AI-Native Startup Clover Security Raises US$36M to Embed Security Into Software Design

What happened

Clover Security, a Tel Aviv–based startup, announced it has raised US$36 million in a funding round co‑led by Notable Capital and Team8. The round drew participation from prominent security and tech‑industry figures, including Assaf Rappaport and Yinon Costica (co‑founders of Wiz Inc.), veteran entrepreneur Shlomo Kramer, plus senior executives from companies such as Snyk, CrowdStrike, Palo Alto Networks, Atlassian, and Google.
Clover says it will use the funding to expand its product development and go‑to‑market efforts.

Who is affected

• Software development and product security teams at companies building modern, complex applications, especially those operating at high velocity or at scale.
• Enterprises and startups already employing Clover’s platform, including firms in fintech, enterprise tech, and other sectors. Clover claims its customer base includes large enterprise organisations and several well-known tech firms.
• Security‑conscious organizations looking to shift security upstream to manage risk earlier in the software lifecycle.

Why CISOs should care

• Clover’s approach represents a shift from traditional security tools that scan code after it’s written. Instead, it “embeds” security as early as the design and specification phase.
• For companies embracing rapid, AI‑accelerated development cycles, this can dramatically reduce risk by catching design flaws before they become vulnerabilities; that’s especially relevant in environments where speed and scale are critical.
• The backing by influential security veterans and tech‑industry leaders signals confidence in Clover’s model, which may point to a broader industry shift toward “security‑by‑design” rather than “security‑after‑fact.

3 practical actions for CISOs

1. Review your SDLC to assess design‑phase risk exposure. Evaluate whether your organization’s current software development lifecycle (SDLC) allows for early security review and identify where manual or automated guardrails are missing.
2. Pilot design‑led security tools for new projects. For upcoming green‑field projects or major rewrites, consider piloting tools like Clover (or similar) that integrate into developers’ workflows. This can help shift security left without disrupting developer velocity.
3. Align security and development teams around ‘security as code/design’ principles. Use this moment to foster collaboration between product, dev, and security, emphasizing shared responsibility for secure design, integrating security reviews earlier, and building guardrails that scale as development speed increases.