The biggest cybersecurity risk today isn’t just the code itself—it’s how the code is created. Archipelo, a San Francisco-based cybersecurity startup, has emerged from stealth with $12M in funding to introduce a new category of security: Developer Security Posture Management.
With human error responsible for 74% of security breaches (Verizon DBIR 2023) and AI-generated code introducing new risks, enterprises are struggling to secure the software development lifecycle. Archipelo’s DevSPM platform is the first solution to proactively secure both human and AI-driven code creation—before vulnerabilities ever reach production.
Funding and Industry Backing
Archipelo secured its $12M funding through:
- $4M pre-seed and $8M seed round
- Led by Dell Technologies Capital
- Backed by notable investors, including:
- Eric Yuan (CEO, Zoom)
- Andy Bechtolsheim (Founder, Sun Microsystems)
- Bill Tai (Investor in Zoom, Canva, Hut8)
- David Weisburd (10X Capital)
- Samsung NEXT, Nima Capital, Sangha Capital
Why Developer Security is the Missing Pillar in Cybersecurity
While traditional security focuses on application and cloud security, Archipelo shifts the focus to developer actions and AI-assisted coding workflows—the true origin of security risks.
Matthew Wise, CEO & Co-Founder of Archipelo, explains:
“In a world where AI is transforming software development, the biggest security risk isn’t just in the code—it’s in how the code is written.”
Archipelo’s DevSPM: Securing Code at the Source
The Archipelo DevSPM platform introduces four industry-first capabilities:
- Developer Detection & Response (DevDR)
- Identifies and mitigates security risks introduced by developers and AI-generated code.
- Provides real-time risk visibility into software supply chain vulnerabilities.
- AI Code Risk Monitoring
- Detects vulnerabilities within AI-generated code contributions.
- Ensures secure and responsible AI-assisted development.
- Automated Developer Tool Inventory
- Identifies shadow IT and unauthorized tools in development workflows.
- Prevents unapproved tools from introducing security gaps.
- Developer Security Posture Analytics
- Measures individual developer security performance.
- Encourages a culture of security awareness and accountability.
Unlike reactive security solutions that detect vulnerabilities after they appear, Archipelo prevents threats at the source, reducing security risks before they impact applications, infrastructure, or compliance.
A Movement, Not Just a Product
With 20+ employees across San Francisco and Europe, Archipelo is already working with Fortune 500 companies in financial services, technology, and defense—industries where developer security failures can lead to catastrophic breaches.
“Our mission is to make developer security as fundamental as cloud and application security,” says Wise. “By securing both human and AI-driven code creation, we’re ensuring that enterprises can scale innovation—without scaling risk.”
With $12M in funding, Archipelo is set to revolutionize cybersecurity by defining developer security as a new pillar of enterprise security. As AI-generated code becomes more prevalent, solutions like DevSPM will be critical in ensuring secure software development at scale.
