OX Appsec Security Ltd., a startup that helps developers identify the most critical vulnerabilities in their code, has raised $60 million to enhance its technological capabilities.

The company announced its Series B funding round today. The round was led by DTCP, with participation from notable investors such as Microsoft Corporation, IBM Ventures, Swisscom Ventures, Evolution Equity, and Team8. This brings OX Security's total external funding to $94 million.

Not all vulnerabilities found in corporate applications lead to data breaches. If a security flaw affects a workload that cannot be accessed from public networks, hackers are unable to exploit it. Similarly, vulnerabilities in non-critical assets, like virtual machines that do not contain any business data, pose only a limited risk.

According to OX Security, a large number of non-urgent vulnerabilities across enterprise networks make it challenging to pinpoint issues that require immediate attention. The company has developed a cloud-based platform that streamlines this task. Its software uses artificial intelligence to assess whether a vulnerability can be exploited and what data might be exposed as a result.

If OX Security detects an employee password in a GitHub repository, its AI algorithms may first check if the repository is publicly accessible. If so, the platform can simulate cyberattacks to determine whether the password could grant access to critical systems.

After identifying vulnerabilities that pose risks, OX Security evaluates the potential business impact of these exposures. It determines whether the affected systems hold sensitive business data. Additionally, the platform identifies scenarios where hackers might exploit one system's vulnerability to compromise other connected technology assets.

Besides code vulnerabilities, Application Programming Interfaces (APIs) represent another significant source of risk in software projects. A major issue is that APIs are sometimes overlooked, leaving any related security flaws unaddressed. OX Security claims its platform can automatically discover all APIs within an application environment and scan them for vulnerabilities.

The platform generates remediation recommendations for identified security flaws. If a code vulnerability remains unresolved, OX Security can block its deployment to production environments.

"The OX Security Unified Application Security Platform connects every signal across the software supply chain — code, pipelines, cloud, runtime — providing our customers with a unified view of what’s real, what’s reachable, and how it impacts risk," wrote Neatsun Ziv, co-founder and CEO, in a blog post.

The company revealed during its recent funding announcement that its annual recurring revenue has surpassed $10 million. It plans to use the new capital to develop enhanced features, including improved AI models to better assess the severity of vulnerabilities. Additionally, OX Security aims to expand its global presence.