In today’s fast-paced world of AI-generated code and expanding attack surfaces, security teams face an overwhelming flood of vulnerability alerts, many of which are false positives. This “alert fatigue” allows genuine threats to slip through unnoticed, putting organisations at significant risk.
Socket’s acquisition of Coana marks a pivotal moment for the industry, focusing on filtering out noise to highlight only meaningful vulnerabilities. Teams at Anthropic, Figma, OpenAI, and Vercel are already seeing faster, more effective security results—including shortened alert triage times and quicker critical issue remediation.
While the acquisition price remains undisclosed to TFN, market analysts estimate it between $50 million and $100 million. This valuation reflects both Coana’s immediate technological advantages and potential long-term revenue benefits in the $12B software supply chain security market.
With the news following Socket’s $40M Series B funding led by Abstract Ventures, Elad Gil and a16z, Zane Lackey, General Partner at a16z, said: “Socket’s approach to open source security is simply better — it’s proactive, precise, and built for how modern teams work. We believe that the combination of Socket and Coana will set a new standard for application security and mark the industry’s shift away from legacy SCA.”
This acquisition follows Socket’s impressive 300% year-over-year revenue growth and its $40 million Series B funding round, led by Abstract Ventures, Elad Gil, and a16z. Socket now protects over 8,500 organisations and more than 750,000 code repositories, blocking over 500 software supply chain attacks weekly and detecting over 100,000 malicious artefacts in open-source ecosystems like npm, PyPI, Maven, and Go.
How Coana’s technology changes the game
Traditional security tools burden teams with thousands of alerts, many of which are for vulnerabilities that aren’t exploitable in their code. Coana’s reachability analysis, now integrated into Socket, uses static control-flow and call graph analysis to determine if vulnerabilities are reachable from application entry points. This approach eliminates up to 80% of false positives, helping teams focus on genuine threats.
Consider the following example: A high-severity vulnerability in a third-party logging library may trigger an alert from legacy tools. However, if your app never calls the vulnerable function, Coana’s engine marks it as a non-issue, saving countless hours of unnecessary alert triage.
Teams using the combined platform have experienced up to 10 times faster remediation times for critical vulnerabilities. Anthropic’s AppSec team reduced their mean remediation time from 14 days to just 36 hours, while Figma’s developers recovered 15 hours weekly that were previously spent on false positive triage.
The platform’s dual-layer defence blocks malicious packages, typosquatting, and obfuscated code while prioritising vulnerabilities based on their reachability and exploitability, delivering actionable, noise-free alerts.
What’s so special about the Danish cybersecurity tool?
Coana was founded in 2021 in Denmark by Professor Anders Møller of Aarhus University and his Phd students, Benjamin Barslev Nielsen and Martin Torp, all specialists in static analysis and software security. Anders Søndergaard, an experienced startup founder, joined as CEO in 2022.
Before the acquisition, Coana secured $1.6 million in pre-seed funding, led by Sequoia Capital, with participation from Essence VC and notable tech industry angels. This early investment enabled Coana to develop sophisticated reachability analysis tools for software vulnerability management.
The Coana team, now part of Socket, brings deep expertise in control-flow and reachability analysis, strengthening Socket’s engineering capabilities. “We founded Coana to give developers a tool that finds 100 critical issues, not 10,000 trivial ones. Joining Socket enables us to take that vision to the next level,” said Martin Torp, CPO at Coana.
Coana’s technology, developed through years of academic research at Aarhus University, brings cutting-edge, research-driven static analysis and vulnerability prioritisation to Socket’s platform.
A complete, modern AppSec platform
With Coana’s advanced static analysis and control-flow technology, Socket now offers the market’s most comprehensive and mature Software Composition Analysis (SCA) platform. The system scans every code commit in real time, proactively detecting and blocking threats in open-source dependencies.
Socket monitors all commits for malicious packages, typosquatting, and obfuscated code, while Coana prioritises vulnerabilities based on reachability and exploitability. This dual-layer defence blocks 500+ attacks weekly, delivering actionable, noise-free alerts.
Feross Aboukhadijeh, CEO and Founder of Socket, emphasised, “Great people build great technology. The Coana team shares our values and brings world-class engineering talent to Socket. Together, we’re going to redefine what secure software development looks like.”
The combined platform already protects organisations across various industries, from startups to Fortune 100 enterprises, and scales with the evolving needs of modern development teams. Socket is actively hiring across engineering, product, design, and sales to support its rapid growth and innovation.
The bottom line: A new standard for secure software development
As AI-generated code expands attack surfaces and creates more noise, precise vulnerability detection becomes increasingly critical. Socket’s acquisition of Coana establishes a new standard for actionable, noise-free security alerts, making it essential for modern development teams to stay ahead of evolving threats.
For organisations looking to cut through the noise and focus on what matters most in application security, Socket’s enhanced platform is setting new industry benchmarks.
