BlueFlag Security Secures $28 Million in Funding
BlueFlag Security, an innovative player in the identity-centric software development lifecycle (SDLC) security sector, has achieved a notable milestone by raising $28 million in funding to date, alongside reporting an impressive 300% year-on-year revenue growth for 2025.
Funding Led by Maverick Ventures and Ten Eleven Ventures
The company’s Series A financing round was spearheaded by Maverick Ventures and Ten Eleven Ventures. The capital raised will be strategically allocated to accelerate platform development and expand the company’s market presence across the US and EMEA regions, focusing particularly on regulated sectors and technology companies increasingly adopting AI-driven software development practices.
Addressing Identity Risks in Software Development
Founded in 2024, BlueFlag Security addresses a critical oversight in contemporary software development: the risks linked not to vulnerable code, but to compromised and malicious identities that possess legitimate access to development environments. A proprietary analysis conducted by the company indicates that over 75% of SDLC risks remain undetectable by existing application security tools. This gap is underscored by the recent 2025 Verizon Data Breach Investigations Report, which highlighted that 68% of data breaches stem from compromised credentials. Notably, failures within the software supply chain have risen to third place in the OWASP Top 10 for 2025, with many security experts citing supply chain risk as their foremost concern.
Expansion Plans Fueled by Increasing Demand
The newly acquired funds will play a crucial role in further platform enhancements and support BlueFlag’s expansion into untapped markets, as the company seeks to leverage the escalating demand from enterprises. The firm has reported a fivefold increase in Fortune 500 enterprise clients over the previous year and has entered into strategic partnerships with firms such as Obsidian Systems, catworkx, and knowmad mood.
New Features Enhance Security Capabilities
BlueFlag’s latest platform version introduces two key features. The first, Developer Behavioural Risk Analysis, enables the detection of risky activities—such as mass repository cloning outside standard work hours, abnormal access behaviors, and attempts at privilege escalation—by correlating signals from developer identities with the tools they use. The second feature, AI Agent Governance, extends this identity governance to AI coding assistants like Copilot and Cursor, as well as fully autonomous AI agents that perform tasks such as writing, testing, and deploying code independently. The platform employs behavioural baselines, anomaly detection, and comprehensive audit trails, while also identifying shadow AI usage and enforcing necessary approval workflows.
Market Readiness and Security Objectives
Raj Mallempati, the founder and CEO of BlueFlag Security, emphasized that modern attackers are increasingly targeting identities and tools rather than the code itself. He stated that BlueFlag was designed to address this gap, reinforcing the notion that the market is receptive to this solution. He remarked that AI agents are already present in development environments, raising the critical question of whether adequate governance is being exercised. BlueFlag’s mission centers on securing every phase of the software development lifecycle by providing identity intelligence that fosters a safe environment for innovation.