M&A Transaction

Aikido Acquires Root.io for Advanced Open-Source Security

Aikido Security NV acquires Root.io Inc., integrating AI-powered vulnerability patching that avoids disruptive upgrades and enhances software supply chain security.

Share:
AM
Alvaro de la Maza

Partner at Aninver

Stay ahead of the market

Get instant notifications when new news matching "Technology, Software & Gaming, Artificial Intelligence (AI) in United States, Belgium" are published.

Key Takeaways

  • Aikido Security NV, Insight Partners, StepStone Group acquired Root.io Inc..
  • Sector: Technology, Software & Gaming, Artificial Intelligence (AI).
  • Geography: United States, Belgium.

Analysis

Aikido Security NV has significantly expanded its open-source vulnerability management capabilities by acquiring Root.io Inc., a specialist in patching existing software versions without requiring disruptive upgrades. This strategic move addresses a critical pain point for organizations relying on open-source components, offering a novel approach to security that avoids the common pitfalls of traditional patching methods.

Root.io, formerly known as Slim.AI Inc. and founded in 2020, developed an innovative system utilizing AI agents to rapidly identify, test, and deploy fixes for newly discovered vulnerabilities. This automated process, often completed within minutes rather than weeks, targets the precise versions of software dependencies currently in use. A key differentiator is Root's ability to deliver these patches with minimal or no code alteration, meaning companies can secure their applications without undertaking complex rebuilds or migrations. In many instances, over 80% of fixes require no code changes, relying instead on human oversight for final approval, as demonstrated by BigID Inc. which resolved over 1,000 vulnerabilities across six production images in just two weeks.

The acquisition integrates Root's technology into Aikido's platform under the new moniker, Aikido Libraries. This feature directly tackles the dilemma organizations face when a critical vulnerability emerges in an open-source dependency. The typical choices—upgrading to a potentially unstable newer version or migrating to a proprietary alternative—often introduce new risks or complexities. Aikido's enhanced offering promises to deliver verified patches for the exact software stacks in place, thereby streamlining supply chain security for a broader range of users.

“The open-source ecosystem demands rapid and effective patching solutions,” stated Willem Delbare, co-founder and CEO of Aikido. “Current options force a difficult trade-off between application stability and security. With Root’s technology, we can now directly address vulnerabilities in the software our clients are actively running, eliminating the need for disruptive upgrades or migrations. This is a significant step towards democratizing robust supply chain security.”

Root.io had previously secured substantial backing, raising a total of $37.6 million, including a significant $31 million Series A round in 2022 co-led by prominent investors Insight Partners and StepStone Group. The company also garnered recognition from Gartner Inc., being named an emerging vendor in automated vulnerability remediation.

This acquisition follows a period of aggressive expansion for Aikido, which has already integrated several other technology firms in 2025, including AI code-review specialist Trag and autonomous penetration testing companies Allseek BV and Haicker SA. Earlier this year, Aikido achieved unicorn status, raising $60 million in a Series B round that valued the company at $1 billion. Its platform is now utilized by over 100,000 teams, including major entities like the Premier League, Revolut Ltd., and SoundCloud.

In conjunction with the acquisition, Aikido plans to contribute fixes for critical, actively exploited open-source vulnerabilities back to the community. This initiative aims to strengthen the broader open-source ecosystem by upstreaming patches rather than confining them to a commercial offering, reinforcing Aikido's commitment to collaborative security advancements.