This post is also available in:
עברית (Hebrew)
Cybersecurity teams are facing a growing imbalance. Software is being developed and deployed faster than ever, while attackers increasingly use artificial intelligence to automate reconnaissance, exploit vulnerabilities, and scale social engineering campaigns. Traditional security tools, many of which rely on periodic scans or static rules, are struggling to keep pace with this shift.
According to Techcrunch, a new class of security platforms has emerged to address that gap by treating AI not as an add-on, but as the core of defense. One such approach by Depthfirst, which recently raised $40 million in a series A round, centers on continuously analyzing how software is written, connected, and operated, rather than waiting for known vulnerabilities to surface. The goal is to identify weaknesses early, including those introduced unintentionally through automation, third-party components, or exposed credentials.
This is the problem space targeted by a platform described as “General Security Intelligence”. Instead of focusing on a single layer, the system scans codebases, workflows, and dependencies to surface risks across the software lifecycle. It monitors for credential exposure, evaluates open-source and third-party components, and looks for patterns that could signal exploitable conditions before they are abused. By using AI-native analysis, the platform aims to keep up with the same automation attackers are already using.
A key feature is its ability to reason across large, complex environments. Modern applications are assembled from countless libraries, APIs, and services, often maintained by different teams. The platform is designed to correlate these elements, highlighting how a small issue in one area could cascade into a larger security problem elsewhere. This type of contextual analysis is difficult to achieve with tools built for slower, more static development cycles.
Military organizations, critical infrastructure operators, and government agencies rely on vast software ecosystems that include custom code, commercial platforms, and open-source components. As AI-driven cyberattacks move from experimentation to real-world operations, defending such environments requires tools that can operate at similar speed and scale. Continuous, AI-based analysis can support earlier detection of supply-chain risks, exposed credentials, and subtle weaknesses that might otherwise go unnoticed.
The platform’s development reflects a broader shift in cybersecurity strategy: moving from reactive patching to proactive understanding. Rather than assuming systems can be perfectly secured, the focus is on visibility, prioritization, and rapid mitigation in environments that are constantly changing.
As attackers continue to automate their operations, defenders are being forced to rethink how security is built and maintained. AI-native security platforms represent one attempt to restore balance by embedding intelligence directly into how software is created and operated—before weaknesses turn into incidents.
