Connect with us

NEWS

Aikido’s Root Buy Hands Open Source Patches to an AI Factory

Aikido Security has acquired Israeli startup Root for an estimated $70 million to $100 million to backport open source security fixes with AI agents.

Published

on

Aikido Security has acquired Root, the Israeli startup that built an AI agent factory for backporting open source security fixes. The deal is valued at an estimated $70 million to $100 million in Israeli press; Aikido COO Roeland Delrue later told BankInfoSecurity the figure was $70 million. The acquisition folds an automated patch pipeline into Aikido’s developer security platform.

Root was founded in 2020 as Slim.AI, the company behind the open source DockerSlim container tool. The startup rebranded in March 2024 and pivoted to automated vulnerability remediation. Insight Partners co-led Root’s $31 million Series A in 2022. Aikido, which raised $60 million earlier this year at a $1 billion valuation, will open its first Tel Aviv development center to absorb all of Root’s roughly 25 employees. The companies frame the deal as a service to overworked open source maintainers, and the reporting on whether the free fix commitment holds was immediate.

What Aikido Just Bought

Aikido announced the Root acquisition on June 30 in a joint press release. The release describes Root as an “agentic platform” that “researches, patches, tests, and delivers validated fixes across container images and application dependencies in minutes, not weeks.” Israeli outlet Calcalist estimated the deal value at $70 million to $100 million, and Delrue confirmed the $70 million figure in an interview with BankInfoSecurity. Neither side has published a full breakdown of the consideration, according to the official press release on the deal.

Root’s four co-founders are CEO Ian Riopel, John Amaral, Benji Kalman, and Mickey Gordon. Riopel joined Slim.AI as chief customer officer and head of partnerships after more than six years as a cybersecurity and cloud security specialist at Cisco. He took over as Root’s CEO when the company rebranded in March 2024.

Insight Partners co-led Root’s $31 million Series A in 2022. Decibel Ventures, Boldstart Ventures, Lama Partners, and TechAviv also backed the company. Earlier this year, Aikido raised $60 million in a Series B that valued the Belgian vendor at $1 billion. Calcalist reported total Aikido funding at approximately $85 million following the round, per Aikido’s announcement of the Root acquisition.

  • Deal value: estimated $70 million to $100 million
  • Root’s Series A: $31 million (2022)
  • Aikido’s Series B: $60 million at a $1 billion valuation
  • Teams using Aikido: 100,000+
  • Root headcount: ~25 employees, with about 15 in Tel Aviv

The Patch Factory Inside the Deal

Root’s pitch is that vulnerability triage has become its own problem. The company built what Delbare and Riopel both call a “software factory”: a pipeline of AI agents that produces verified CVE patches at machine speed and pushes them back to the exact open source versions a team is running. Aikido is folding that pipeline into two new products, Aikido Libraries and Aikido Images, that ship as drop-in replacements. Riopel described the pipeline as fixing vulnerabilities without forcing teams to “throw out their images and start over with someone else’s.” Gartner recognized Root earlier this year as an emerging vendor in Automated Vulnerability Remediation, the positioning at the core of what Aikido is paying for.

The combined platform will ship four new pieces alongside the existing Aikido dashboard, with the integration described in Root’s own page on the partnership. Aikido says the system produces hundreds of verified patches a day, each tested to avoid breaking changes. Developers get drop-in fixes in place of upgrades that take weeks of engineering.

Old approach: upgrade or migrate Root’s approach: backport in place
What changes Full package or framework version Only the vulnerable function
Speed Weeks of engineering Minutes
Production risk High (breaks unrelated code) Low (no breaking changes)
Scope Whatever dev teams prioritize Every verified CVE in supported ecosystems
  • Aikido Libraries: drop-in replacement libraries for npm, PyPI, and Maven ecosystems, patched in place
  • Aikido Images: vulnerability-free container images built from the same backport pipeline
  • Container registry firewall: blocks vulnerable or malicious packages before they reach production
  • Free backports for KEV-listed CVEs: patches contributed upstream for actively exploited flaws at no cost

The Maintainers Aikido Says It Will Serve

Open source maintainers are the workforce no one hires. They keep the projects the modern software stack depends on, including Log4j, npm packages, and Python libraries, running without pay or a dedicated security headcount. Aikido and Root frame the acquisition as taking security work off those maintainers’ plates. The deal’s marketing pitch is that backported fixes get contributed back upstream to the projects that need them.

We built Root to skip the argument and just fix the problem in place. This is a choice between walled gardens and real support for open source. We chose open source.

Ian Riopel, co-founder and CEO of Root, said the quote in the companies’ joint announcement on June 30. The framing positions Aikido against “walled gardens,” or vendor-locked patches that customers cannot audit. Riopel joined Slim.AI as chief customer officer and head of partnerships before taking over as Root’s CEO at the March 2024 rebrand.

The risk is concentration: a single vendor now decides which CVEs get backported first. The maintainers upstream do not control the patch content: they receive whatever the factory produces. Aikido’s framing of “contributing back” assumes the maintainers will accept the patches at the volume Aikido plans to ship them. Adrian Estrada, CTO of NodeSource, OpenJS Board Director, and a Node.js Core Contributor, endorsed the deal in the press release: “Open source maintainers are drowning in security work while trying to keep the projects the world depends on running.”

The Free Fixes Have a Gate

Aikido’s announcement leans hard on a free tier of fixes. “Critical, actively exploited open source vulnerabilities” will get backported to the community across supported ecosystems at no cost, the press release says. The commitment extends to npm, PyPI, and Maven, the most widely consumed open source ecosystems. That sounds generous on its face. The New Stack pressed Aikido’s co-founder and chief growth officer Madeline Lawrence on what happens once the deal’s costs start to bite.

Lawrence’s argument hinges on economics. “Both come out of the same factory,” she told The New Stack. “There’s no separate budget line for the free fixes to cut, because the work that produces them is the same work our paying customers rely on.”

The argument holds only inside a narrow definition. Aikido’s free tier applies to vulnerabilities listed on CISA’s KEV catalog, a curated list of flaws confirmed to have been used in attacks and the small slice of disclosures that get weaponized. The long tail of CVEs regulators now want companies to remediate sits behind Aikido’s paywall. Lawrence told The New Stack that demand for that paid tier is “exploding.”

Aikido is also launching a container registry firewall that blocks vulnerable or malicious software before it reaches production, Delrue told BankInfoSecurity. The integration runs on the same data Root was already generating. Gordon and Kalman have described the typical workflow as overwhelming, with engineering teams forced to decide which vulnerabilities deserve attention first.

AI Patching and AI Attacking at the Same Time

The acquisition lands in the same week the Linux Foundation launched Akrites, a coordinated vulnerability disclosure body backed by Anthropic, Google, Microsoft, and roughly 20 organizations. Akrites formed largely in response to how quickly AI tools can now surface flaws in open source code. Lawrence, Aikido’s chief growth officer, said the timing is coincidental. The Root deal has been building on a partnership the two companies forged in mid-2025, when Root’s hardened container images entered Aikido’s existing Autofix product.

Lawrence pointed to a separate pressure: the US government suspended access to Anthropic’s Fable 5 and Mythos 5 models in June after researchers said they had found ways to use them to assist cyberattacks. Access was later restored for critical infrastructure organizations late in the month. Lawrence framed the same model capability as the reason Root’s pipeline works: “The same capability that reads code to fix a flaw can read it to exploit one.”

Three Acquisitions in a Year

Root is Aikido’s fourth acquisition in just over a year. In 2025 Aikido bought AI code-review startup Trag and autonomous pen-testing companies Allseek and Haicker. Each deal folded a point solution into Aikido’s single application security platform. Scanning, cloud security, supply chain malware detection, AI pen-testing, and now automated remediation now sit under one dashboard. Customers include the Premier League, MontBlanc, n8n, Revolut, SoundCloud, and Niantic.

Root’s footprint will anchor Aikido’s first Israeli development center in Tel Aviv. The new site will absorb all of Root’s roughly 25 employees and is expected to expand its local workforce. Riopel and the rest of the Root team are joining Aikido.

The Tel Aviv office adds a third engineering hub to Aikido’s footprint, alongside Ghent, Belgium, and other European locations. The open source maintainers whose projects these patches will touch have not been asked yet. Aikido says critical fixes will continue to go back to the community and not behind a paywall. The press release describes hundreds of verified patches produced every day.

Logan Pierce is a writer and web publisher with over seven years of experience covering consumer technology. He has published work on independent tech blogs and freelance bylines covering Android devices, privacy focused software, and budget gadgets. Logan founded Oton Technology to publish clear, no nonsense tech news and reviews based on real hands on testing. He has personally tested and reviewed dozens of mid range and budget Android phones, written extensively about app privacy, and built and managed multiple WordPress publications over the past decade. Logan holds a bachelor's degree in English and studied digital marketing at a certificate level.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending