D

depthfirst Tech Stack

AI-native code vulnerability detection platform for developers

Computer and Network Security San Francisco, California 11–50 employees Privately Held

Depthfirst builds an AI-native security scanner that identifies code vulnerabilities while filtering false positives—a critical friction point in developer security workflows. The tech stack reveals a modern ML-first architecture: PyTorch for model training, Temporal for complex agent orchestration, and TypeScript/Python across frontend and backend. Active projects center on building agentic AI pipelines for vulnerability discovery and scaling proof-of-concept exploitation, while the hiring surge (11 roles in 30 days, mostly senior) signals aggressive scaling of both security research and sales—a tell-tale sign of a pre-launch or Series A company.

Tech Stack 23 technologies

Core StackTypeScript Python Temporal React Next.js PostgreSQL Redis AWS Figma Sketch Adobe Illustrator PyTorch JavaScript Redux Tailwind CSS GitHub GitLab Jenkins Photoshop Neon Zustand LinkedIn

What depthfirst Is Building

◆Challenges

Detecting critical software vulnerabilities
Critical software vulnerability detection and remediation
Finding novel vulnerabilities at scale
Reducing false positives
Zero-day vulnerability discovery
Complex agent orchestration
Scaling to thousands of enterprise users
Remediating vulnerabilities in codebases
Scaling code execution at scale
Security integration into ai workflows

▲Active Projects

Scalable infrastructure for code execution at scale
Complex agent orchestration
Evaluation benchmark and training pipelines
Building and training ai agents for vulnerability discovery
Developing techniques to reduce false positives
Automated exploitation proof of concept generation
Design system evolution
User research initiatives
New product feature development
Ai agentic pipelines for vulnerability discovery

Hiring Activity

Accelerating10 roles · 10 in 30d

Department

Sales

4

Security

2

Design

1

Engineering

1

Marketing

1

Product

1

Research

1

Seniority

Senior

8

Mid

2

Junior

1

Company intelligence

Find more companies like depthfirst by tech stack, pain points and active projects

Get started free

About depthfirst

Depthfirst is a San Francisco-based security startup (11–50 employees) built for engineering teams at mid-market and enterprise companies. The platform uses AI agents to analyze source code, business logic, and infrastructure patterns to surface exploitable vulnerabilities and deliver fixes directly in developer workflows (GitHub, GitLab, Jenkins). The company is solving two acute problems: false-positive noise that makes traditional SAST tools unusable, and the difficulty of discovering novel or AI-enabled zero-day vulnerabilities at scale. Infrastructure and product engineering are undersized relative to sales and research hiring, suggesting the platform core is maturing and go-to-market is the next frontier.

HeadquartersSan Francisco, California

Company Size11–50 employees

Hiring MarketsUnited States

Frequently Asked Questions

What tech stack does Depthfirst use?

TypeScript, Python, React, Next.js, PostgreSQL, Redis, and AWS on infrastructure. PyTorch powers model training, Temporal handles agent orchestration, and Neon, Redux, Zustand, and Tailwind CSS support the frontend.

What does Depthfirst do?

An AI-native platform that scans code and infrastructure to find real vulnerabilities, reduce false positives, and deliver actionable fixes into developer workflows. Uses agentic AI pipelines and proof-of-concept exploitation to uncover novel and zero-day vulnerabilities.