Mehran Farimani

Profile

The Engineer Who Removes What Shouldn't Be There

Mehran Farimani runs a company built on a counterintuitive premise: most of your software's vulnerabilities live in code that never runs. Not edge-case bugs, not logic errors - just packages sitting in containers, unused, waiting to become someone else's attack vector. His job is to find them and strip them out before they do. At RapidFort, that idea has turned into a $42 million Series A, 100+ enterprise customers, and a new category he coined himself: Software Attack Surface Management.

But start anywhere else in his career and the logic breaks down. Farimani is a University of Waterloo mathematician turned digital-imaging executive turned computer vision founder turned cybersecurity CEO. Each chapter built on the last, even when the industries looked unrelated. The through-line is automated decision-making at scale - whether that meant printing digital presses more accurately, teaching machines to describe people in retail stores, or hardening millions of container images without touching a single line of application code.

The EFI Years: Learning to Run a Business Unit

Before anyone was talking about software supply chains, Farimani spent years at Electronics for Imaging (EFI) running the Fiery Division as Senior Vice President and General Manager. The Fiery controller became the standard interface between digital design and professional printing - ubiquitous in print shops, advertising agencies, and corporate print rooms across the world. Running it meant managing a product that had to be both technically precise and commercially viable at the same time. Farimani learned what enterprise scale actually looks like from the inside, not from a pitch deck.

AI has accelerated software delivery and attacker capability at the same time. The window between disclosure and exploitation has collapsed.

Mehran Farimani, CEO, RapidFort

Percipo: The Computer Vision Bet That Paid Off

He left EFI to found Percipo, an AI company that set its sights on a problem retail had been fumbling with for years: how do you understand what happens in a physical store? Percipo built what its team described as some of the fastest and most accurate human image description technology on the market, and deployed it across more than 40,000 retail locations globally. The scale is not accidental. Farimani has a habit of building things that need to work at infrastructure scale - not just in demos, not just in controlled environments, but in 40,000 stores simultaneously.

Percipo ran in production long enough that Farimani saw, firsthand, how quickly software debt accumulates in real-world deployments. Cloud infrastructure grows faster than anyone maintains it. Dependencies pile up. Security teams get overwhelmed by the sheer number of alerts. By the time he founded RapidFort in 2020, he had a precise diagnosis of the problem and a strong hypothesis about the fix.

RapidFort: Hardening the Software Supply Chain

The premise at RapidFort is surgical. The platform profiles running containers - watching which components actually execute in production - then strips out everything that doesn't. What's left is a hardened image that's on average 64% smaller and carries 71% fewer vulnerabilities than the original. No code changes. No manual patching sprint. Just subtraction applied with machine precision.

Farimani launched Community Images as a free public offering: pre-hardened containers for the 60+ most popular open-source workloads, available without payment or registration. A million developers downloaded them without a single paid acquisition campaign. That's not marketing - that's product-market fit announcing itself organically. When 15,000 curated near-zero CVE images followed, the trajectory became clear: RapidFort was building trust at community scale before asking enterprises to write checks.

Deploying code into production presents inherent risks as the majority of software is built using trusted open-source components.

Mehran Farimani, Co-Founder & CEO, RapidFort

The Attack Surface Insight

The category name Farimani coined - Software Attack Surface Management - is not marketing language. It's a technical claim: the surface area of a piece of software that can be attacked is not fixed. It can be reduced, continuously and automatically, by removing what doesn't execute. Gartner picked it up. Enterprise security teams started budgeting for it. The 2025 CyberShark Pitch Competition recognized it. And in February 2026, Blue Cloud Ventures and Forgepoint Capital led a $42 million Series A to accelerate where that category goes next.

The timing is not incidental. As AI-generated code floods production systems, the gap between what ships and what has been audited is widening. Farimani has been direct about this: the window between vulnerability disclosure and active exploitation has collapsed. Organizations need solutions that operate at the same velocity as the threats they face. That's what RapidFort is building - not a scanner that tells you what's wrong, but a system that removes what shouldn't be there before it becomes someone's problem.

Leadership Philosophy: Disciplined Experimentation

Farimani's approach to leadership pulls from his engineering background more than from any business-school playbook. He runs on disciplined experimentation - test the hypothesis, measure the result, eliminate what doesn't work. Transparency is not a values statement at RapidFort; it's the operational model. And he delegates early, building a team of co-founders and executives who each bring domain expertise he specifically doesn't have: Rajeev Thakur (CTO) from Palo Alto Networks and the DevOps world, Russ Andersson (COO) with prior startup exits, George Manuelian (CRO) from AWS and Cisco. He knows what he knows. More importantly, he knows what he doesn't.

At 25+ years into a technology career that has spanned digital imaging, retail AI, and enterprise cybersecurity, Farimani has earned the right to be specific. He doesn't talk about disruption. He talks about removing 60-90% of unused packages from containers and what that does to a security team's Monday morning. That specificity - and the organic adoption it generates - is what $42 million in Series A capital is now betting on.

Career Arc

Three Companies, One Consistent Instinct

1990s - 2010s

EFI (Electronics for Imaging)

SVP & GM, Fiery Division - scaled the world's leading digital print controller across global markets

→

2010s

Percipo Inc.

Founder & CEO - deployed computer vision AI across 40,000+ retail locations worldwide

→

2020 - Present

RapidFort

Co-Founder & CEO - pioneering Software Attack Surface Management for the global software supply chain

By the Numbers

What RapidFort Actually Does to Your Attack Surface

Attack Surface Reduction at a Glance

Vulnerability ReductionUp to 80%

Package Removal60 - 90%

Container Size ReductionAvg. 64%

Fewer Vulnerabilities vs. Standard Images71%

In His Own Words

What Mehran Farimani Says About Security

"The problem is not that organizations don't know they have vulnerabilities - it's that they can't fix them fast enough."

On the Speed Problem

"AI has accelerated software delivery and attacker capability at the same time. The window between disclosure and exploitation has collapsed."

On the AI Threat

"One million unique downloads is a large number, and it's all organic adoption."

On Community Images Milestone

"Security and speed are equally mission-critical in defense environments, but for many companies, achieving both can feel impossible."

On Defense Deployments

"Our mission is to build products that help reduce the burden on security and development teams with practical solutions."

On Company Mission

"We provide our hardened images as a free service to the community and will continue to invest in growing its scope and reach."

On Open Source Commitment

Timeline

Key Milestones

1990s - 2000s

Joins Electronics for Imaging (EFI) and rises to SVP & General Manager of the Fiery Division, growing it into a ubiquitous name in digital imaging

2000s - 2019

Founds Percipo Inc. - builds computer vision & AI technology deployed across 40,000+ retail locations, described as some of the fastest and most accurate in the market

2020

Co-founds RapidFort in Sunnyvale with Rajeev Thakur (CTO) and Russ Andersson (COO) to tackle software supply chain security

2022

Enterprise Security Magazine names RapidFort a Top Vulnerability Management Solutions Company

2023

RapidFort community container images surpass 1 million downloads - entirely organic adoption; RapidFort wins 2023 CISO Choice Award

2024 - 2025

Reaches 100+ enterprise customers; 15,000+ curated near-zero CVE hardened images; recognized in Gartner Research; wins 2025 CyberShark Pitch Competition; featured on SC Media Founder Stories

February 2026

RapidFort raises $42M Series A led by Blue Cloud Ventures and Forgepoint Capital; announces partnership with Trellix for enterprise supply chain security

Background

Education & Foundations

Master of Applied Science

Systems Design Engineering — University of Waterloo

Bachelor of Mathematics

Math & Computer Science — University of Waterloo

Key Achievements

🏆

SASM Category Pioneer

Coined "Software Attack Surface Management" and built the market infrastructure around it - now recognized by Gartner and adopted by enterprise security teams globally.

📈

$59.9M Total Raised

Led RapidFort from zero to $42M Series A with Blue Cloud Ventures and Forgepoint Capital leading, plus prior backing from Felicis Ventures.

📦

40,000 Retail Deployments

At Percipo, built and deployed computer vision AI technology across 40,000+ global retail locations - one of the largest real-world CV deployments of its era.

🔒

Federal-Grade Security

RapidFort supports FedRAMP compliance, STIG/CIS benchmarks, and FIPS-140-3 validated images - trusted by Defense Unicorns for US defense software delivery.

🥇

2025 CyberShark Winner

RapidFort won the prestigious 2025 CyberShark Pitch Competition and received recognition in Gartner Research reports.

☁️

Open Source at Scale

1 million organic downloads of free hardened container images. 15,000+ curated near-zero CVE images. Zero paid acquisition.

Fast Facts

Things Worth Knowing

01

Farimani holds degrees in both Mathematics and Systems Design Engineering from the University of Waterloo - a combination that explains his instinct to attack security problems with mathematical precision rather than policy theater.

02

RapidFort's community hardened images hit 1 million downloads with zero paid marketing. Developer trust, built through free tooling - arrived before the enterprise sales motion did.

03

The company he built before RapidFort - Percipo - put AI into 40,000 retail stores. He moved from training machines to recognize people to training machines to remove what software doesn't need.

04

RapidFort's approach removes software that never runs - stripping 60-90% of packages and shrinking containers to 64% of their original size. Not smaller for aesthetic reasons. Smaller because the attack surface literally disappears.

05

Farimani is one of the few startup CEOs equally conversant with DevOps teams and federal procurement officers - RapidFort supports FedRAMP, FIPS-140-3, and STIG/CIS benchmarks for US government compliance.

Topics

Connect & Explore

Profiles, Press & More

RapidFort Website LinkedIn Profile Twitter / X About RapidFort SC Media: Founder Stories Series A Coverage RapidFort Blog Press Room