With the rise of vibe coding—a new era defined by AI-assisted creativity, rapid prototyping, and faster-than-ever code generation—developers are shipping software at unprecedented speed. But while the productivity gains are undeniable, the security debt is mounting. In response, cybersecurity innovator OX Security has announced a $60 million Series B funding round to tackle one of the most pressing challenges in modern development: separating signal from noise in application security. The round, led by DTCP with participation from IBM Ventures, Microsoft, Swisscom Ventures, Evolution Equity Partners, and Team8, brings OX’s total funding to $94 million.
This funding comes at a crucial moment. Generative AI Code Generation tools are flooding codebases with clean-looking but potentially vulnerable code, while traditional human-led engineering continues to introduce its own risks. Conventional Application Security (AppSec) tools haven’t scaled to match this new reality — instead, they bombard teams with alerts, most of which don’t represent real threats. The result is developer fatigue, wasted time, and overlooked vulnerabilities that can lead to catastrophic breaches.
“As AI-generated code becomes the new normal, the risks it introduces are often hidden beneath seemingly innocuous code, flaws that traditional security tools are not built to detect,” said Neatsun Ziv, CEO and Co-founder of OX Security. “OX is pioneering agentic code review, powered by AI and enhanced with critical thinking modules that mimic the judgment of top security engineers. By continuously modeling risk across both AI and human-generated code, we identify and prioritize the vulnerabilities that actually matter.”
AI-Powered Security for an AI-Generated World
At the core of OX Security’s approach is a philosophy of precision over volume. Rather than trying to address every theoretical vulnerability, OX focuses on the 5% of issues that are truly exploitable, reachable, and impactful. These are the flaws that could realistically be weaponized by attackers and lead to actual breaches.
Their platform uses a powerful Application Security Posture Management (ASPM) engine to connect the dots between static and dynamic analysis, software composition, CI/CD pipelines, cloud infrastructure, and runtime behaviors. It goes beyond generic alerts by modeling exploitability, analyzing attack path reachability, and correlating findings with business impact. The result is a risk profile that’s meaningful, manageable, and immediately actionable.
OX’s AI-driven prioritization engine integrates with over 100 developer and security tools. Thanks to its trivial deployment process—often complete in just a few hours—DevOps and AppSec teams can embed OX directly into existing workflows without slowing anything down.
The Real Problem: Too Many Alerts, Not Enough Context
From SAST and DAST to SCA, CSPM, and runtime monitoring, today’s enterprises use a tangled web of security tools. But the downside of this tooling sprawl is a crushing volume of alerts with no unified prioritization. Developers end up ignoring or delaying fixes, security teams waste time triaging low-priority issues, and the critical vulnerabilities get lost in the chaos.
“Any security tool can find endless vulnerabilities and issue a nonstop stream of alerts,” Ziv added. “We’re here to tell you which specific vulnerabilities will actually get you breached – and make it painfully clear what to fix first.”
OX’s platform provides code-to-cloud traceability, translating security issues into developer-friendly terms, and offering guided fix recommendations. Its unified dashboard centralizes vulnerabilities, risk assessments, and remediation workflows—helping teams reduce their mean time to remediation (MTTR) from weeks to days.
Why Now? A Perfect Storm for AppSec
In a recent blog post, Ziv explained why this funding round is not just timely—it’s urgent.
“More code is generated than ever before—much of it by GenAI. Disclosed vulnerabilities are growing at a staggering pace. Threat actors are executing attacks faster, weaponizing software vulnerabilities in record time—often with the assistance of AI. Despite all this, AppSec budgets and resources have remained relatively flat.”
This imbalance creates a dangerous dynamic: more attack surface, faster exploits, but the same limited security coverage. OX was founded in 2021 by Neatsun Ziv and Lior Arzi, veterans from Check Point, in direct response to this new landscape—particularly the wake-up call of the SolarWinds supply chain attack.
Their goal was simple but transformative: build an AppSec platform that actually reduces risk—not by overwhelming teams with data, but by helping them fix what matters.
Trusted by Global Leaders
Today, OX Security is trusted by over 200 organizations across fintech, healthcare, cloud, and enterprise software—including Microsoft, IBM, SoFi, eToro, FICO, Tomorrow.io, and 888 Holdings.
Security executives consistently cite OX’s ease of integration, exceptional customer support, and its ability to deliver real security improvements. CISO testimonials highlight the platform’s ability to provide:
- End-to-end traceability
- Faster triaging and resolution
- Automated remediation workflows
- Confidence in code before deployment
“OX Security supports our need for transparency and end-to-end traceability,” said Danny Wishlitzky, Head of IT and Cybersecurity at Proximity. “This provides us with greater control—blocking vulnerabilities and improving accuracy throughout the development lifecycle.”
What’s Next? Building the Future of Secure Development
This latest $60 million infusion will power OX’s next wave of innovation. According to the company, upcoming priorities include:
- Deeper support across the entire toolchain
- Even more precise risk modeling
- Broader visibility throughout the SDLC
- Enhanced automation of triage and fixes
- Global go-to-market expansion
OX plans to continue leading the shift from fragmented tooling to unified, AI-driven application security—especially as vibe coding and GenAI become core to how software is built.
“OX is the precision blade that slices through the noise of endless vulnerabilities,” said Dean Shahar, Managing Director at DTCP. “As GenAI accelerates code creation beyond human scale, OX delivers laser-sharp accuracy to secure the ever-expanding attack surface.”
The future of AppSec isn’t about detecting more—it’s about knowing more. OX Security is ushering in a new paradigm where alerts are contextual, risks are quantifiable, and fixes are prioritized based on real-world impact.
For developers and security professionals building in the era of vibe coding, OX offers something the industry has been desperately missing: clarity.
“Let’s stop chasing noise,” said Ziv. “And focus on the 5% that matters.”
The post OX Security Raises $60M to Help Developers Focus on the 5% of AppSec Risks That Matter Most in the AI Era appeared first on Unite.AI.
