business

Aikido Buys Root to Shield Open Source From AI-Driven Threats

Aikido's acquisition of Root brings autonomous AI agents to open-source security, patching vulnerabilities without requiring software upgrades.

The security software landscape is undergoing a quiet but consequential shift: artificial intelligence is no longer just a tool for defenders — it has become a potent weapon for attackers targeting open-source ecosystems. Aikido, a developer-focused security platform, is responding to that threat directly by acquiring Root, a startup whose technology deploys AI agents to research, patch, and test open-source vulnerabilities autonomously.

What makes this deal strategically notable is the frictionless deployment model at its core. Engineering teams are notoriously resistant to security tooling that demands disruptive upgrades or workflow overhauls. Root's approach sidesteps that friction entirely, allowing its AI agents to operate without forcing teams to update their existing software stacks — a design choice that could meaningfully lower adoption barriers across organizations of varying technical maturity.

Read more Eversource Energy Finalizes Sale of Aquarion Water Company →

The timing reflects a broader industry reckoning with AI-accelerated attack surfaces. Open-source software, which underpins the vast majority of modern applications, has long been a high-value target precisely because its dependency chains are complex and its maintenance often distributed across volunteer contributors. AI-powered adversaries can now probe those chains at speed and scale that human security teams cannot match manually, making automated defensive tooling less of a luxury and more of a structural necessity.

Aikido's move positions it within a growing cohort of security vendors betting that the answer to AI-powered offense is AI-powered defense — an arms race dynamic that is reshaping enterprise security spending priorities. By embedding Root's autonomous patching and testing capabilities into its platform, Aikido is making a clear argument: that vulnerability management must become continuous, self-healing, and invisible to developers rather than a periodic, disruptive audit.

The acquisition signals where the competitive frontier in application security is heading — toward systems that close the loop between vulnerability discovery and remediation without human intervention at every step. Continue reading at GlobalNewswire.

Continue reading at GlobalNewswire →

Frequently Asked Questions

Q.What does Root's technology do for open-source security?

Root deploys AI agents that autonomously research, patch, and test open-source vulnerabilities, enabling continuous remediation without manual intervention.

Q.Do development teams need to upgrade their software to use Aikido's new capabilities?

No. A key feature of the Root acquisition is that its AI agents operate without forcing engineering teams to upgrade their existing software stacks.

Q.Why is open-source software a particular target for AI-powered attacks?

Open-source software underpins the majority of modern applications and features complex dependency chains often maintained by distributed contributors, making it a high-value and difficult-to-defend target for automated adversaries.

More in business →