Cybersecurity Grant Program is sponsored by OpenAI. This program seeks thoughtful, focused ideas at the intersection of AI and security. It encourages proposals that highlight gaps in current AI models for security applications, or new angles where AI could assist in security.

Projects should have a clear plan for maximal public benefit and sharing of results.

Socket Selected for OpenAI's Cybersecurity Grant Program - S... Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development . Announcement → Blog Company News Security News Socket Selected for OpenAI's Cybersecurity Grant Program Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.

Supporting Real-World Defense Frontier Models Make Open Source Defense Possible at Scale Building With the Ecosystem Secure your dependencies with us Socket proactively blocks malicious open source packages in your code. OpenAI has named Socket as one of the initial recipients of its Cybersecurity Grant Program , a new initiative that commits $10 million in API credits to support organizations advancing cybersecurity defense.

The grant comes alongside access to more cyber-permissive frontier models through Trusted Access for Cyber , OpenAI's new identity-based framework for defensive acceleration. Both programs select for trusted defenders with a proven track record in identifying and remediating vulnerabilities across open source software and critical infrastructure. Fellow recipients include Semgrep, Calif, and Trail of Bits.

Supporting Real-World Defense # Socket uses OpenAI's models inside our malicious package detection pipeline, which analyzes every package and version published to npm, PyPI, and other major registries in near real time. When a package goes live, our system evaluates its code, behavior, metadata, and publishing patterns to assess risk and flag anything that looks like a supply chain attack.

The advantage of frontier models in this pipeline is speed. When attackers ship a malicious package, the window to catch it before downstream projects pull it in is small, often measured in minutes. AI-assisted analysis lets us flag suspicious behavior at a scale human review alone cannot touch.

That pipeline is what allowed Socket to identify the malicious package used in the Axios compromise within six minutes of publication. Defensive AI enables that kind of turnaround, and it is how we protect our users and the open source ecosystem. Frontier Models Make Open Source Defense Possible at Scale # Supply chain attacks on open source have gotten faster and more automated over the past two years.

High-volume package publishing, AI-assisted malware authoring, and credential theft campaigns targeting maintainers have compressed the time between compromise and impact. Frontier models give defenders a way to close that gap. The asymmetry that favored attackers for most of the past decade is starting to even out, and the open source ecosystem is the direct beneficiary.

Socket has been investing in this approach since before these programs existed. The OpenAI partnership extends our ability to apply frontier capabilities across the pipeline, from malicious package detection to Certified Patches , which allow for rapid, surgical fixes to known vulnerabilities in open source dependencies.

Building With the Ecosystem # The Cybersecurity Grant Program and Trusted Access for Cyber are part of a coalition of defenders working together on AI-assisted security. Enterprises supporting the broader effort include Bank of America, BlackRock, BNY, Citi, Cisco, CrowdStrike, Goldman Sachs, JPMorgan Chase, Morgan Stanley, NVIDIA, Oracle, and Zscaler.

Programs like these create a feedback loop between frontier model development and real-world defensive use cases. For Socket, that means continuing to improve detection and mitigation across the open source ecosystem, at greater speed, accuracy, and coverage. We will keep working with OpenAI and the broader defender community to push that boundary further.

Secure your dependencies with us Socket proactively blocks malicious open source packages in your code. Get notified when we publish new security blog posts! Socket raises $60M Series C at $1B valuation led by Thrive Capital to secure AI-driven software development As AI accelerates how code is written and shipped, Socket is scaling to protect the software supply chain from the growing wave of attacks targeting open source dependencies.

By Feross Aboukhadijeh - May 20, 2026 Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI Socket is scaling to defend open source against supply chain attacks as AI accelerates software development.

By Feross Aboukhadijeh - May 20, 2026 Socket Named to Rising in Cyber 2026 List of Top Cybersecurity Startups Socket was named to the Rising in Cyber 2026 list, recognizing 30 private cybersecurity startups selected by CISOs and security executives. By Sarah Gooding - May 12, 2026