Aikido buys Israel’s Root to patch open source with AI

Belgian cyber unicorn Aikido has acquired Israeli startup Root, reportedly for $70mn to $100mn, for AI agents that patch open-source vulnerabilities in minutes without forcing risky upgrades. It is also opening a development centre in Israel.


Aikido buys Israel’s Root to patch open source with AI Image by: Root

A Belgian cybersecurity unicorn has bought an Israeli startup with an unusual trick. Its AI agents fix an open-source flaw without breaking the app that depends on it, something most security tools cannot do.

Aikido Security, based in Ghent, became Europe’s fastest cybersecurity company to reach a $1bn valuation in January. It has now acquired Root. Aikido did not disclose a price. Israeli outlet Calcalist reported a figure of between $70mn and $100mn. Aikido will also open a development centre in Israel. It plans to absorb all of Root’s roughly 25 staff, most of them in Tel Aviv.

The target is a problem every software company knows and few have solved. Open source is everywhere, and it is full of holes. Almost every application leans on open-source packages, which makes them a favourite way in for attackers. Log4Shell, the critical bug found in Log4j back in 2021, still runs in millions of systems today.

Patching without the pain

Fixing these flaws is meant to be simple and rarely is. When a dependency turns out to be vulnerable, a team’s choices are both bad. Upgrade to a newer version, and you risk breaking a working app or pulling in fresh malware. Migrate to a vendor’s locked-down replacement, and you have swapped one dependency for another. That often takes months of work.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Root’s pitch is to skip that trade-off. Its platform runs swarms of AI agents that research, write, test, and ship a patch in roughly 15 to 40 minutes, according to SiliconANGLE. By hand, the same job can take weeks. The fix goes straight to the exact version a company already runs, so there is no rebuild and no migration. In more than four out of five cases, Root changes no code at all. A human reviewer signs off rather than writes the patch.

Aikido is folding this into its platform as a feature called Aikido Libraries. One customer, the data-security firm BigID, cleared more than 1,000 vulnerabilities in two weeks. Over 300 of those counted as high or critical, spread across six production images, and it kept its existing stack.

Why AI cuts both ways

The timing is not an accident. AI is giving attackers faster and cheaper ways to find and exploit flaws. Attackers now hit almost a third of known vulnerabilities on or before the day they surface. The agentic approach that lets Root patch in minutes gives defenders the speed they now need. The people breaking in already have it.

That threat is already visible across the software supply chain. It runs from malware smuggled into popular packages to breaches that leak AI training secrets. It reaches the security failures piling up around fast-moving vibe-coding platforms. Aikido’s bet is that fighting agents with agents is the only way to keep up.

A rare open-source giveback

Alongside the deal, Aikido announced something unusual for a commercial security firm. It will backport its fixes for critical, actively exploited open-source vulnerabilities to the wider community. It plans to contribute them upstream to the projects that maintain the code, rather than keep them behind a paywall.

“This is a choice between walled gardens and real support for open source. We chose open source,” said Ian Riopel, Root’s co-founder and chief executive. Adrian Estrada, chief technology officer of NodeSource and an OpenJS board director, welcomed the move. He said maintainers are “drowning in security work,” and that the backports take work off their plates.

Root has an unusual history of its own. It began as Slim.AI, the company behind the widely used open-source container tool Slim Toolkit. It later pivoted from shrinking container images to securing them. It had raised about $37.6mn, and Gartner this year named it an emerging vendor in automated vulnerability remediation.

Aikido’s shopping spree

For Aikido, Root caps a busy year of buying. In 2025 it snapped up the AI code-review startup Trag and the autonomous penetration-testing firms Allseek and Haicker. A branded patch engine is a natural next piece for a company selling a single platform to secure code from writing to running.

The deal also underlines how much of the world’s cybersecurity talent still sits in Israel, and how European buyers are increasingly the ones writing the cheques. Aikido now serves more than 100,000 teams, including Revolut, SoundCloud, and the Premier League. With Root, it is betting that the winning move in open-source security is not to argue about which holes to fix first, but simply to fix them where they are.

Get the TNW newsletter

Get the most important tech news in your inbox each week.