Kodem Security

High-Level Overview

Kodem Security is a Tel Aviv-based cybersecurity startup founded in 2021 that builds a runtime-powered application security platform.[1][2][3][4] The company serves application security (AppSec) teams and developers by solving the problem of alert fatigue and false positives in traditional tools, delivering unified SAST, SCA, secrets detection, container scanning, and runtime intelligence that cuts time to fix vulnerabilities by 90% and saves over 400 hours per codebase.[1][2][3] Backed by Greylock Partners with over $25M raised, Kodem has achieved initial revenues, around 50 employees, and recognition as a Challenger in SCA and a Top InfoSec Innovator for 2025, demonstrating strong early growth momentum.[1][4][5][6]

Origin Story

Kodem Security was founded in 2021 in Tel Aviv, Israel, by Aviv, Pavel, and Idan, who grew frustrated watching AppSec teams drown in false positives from legacy SCA and SAST tools.[3][4][2] The name "Kodem," meaning "first" or "early" in Hebrew, reflects their priority on catching risks early and spotlighting what truly matters.[3][4][5] Early traction came from building a platform that combines code analysis with runtime intelligence, attracting backing from Greylock Partners and leading to over $25M in funding, including an $18M round.[1][4][5][6] As the team scaled to about 50 employees speaking 8 languages, they addressed operational challenges by adopting Salesforce for unified CRM, enabling better pipeline management and reporting amid rapid growth.[1]

Core Differentiators

Kodem stands out in application security through these key strengths:

• Runtime Intelligence and AI Automation: Unlike traditional scanners, Kodem analyzes actual runtime behavior to eliminate 99.5% of irrelevant alerts, chain low-severity vulns into real breach risks, and deploy "Kai"—an AI agent that triages, remediates, and verifies fixes in real-time, reducing net new vulnerabilities by 83% per release.[1][2][3]
• Unified Platform: One tool replaces fragmented SAST, SCA, secrets scanning, and container security with end-to-end coverage from code to runtime, offering non-intrusive monitoring, SBOM generation, and attacker-reachable risk prioritization.[2][3][7]
• Developer and Team Efficiency: Shifts security left with actionable insights, automates remediation without breaking changes, and frees engineers for high-signal work—customers report 10x team productivity and seven-figure risk avoidance.[1][3]
• Proven Impact and Recognition: Patented tech backed by world-class researchers, positioned as SCA Challenger alongside Snyk and JFrog, and named a 2025 Top InfoSec Innovator.[1][2][5]

Role in the Broader Tech Landscape

Kodem rides the surging demand for agentic AI in AppSec, where exploding open-source dependencies and complex supply chains amplify SCA needs amid rising software attacks.[2][3] Timing is ideal as DevSecOps matures, with runtime analysis bridging static tools' gaps in production-like contexts, fueled by market forces like regulatory SBOM mandates and zero-day threats.[2][7] By prioritizing reachable risks over noise, Kodem influences the ecosystem toward efficient, AI-driven security that accelerates developer velocity—much like Wiz transformed infra security—while supporting open source and serving industries from finance to media.[3][4][7]

Quick Take & Future Outlook

Kodem is poised to scale as the leading runtime-first AppSec platform, with Kai's AI agents evolving to handle zero-days and full remediation autonomously amid AI security trends.[3] Expect expansion in enterprise adoption, deeper AWS integrations, and potential Series B funding as revenues grow beyond initial stages.[1][6][7] Their focus on true risks will amplify influence, empowering AppSec teams to secure faster releases in a breach-prone world—turning "first" priorities into industry standards, much like their founders envisioned from day one.[4]