Autonomous offensive security company XBOW on Wednesday announced raising $120 million in a Series C funding round to scale its AI-powered platform that autonomously discovers and validates software vulnerabilities.
The round, which values the company at over $1 billion, was led by DFJ Growth and Northzone. The investment also included participation from Sofina, Alkeon Capital, Altimeter, NFDG Ventures, and Sequoia Capital.
This latest funding, which brings the total raised by the Seattle-based company to $237 million, will be used to accelerate expansion, fuel product innovation, and support international growth.
XBOW uses AI reasoning and adversarial workflows to continuously test applications for security flaws. Unlike traditional point-in-time penetration testing, the platform operates autonomously to identify and validate vulnerabilities at machine speed, aiming to keep pace with both modern development cycles and AI-powered attackers.
The company validates its platform through testing on live systems, having previously demonstrated its capabilities by reaching the top of the HackerOne leaderboard.
The XBOW platform is designed to execute targeted attacks autonomously, allowing security teams to explore deeper attack paths than traditional testing typically allows. Every potential finding is independently validated through real exploitation, providing teams with clear, reproducible proof and eliminating theoretical risks and scanner noise.
The system aims to work alongside security experts by automating exploration and validation, freeing them to focus on investigation, judgment, and remediation.
The company was founded by Oege de Moor, creator of GitHub Copilot and GitHub Advanced Security, and includes a core group of engineers from the original Copilot team. Nico Waisman, formerly CISO at Lyft, serves as the company’s CISO. He assembled a team of human hackers to help train the XBOW system.
“When I founded XBOW in January 2024, few believed AI could truly think like a hacker and operate at machine speed. We proved it. XBOW reached the top of the HackerOne leaderboard and is now deployed at some of the most security-forward companies in the world,” said de Moor. “Attackers are already using AI. Defenders need to move just as fast. XBOW provides that continuous speed, and this funding enables us to bring it to the entire industry.”
Related: Manifold Raises $8 Million for AI Detection and Response
Related: Cloud Security Startup Native Exits Stealth With $42 Million in Funding
Related: Tech Giants Invest $12.5 Million in Open Source Security
