Invictus-backed cybersecurity company ThreatModeler acquires competitor IriusRisk for over $100 million | Fortune

The rise of AI coding tools means developers can create software applications faster than ever, but the risk for hacks and exploits is growing in lockstep. ThreatModeler, a cybersecurity company that helps developers identify vulnerabilities in their applications, announced on Thursday it is acquiring its largest competitor, IriusRisk. The deal is for over $100 million, according to a source with direct knowledge, who added that the annual recurring revenue for the combined companies is around $50 million.

In an interview with Fortune, ThreatModeler CEO Matt Jones said that his company’s goal is to “democratize” the practice of vulnerability detection at a time when many must rely on basic tools from larger platforms like Microsoft or turn to AI for threat modeling, which Jones argues is insufficient and can lead to massive risks. Jones said the acquisition will let ThreatModeler keep pace as firms are scaling up their coding capacity like never before. “For us to be able to bring the two leaders together,” he said, “We can be much more aggressive on [our] roadmap.”

Attack surface

Founded in 2010, the New Jersey-based ThreatModeler provides automated software that helps coders review security flaws in their applications before launching them. For many organizations, the alternative is relying on experts known as security architects, who review codebases after they’re live, which can be a cumbersome and often belated process.