points into developer-friendly phrases, and providing guided repair suggestions. Its unified dashboard centralizes vulnerabilities, threat assessments, and remediation workflows—serving to groups scale back their imply time to remediation (MTTR) from weeks to days.
Why Now? A Excellent Storm for AppSec
In a current weblog publish, Ziv defined why this funding spherical is not only well timed—it’s pressing.
“Extra code is generated than ever earlier than—a lot of it by GenAI. Disclosed vulnerabilities are rising at a staggering tempo. Risk actors are executing assaults sooner, weaponizing software program vulnerabilities in document time—usually with the help of AI. Regardless of all this, AppSec budgets and sources have remained comparatively flat.”
This imbalance creates a harmful dynamic: extra assault floor, sooner exploits, however the identical restricted safety protection. OX was based in 2021 by Neatsun Ziv and Lior Arzi, veterans from Examine Level, in direct response to this new panorama—significantly the wake-up name of the SolarWinds provide chain assault.
Their objective was easy however transformative: construct an AppSec platform that really reduces threat—not by overwhelming groups with knowledge, however by serving to them repair what issues.
Trusted by World Leaders
As we speak, OX Safety is trusted by over 200 organizations throughout fintech, healthcare, cloud, and enterprise software program—together with Microsoft, IBM, SoFi, eToro, FICO, Tomorrow.io, and 888 Holdings.
Safety executives persistently cite OX’s ease of integration, distinctive buyer help, and its capacity to ship actual safety enhancements. CISO testimonials spotlight the platform’s capacity to offer:
- Finish-to-end traceability
- Quicker triaging and determination
- Automated remediation workflows
- Confidence in code earlier than deployment
“OX Safety helps our want for transparency and end-to-end traceability,” stated Danny Wishlitzky, Head of IT and Cybersecurity at Proximity. “This gives us with larger management—blocking vulnerabilities and bettering accuracy all through the event lifecycle.”
What’s Subsequent? Constructing the Way forward for Safe Growth
This newest $60 million infusion will energy OX’s subsequent wave of innovation. In keeping with the corporate, upcoming priorities embrace:
- Deeper help throughout your entire toolchain
- Much more exact threat modeling
- Broader visibility all through the SDLC
- Enhanced automation of triage and fixes
- World go-to-market growth
OX plans to proceed main the shift from fragmented tooling to unified, AI-driven software safety—particularly as vibe coding and GenAI develop into core to how software program is constructed.
“OX is the precision blade that slices via the noise of countless vulnerabilities,” stated Dean Shahar, Managing Director at DTCP. “As GenAI accelerates code creation past human scale, OX delivers laser-sharp accuracy to safe the ever-expanding assault floor.”
The way forward for AppSec isn’t about detecting extra—it’s about figuring out extra. OX Safety is ushering in a brand new paradigm the place alerts are contextual, dangers are quantifiable, and fixes are prioritized primarily based on real-world influence.
For builders and safety professionals constructing within the period of vibe coding, OX affords one thing the business has been desperately lacking: readability.
“Let’s cease chasing noise,” stated Ziv. “And give attention to the 5% that issues.”
