Shorooq Leads Corgea’s US$2.6 Million Seed Round

Corgea, a San Francisco-headquartered cybersecurity startup focused on artificial intelligence (AI)-powered vulnerability detection and remediation, has raised US$2.6 million in a seed funding round led by UAE-based Shorooq.  

Other investors include entities like Y Combinator, Propeller, Decacorn Capital, and Unbound Ventures, as well as angel investors such as YouTube co-founder Jawed Karim and SecurityScoreCard co-founder Sam Kassoumeh. 

This investment will help Corgea – which already serves customers in the UAE and Saudi Arabia – to expand its platform and operations across the US, Middle East, and beyond.  

Founded by serial entrepreneur Ahmad Sadeddin, Corgea focuses on DevSecOps Automated Remediation, which refers to the use of automated tools and processes within a development, security, and operations (DevSecOps) framework to identify, prioritize, and resolve security vulnerabilities or compliance issues in applications and infrastructure. Corgea thus aims to automate the detection, triage, and remediation of vulnerabilities in source code, including complex logic flaws that are often missed by traditional tools. 

In an interview with Inc. Arabia, Sadeddin explained how Corgea aims to address gaps in the cybersecurity landscape. “Corgea's AI-powered platform enhances cybersecurity by automating the detection, triage, and remediation of insecure code,” he said. “Traditional static application security testing (SAST) tools often miss complex vulnerabilities and generate numerous false positives, leading to inefficiencies. Studies have shown ~60 percent of vulnerabilities are missed by commercial tools today, and ~30 percent of findings are false positive.”  

“Corgea addresses these issues by combining large language models (LLMs) with static analysis to achieve a deeper contextual understanding of code,” Sadeddin continued. “This approach enables the identification of business logic flaws and other vulnerabilities that standard tools might overlook. Additionally, Corgea's platform reduces false positives and provides actionable insights, streamlining the remediation process, and allowing developers to focus on critical tasks.” 

Commenting on the investment Corgea has secured, Sadeddin said that since being funded, he and his team have been focused on hiring “great talent” to accelerate product development, while also supporting enterprise deployments to success. The company also plans to further nurture its customers in the Middle East and the US, doubling down on its mission to automate application security (AppSec) for enterprises. 

“We aim to help some of the world’s largest enterprises to AppSec success by deploying Corgea,” Sadeddin declared. “Our core focus over the next 12 months is building the best AppSec experience for security and development teams. This requires constant investment in new and upcoming technologies in the AI space. Following that, we’re looking to hit our Series A revenue goals.” 

Tamer Azer, a partner at Shorooq, said that his entity’s investment in Corgea signifies a strategic move to bolster the Middle East's cybersecurity landscape, which remains one of the most under-invested sectors in the region. “The greatest challenge in the region is being able to deploy security solutions and LLMs in-country to meet the security and compliance requirements of the enterprises there,” Azer noted. “Laws and regulations prevent many companies from sharing intellectual property (IP) and secrets outside-country; however, Corgea’s application and LLM has been deployed in the region, thereby enabling these companies to get the latest technologies in a compliant and secure way.”