Toolchain Rebuild: Security, Testing, Production

Every part of the development toolchain is being rebuilt with AI at its core. Testing, security, monitoring, data collection, deployment – this week shows companies reimagining each function not as traditional tools with AI enhancements, but as fundamentally new approaches that only work because AI makes them possible. The shift is from adding AI capabilities to existing workflows, to building entirely new workflows around what AI enables.

🏆 Funding Wins

David AI Soars with $50 Million Series B

David AI raised $50 million in Series B funding from Meritech and NVIDIA, with participation from existing investors Alt Capital, First Round Capital, Amplify Partners, and Y Combinator. The round follows a $5 million seed in January and $25 million Series A in May. Founded by Tomer C. (CEO) and Ben Wiley (CTO), David AI is the world’s first audio data research lab, building the data layer for audio AI. The company works with several Magnificent Seven tech companies and leading AI labs, whose models remain bottlenecked by access to training data and evaluations. Audio presents unique challenges. Evaluating speech is subjective and contextual, with degrees of freedom including emotion, tone, pace, and accent. David AI designs and collects audio datasets with research-driven rigor.

🎤 Incredible milestone David AI! Read their full announcement.

Relace Secures $23 Million for AI Code Generation

Relace secures $23 million in Series A funding led by Andreessen Horowitz, with participation from Matrix Partners and Y Combinator. Founded by Preston Zhou (CEO) and Eitan Borgnia (COO), the San Francisco startup builds infrastructure and tools for AI coding agents. Relace makes it easy for startups to productionize projects involving coding agents, with specialized LLMs for retrieval and code merging. Their SOTA apply model merges code at over 10,000 tokens per second, while their code-specific reranker and embedding models can process million-line codebases in one to two seconds. The models have processed tens of millions of requests from customers including Lovable, Magic Patterns, and Orchids. With the funding, Relace is launching Relace Repos, a new source control system built for AI-generated code.

👟 Amazing news for AI developers! Read the founders’ announcement.

Ewake Lands €2 Million to Tackle Software Downtime

Ewake lands €2 million in pre-seed funding led by Connect Ventures, with participation from Notion Capital, 2100 Ventures, Insiders, and 50partners. Founded by Pooné Mokari (CEO) and Omid Gosha (CTO), both former Criteo engineers, the Paris startup builds AI agents that monitor production environments and prevent crises before they escalate. Unlike traditional observability platforms that simply collect and display data, Ewake’s agents investigate, interpret, and correlate information in real time. The agents evolve as they learn from each deployment, gaining contextual understanding of how a company’s software operates. Software downtime costs the technology industry $400 billion annually. Ewake transforms raw data into collaborative intelligence, allowing developers to take ownership of reliability without data fatigue.

🌳 Fantastic work Ewake! Discover how their AI agents work.

Datacurve Raises $15 Million to Challenge Scale AI

Datacurve announced a $15 million Series A round led by Mark Goldberg at Chemistry, with participation from employees at DeepMind, Vercel, Anthropic, and OpenAI. Founded by Serena Ge and Charley Lee, the Y Combinator graduate focuses on high-quality data for software development. The Series A follows a $2.7 million seed round. Datacurve uses a bounty hunter system to attract skilled software engineers to complete the hardest-to-source datasets, distributing over $1 million in bounties so far. The company treats data collection as a consumer product rather than a labeling operation. As AI products rely on complex reinforcement learning environments, data requirements become more intense for both quantity and quality. The company is building infrastructure for post-training data collection.

👏 Congrats to the Datacurve team! See how they’re revolutionizing data collection.

⬇️ PLUS Arcjet Bags $8.3M Series A (More in DevTool of the Week)

 

🚀 3, 2, 1… Launches

QA.tech Launches 1.0 with AI QA Agent Fleet

“I’ve spent two decades in engineering leadership, and one thing always stood out: every part of building software has become easier, faster, and more modern. Except QA. Testing has been standing still.” – Daniel Mauno Pettersson

That’s why founders Daniel Mauno Pettersson (CEO/CTO), Vilhelm von Ehrenheim (CAIO), and Patrick Lef (CPO) built QA.tech. The platform uses AI agents to replicate human QA testers, scanning web apps to understand functionality and generate complete test suites. Tests run automatically on every release, on a schedule, or manually. The AI agents explore apps for full test coverage, monitor staging to catch issues, and deliver debugging context as soon as pull requests open. The official 1.0 release marks the Product Hunt launch after months of building and refining. To celebrate, QA.tech is offering 2x test credits during launch week.

🧪 Congrats on the launch! Try QA.tech and get 2x test credits this week.

Metorial Ships Serverless MCP Platform

Getting AI agents into production just got dramatically faster. Metorial (YC F25), founded by Tobias Herber and Karim Rahme, ships a serverless MCP platform with 600+ MCP servers ready to deploy in three clicks. The platform handles OAuth, enterprise-grade security, and per-user isolation, with sub-second cold starts that solve hibernation challenges. Starred by over 3,000 GitHub developers, it’s used by engineers at FAANG companies, the Big Four, and American Express. MCP has become the standard for connecting LLMs to external tools, but deploying in production means managing Docker configs, handling OAuth flows, and debugging without observability. Metorial’s SDKs let developers connect agents to hosted MCP servers in a single function call, eliminating weeks of infrastructure work.

🤖 Brilliant work Metorial team! Deploy your first MCP server in three clicks.

TimeFly Dev Drops Automatic Time Tracking Extension

Ever wondered where your coding time actually goes? TimeFly Dev has the answer; the VS Code extension automatically tracks and analyzes programming time with secure Google login and detailed productivity stats. The extension shows top projects, languages, IDEs, activity heatmap, coding session insights, and daily recaps useful for standups. TimeFly provides deep automatic analytics, tracking projects, files, commits, sessions, focus patterns, and interruptions without manual input. Currently in beta and shipping fast, the platform is built for developers who want clear insights into their workflow and teams that value real productivity data. Native VS Code integration combines with secure Google OAuth2 authentication and a clean API.

⏱️ Amazing launch TimeFly Dev! Check out the extension and see your coding DNA.

Plural Introduces AI-Powered Control Plane for Kubernetes

What Cursor did for software development, Plural is doing for DevOps. Founded by Samuel Weaver (CEO) and Michael Guarino, Plural’s next-generation platform brings AI directly into GitOps workflows. The release includes an autonomous upgrade assistant that orchestrates complex Kubernetes upgrades with guardrails, AI-powered troubleshooting that provides deep RAG into DevOps data, and natural language infrastructure queries. DevOps agents tuned to Terraform and Kubernetes enable agentic workflows for modifying infrastructure. Ask Plural to “double the size of my production database” and the AI makes the necessary change and issues a pull request for review. The platform unifies Kubernetes clusters, automates upgrades, and diagnoses issues, ending the era of endless YAML diffs and reactive firefighting.

🚀 Fantastic news Plural! See the Cursor moment for DevOps in action.

Statsig Rolls Out Autocapture V2 with Pre-Built Dashboards

Manual event instrumentation is over. Statsig, recently acquired by OpenAI in a $1.1 billion deal, rolled out Autocapture V2 with pre-populated dashboards out of the box. Product Manager Shubham Singhal demonstrated four key dashboard types: Traffic Overview for tracking page views, scroll depth, and top pages; Users Overview for visitor segments like country and device; UTM Overview for channel attribution; and Performance Overview for monitoring web vitals and error logs. The update expands Statsig’s web analytics capabilities, making it easier for teams to understand user behavior and site performance. Teams get comprehensive analytics coverage immediately after implementation, with automatic tracking of user interactions and performance metrics across web properties.

📊 Great work Statsig! Get started with Web Analytics and Autocapture today.

🔦 DevTool of the Week: Arcjet

Bots now outnumber humans online. With 37% of all web traffic coming from malicious sources and bot attacks draining $116 billion from businesses last year, developers are fighting a losing battle with outdated tools. Traditional security operates at the network perimeter, seeing packets but missing the context that matters. Arcjet is rewriting the rules by embedding security directly into application code.

Founded in 2023 by David Mytton (CEO), a repeat founder who built and scaled Server Density (acquired by StackPath) and published the Console.dev newsletter for five years, Arcjet had a radical premise: security needs to live inside your code, not bolted on at the edges.

This week brought validation. On October 8th, Arcjet announced $8.3 million in Series A funding co-led by Plural and Ott Kaukver (former CTO of Twilio and Checkout.com), with participation from Andreessen Horowitz, Seedcamp, and angels including Jeff Lawson (former CEO, Twilio). Total funding now sits at $12 million. Alongside the funding, Arcjet unveiled a local AI attack detection model that runs directly inside application code, analyzing every request in milliseconds.

“Legacy security tools, designed for a pre-AI era and operating at the network perimeter, see packets, not users or business context,” Mytton explains. “They can’t provide the deep, granular level of protection needed to distinguish valuable AI traffic from genuine threats.”

The approach is resonating. Over 1,000 developers are using Arcjet to protect more than 500 production applications processing millions of requests daily. One customer slashed serverless cloud costs by 66% after deploying Arcjet’s bot protection. The platform integrates seamlessly with Next.js, Node.js, Remix, SvelteKit, and other modern frameworks, with security rules configured directly in code.

As AI accelerates both development and attacks, Arcjet is betting that the future belongs to security that ships with your code.

🔒 Explore Arcjet | Read the launch and funding announcement

 

Got a launch, raise, or tool we should feature next week?

Reach out to one of our team.

Louise Ogilvy (Recruitment Director) – UK/USA

Becca Combe MIRP CertRP (Lead Recruiter) – USA

Ben Chipchase (Lead Recruiter) – UK

Natalie Harper (Marketing Administrator)

Looking for your next DevTools role?

Visit devtoolsjobs.com