Investment giant PSG infuses $125 million into HeroDevs to fuel strategic growth.
In a significant move aimed at enhancing the security and compliance of open source software (OSS) used in enterprise environments, HeroDevs has received a strategic investment of $125 million from PSG and Album.
The investment will primarily be used to strengthen HeroDevs' Never-Ending Support (NES) products, which offer patched, secure, and seamless replacements for unsupported or outdated OSS components. This move will enable enterprises to protect their legacy software stacks without the need for complete application overhauls, addressing vulnerabilities that arise from using deprecated OSS and reducing the risk of data breaches and cyberattacks.
Marco Ferrari and Paul Russ, from PSG, believe that the platform HeroDevs has built empowers enterprises to secure vulnerable areas of software applications' code without disrupting operations, while also fostering continued innovation across the open source community. Weil, Gotshal & Manges and Foley & Lardner served as legal advisors to PSG and HeroDevs, respectively, during the transaction. D.A. Davidson and Ampleo served as financial advisors to HeroDevs.
In addition to strengthening its NES products, HeroDevs is also dedicating $20 million of this capital to its Open Source Sustainability Fund. This initiative supports open source maintainers and projects that follow best practices for end-of-life (EOL) software, providing financial assistance to developers to encourage sustainable maintenance and compliance. The Open Source Sustainability Fund is open for applications, with donations ranging from $2,500 to $250,000.
The investment addresses a critical issue where a significant portion of enterprise codebases (on average containing 911 OSS components) include known vulnerabilities—48% of which stem from deprecated OSS—exacerbated by rapid AI adoption increasing OSS usage in enterprise security stacks. A Qualys report states that 48% of OSS vulnerabilities originate from unsupported OSS.
Aaron Frost, Founder and CEO of HeroDevs, stated that the investment will be used to fund the next generation of open source development and improve visibility around end-of-life security risks. He also emphasised that the funding will be used to solve two of the biggest challenges in the open source software community: ensuring everyone has the tools and support to stay safe and compliant, and preserving and strengthening the value of the broader open source ecosystem.
HeroDevs has already donated $4 million to open-source creators and projects to date. The initiative targets projects with strong community support and compliance with security standards. The investment from PSG and Album will save customers thousands of hours and hundreds of millions of dollars, and prevent the loss in trust that comes from security breaches.
With this investment, HeroDevs is poised to play a crucial role in securing the open source ecosystem, while also empowering enterprises to maintain the security and compliance of their software applications.
[1] Source: Qualys report on OSS vulnerabilities [2] Source: HeroDevs' Open Source Sustainability Fund guidelines [3] Source: HeroDevs' Never-Ending Support product information [4] Source: PSG press release on the investment in HeroDevs
- HeroDevs, with the $125 million growth equity investment from PSG and Album, plans to allocate $20 million towards their Open Source Sustainability Fund, aiming to support open source maintainers and projects adhering to best practices for end-of-life software, fostering sustainable maintenance and compliance in the technology sector.
- Apart from strengthening its Never-Ending Support products, HeroDevs aims to utilize the investment to fund the next generation of open source development, enhancing visibility around end-of-life security risks and addressing major challenges in the open source software community, such as ensuring everyone has the necessary tools and support for staying safe and compliant, and preserving the value of the broader open source ecosystem.
