The popular WordPress security company Patchstack has announced a $5 million funding round to bolster its mission of securing the entire lifecycle of open-source software. This follows a €2.7 million R&D grant from the European Innovation Council in 2022. This Estonian cybersecurity company was founded in 2016 by Oliver Sild and Dave Jong.
The Series A funding round was led by Karma Ventures, which is known for investing in deep-tech software companies. Other notable participants included G+D Ventures and Emilia Capital, the investment firm founded by Yoast creators Marieke van de Rakt and Joost de Valk.
On average, it takes over 200 days to patch critical security vulnerabilities. Patchstack aims to change that. Their platform helps developers quickly identify and prioritize new vulnerabilities, offering real-time mitigation without requiring user interaction or code changes.
Security Measures from Patchstack
Patchstack has also rolled out a managed VDP platform in collaboration with the European Union. It’s free for all plugin or theme developers and helps projects comply with the upcoming Cyber Resilience Act, which is expected to become law later this year.
Last month, Patchstack awarded the highest bounty in the history of WordPress bug bounty ($14,400) for exposing a critical vulnerability in the LiteSpeed Cache plugin through their Zero Day bug bounty program for WordPress. Last year, they published 76% of all known WordPress-related vulnerabilities, showcasing their market dominance.
Earlier this year, Google selected Patchstack for its AI for Cybersecurity accelerator program. This partnership will enhance their AI capabilities using the largest dataset of open-source security vulnerabilities available.
Kristjan Laanemaa from Karma Ventures expressed excitement about the partnership: “I have been following Patchstack’s progress for some time, have had many great discussions with Oliver, and think that the team is on a noble and exciting mission to protect users of open-source technologies from cyber threats.”
“We are pleased to join Patchstack’s vision of automating open-source software security with its unique approach of proactively protecting applications against vulnerabilities. We are particularly impressed by Patchstack’s exceptional leadership and remarkable talent, alongside its focus on delivering value based on the quality and execution for its customers and partners,” stated Alberto Pérez Arranz from G+D Ventures.