Work Here?
Overview
Vercel provides a platform for building, deploying, and managing modern web applications. It runs a managed, global rendering layer that handles serverless execution so content is delivered quickly anywhere without extra infrastructure. It also offers AI-powered media tools for automatic tagging, smart cropping, context-based transformations, and lifecycle management (auto-tagging, access control, and admin roles). The platform integrates hosting, deployment, routing, and security (automatic HTTPS, encryption, DDoS protection, firewalls) in one service. This makes Vercel different from competitors by offering a unified, globally distributed hosting and rendering stack with built-in AI-enabled media workflows, trusted by millions of developers and thousands of enterprises. The goal is to help developers and businesses ship fast, secure web apps at scale with scalable hosting and AI-assisted media management.
About Vercel
Industries
Data & Analytics
Enterprise Software
Cybersecurity
AI & Machine Learning
Company Size
501-1,000
Company Stage
Series F
Total Funding
$863M
Headquarters
San Francisco, California
Founded
2015
Simplify's Take
What believers are saying
- AI Cloud and agents should expand enterprise demand for orchestration and memory.[4]
- Streaming long-running LLM responses supports real-time AI products with low latency.[3]
- Built-in previews and publishing strengthen collaboration for marketing and product teams.[3]
What critics are saying
- Self-hosted Next.js 13.x and 14.x remain unpatched after May 7 advisories.[5]
- Middleware bypass flaws weaken apps using middleware.ts as the main auth gate.[5]
- AI Gateway centralization creates a single failure point for model access outages.[1][4]
What makes Vercel unique
- Vercel is the AI Cloud for deploying frontend apps and agentic workloads.[4]
- Its AI Gateway routes to 100+ models through one endpoint.[1][3]
- Next.js and framework-defined infrastructure anchor its developer workflow advantage.[1][4]
Help us improve and share your feedback! Did you find this helpful?
Funding
Total Funding
$863M
Above
Industry Average
Funded Over
6 Rounds
Accel
Tiger Global
SV AngelBenefits
Health Insurance
Stock Options
Company Equity
Professional Development Budget
Unlimited Paid Time Off
Remote Work Options
Home Office Stipend
Growth & Insights and Company News
6 month growth
↑ 1%1 year growth
↑ 0%2 year growth
↑ 0%Accel has co-led Vercel's Series F funding round, five years after leading the company's Series A in 2020. Founded by CEO Guillermo Rauch, Vercel has evolved from a frontend development platform into essential AI infrastructure for enterprises. The company's AI development agent v0 transforms ideas into products with enterprise guardrails, whilst its AI Cloud provides scalable infrastructure for intelligent applications. Vercel's open-source framework Next.js powers major brands including AT&T, Nike and Walmart. Over the past year, Vercel has doubled both its annual recurring revenue and user base. Enterprise clients like Brex, MercadoLibre, Upwork and Zapier now comprise over 50% of v0 revenue. The company has successfully transitioned from product-led growth to serving large organisations whilst maintaining its thriving Next.js open-source community.
Two types of agents. May 20, 2026 I've noticed that when developers talk about "agents", Andre Landgraf is often talking about different things: Claude Code running in a sandbox vs. an agentic endpoint inside a web app. It's a spectrum but I think Andre Landgraf can distinguish two types of agents by now and they're running on different infra and abstraction levels. Before agents: an AI endpoint. The thing both types sit on top of is LLM API calls. Vercel AI SDK example: typescript import {generateText} from "ai"; const {text} = await generateText({ model: "openai/gpt-5", system: "You are a comedian.", prompt: "Tell me a joke.",}); Here Andre Landgraf call an LLM endpoint (OpenAI GPT-5 in this case) w/ a static prompt. Not quite an agent. How do LLM API calls turn into agents? You provide your model calls with a harness: * Dynamic input prompts so the LLM reacts to updates in the real world (e.g., user request). * Tools so the model can take real actions instead of only producing text (tools: {getWeather: ...}). * An agent loop so the model can call a tool, see the result and call another (stopWhen: isStepCount(5) or whatever stop condition you pick). * Persistent context so the model holds onto something between calls: conversation history, user preferences, prior decisions, the state of a task, etc. For this, Vercel's AI SDK introduced ToolLoopAgent - a small declarative agent abstraction on top of single-step calls like generateText. typescript import {ToolLoopAgent} from "ai"; const agent = new ToolLoopAgent({ model: "anthropic/claude-sonnet-4.5", instructions: "You are a helpful assistant.", tools: {weather: weatherTool, calculator: calculatorTool,},}); const result = await agent.generate({ prompt: "What is the weather in NYC?",}); console.log(result.text); This leads Andre Landgraf to its first agent type. Type 1: declarative agents. The first type is what the modern TypeScript and Python agent frameworks ship: a declarative Agent constructor that wraps the AI endpoint with a system prompt, a tool set and a memory/context abstraction. Mastra, the OpenAI Agents SDK (JS) and the AI SDK's ToolLoopAgent (v6+) all look similar here. Mastra example - almost identical to the AI SDK example above: typescript import {Agent} from "@mastra/core/agent"; import {Memory} from "@mastra/memory"; import {createTool} from "@mastra/core/tools"; import {z} from "zod"; const lookupCustomer = createTool({ id: "lookup-customer", description: "Look up a customer by email.", inputSchema: z.object({ email: z.string.email, execute: async ({input}) => fetchCustomer(input.email),}); export const supportAgent = new Agent({ name: "Support Agent", instructions: "You handle billing questions. Use tools to look up data.", model: "openai/gpt-5", memory: new Memory, tools: {lookupCustomer},}); You handcraft the tools to operate on the business entities that matter. You hand-tune the prompt and configure a memory system. The dev workflow looks similar to building any other type of backend service. In fact, declarative agents are usually integrated in existing (web) applications and are what makes them agentic. What defines these agents? They run inside your app or a similar JavaScript/Python platform (e.g., Mastra Platform, Next.js server endpoint, etc.) - the same way an HTTP handler does. This is how most agents looked like until end of last year. But then OpenClaw broke the internet for a few weeks... Type 2: sandbox agents. The second type sits at the other end of the spectrum. Instead of a curated set of business tools, these agents have direct access to the system they live on. That means the filesystem, bash, the network and sometimes a full browser. Coding agents are the obvious examples: Claude Code, the Cursor CLI, the Codex CLI. You interact with them through a terminal (or an IDE) and they write to the file system, write & execute code and curl the web. Of course, you can still decide how much access you want to give these agents but the tendency is full system access for maximum convenience and utility. The defining feature is that they don't have to wait for you to write a tool. They already have grep, curl, bash, sed, the package manager, etc. If a task needs a new capability, the agent often just writes itself a script and executes it ad-hoc. More extreme, these agents can be allowed to iterate on themselves and their own configuration and capabilities. Claude Code reads CLAUDE.md and skills/* and if you allow it, it can edit those files between turns. Pi takes this further by design: it's a minimal coding harness whose own primitives (extensions, skills, prompts, themes) the agent can rewrite on the fly and hot-reload. And of course, OpenClaw introduced the concept of SOUL.md that you and OpenClaw iterate on together to personalize your AI assistant. Where declarative agents running in a Bun/Node.js app runtime come with maximum control and precision over the intended use, sandboxed agents trade developer control and precision for creativity. They are ideal for generic knowledge work such as coding. Hybrids. Of course these are two ends of a spectrum. In a hybrid setup you can define a declarative agent with a tool that provisions & exposes a VM so that the agent can ssh into a sandbox on demand. The agent itself runs in an app runtime with app-like control over tracing, context and tools but a generic sandbox tool allows the agent to access a remote environment with access to bash, code execution, file system and more. It can't quite edit itself but it can still perform generic knowledge work that way. An example of such a hybrid architecture is v0, a coding agent platform by Vercel. It runs on Workflow Development Kit on Next.js (declarative agent) but each coding agent instance also has access to a sandbox to execute the code-generated code. That's also the architecture Vercel is recommending when using the AI SDK and Vercel Sandboxes together - blog post here. Conclusion. Claude Code in a sandbox vs. the agentic endpoint in my web app - You need both. I just shipped homebrewtales.com - a table-top app. Here I run Claude Code for atmospheric music generation (writes Python, uploads an MP3, done) in sandboxes on Vercel. However, I also host a few agents on Mastra for the in-game game-master and player companions (session memory, character sheet access, a handful of DnD tools like roll dice or post to session chat). You don't want your legal-review agent to override its own SOUL.md file but you also need your coding agent to be creative, compose CLIs and access a browser. Pick the type that fits the task and you'll likely find use cases for both declarative and generic agents. Happy coding!
Turborepo 2.9.14 patches VS Code extension command injection. Vercel shipped Turborepo v2.9.14 today. Under the CI and docs churn sits a blunt security note worth catching even if your monorepo never touches turbo on the CLI: the VS Code Turborepo / LSP extension carries fixes for multiple advisories, and the headline item is GHSA-5xc8-49mv-x4mm (CVE-2026-46508, rated High). Where the hole actually lived. Upstream's wording is sober. Older extension builds routed some daemon and task-runner work through string-shaped shell commands. Values that a repo can steer (workspace configuration, names of tasks surfaced from the codebase) fed into those strings. Activate the extension against a hostile clone, or run a task through the extension UI after those values loaded, and the host shell could interpret the payload as arbitrary commands running with whatever rights the VS Code process already has. This is classic "IDE extension meets untrusted workspace" territory. The precondition is simpler than chasing a zero-day broker: convincing someone to open your repo locally plus enough interaction that the extension does its job. What changed in practical terms. GitHub lists the patched band as >= 2.9.14000 for the Turborepo LSP package and summarizes the remediation as ditching brittle shell interpolation (execFile with explicit argv for daemon hooks, structured terminal launches for tasks), marking Turborepo executable knobs so machines, not workspaces, decide where binaries live, and shutting the extension down inside VS Code's untrusted-workspace mode until the user explicitly trusts the folder. If you cannot update yet, the advisory's fallback is also simple: do not run the extension against repositories you do not trust, and avoid driving Turborepo tasks from the extension until you are on a fixed build. The rest of the tag (fast). The same release line also documents two Low issues: a login-callback hardening pass (GHSA-hcf7-66rw-9f5r) and a cleanup so Yarn Berry detection does not execute surprise project-local binaries (GHSA-3qcw-2rhx-2726). Worth skimming if you manage developer laptops, but the extension command path is the one that should interrupt dinner. What to do on a team laptop. * Update the Turborepo VS Code extension to the build that ships with 2.9.14 (or newer once it exists), then verify the Marketplace / Open VSX sidebar shows that version lineage. * If you automate editor rollouts through an internal marketplace mirror, bake the patched extension artifact into whatever approval queue you already use for Chromium or Docker Desktop updates. Malicious repo input that reaches a shell inside VS Code predates Turborepo; this extension is catching up to the execution style hardened tools adopted after earlier wake-up calls in the same class of bug.
Next.js just patched 13 security advisories. Self-hosted teams have the most work. May 10, 2026 On May 7, Vercel shipped a coordinated security release covering 13 advisories across Next.js and React Server Components. The bundle includes high-severity issues for denial-of-service, server-side request forgery, cache poisoning, and several middleware-bypass flaws affecting App Router. If your team runs self-hosted Next.js on Node, you have the most ground to cover. The fixes land in 15.5.18 and 16.2.6. React users on react-server-dom should jump to 19.0.6, 19.1.7, or 19.2.6 depending on the line they track. Versions 13.x and 14.x are not getting patches at all, so anyone still on those needs to plan an upgrade rather than wait for a cherry-pick. What's actually in the bundle. The headline CVE most outlets are quoting is CVE-2026-23870, a high-severity DoS in the React Flight protocol deserialization. A specially crafted HTTP request to any App Router server function can pin a CPU core. Bad, but a known shape of bug, the kind a WAF or rate limiter can blunt. The class worth reading more carefully is the middleware-bypass set. The advisories describe variants where .rsc and segment-prefetch URLs resolve to the same page as a normal request, but skip the middleware matcher rules. Translation: if your middleware.ts is the only thing between an unauthenticated request and a protected page, an attacker can ask for the same content via a different transport and walk in. There's a related Pages Router variant tied to i18n locale handling, plus a follow-up advisory for the Turbopack code path because the original fix didn't cover it. The remaining advisories cover SSRF via WebSocket upgrade requests on self-hosted Node (Vercel-hosted apps are not affected), DoS in the Image Optimization API, XSS, and cache poisoning of RSC responses. Why "middleware as auth" keeps biting teams. In its pentesting engagements, this is one of the patterns Itguys Systems Srl test for first when Itguys Systems Srl see Next.js in scope. The shape repeats: a single middleware.ts checks the session cookie, redirects to login if missing, and the team treats every route below it as protected. It feels clean. It reads well in PRs. And it usually has a transport-variant gap that someone will eventually find. Middleware in Next.js is a routing concern. It runs early, has limited APIs, and has historically had quirks around how matchers apply to internal request shapes (RSC payloads, prefetches, dynamic segments, locale-prefixed paths). Each of those quirks has surfaced as a CVE class at some point. This week's batch is the latest reminder. When Itguys Systems Srl build cloud-native apps with App Router, Itguys Systems Srl treat middleware as a fast-path filter and put real authorization checks in the route handler, the server action, or the server component itself. The cookie value becomes the input, not the verdict. That extra check costs almost nothing and removes a whole family of bypass risk. What to do this week. A short list: * Upgrade next to 15.5.18 or 16.2.6. If you publish on Pages Router with i18n through the OpenNext adapter, also bump it to 5.15.11. * If you depend on react-server-dom-* directly, match the 19.x patch line you're on (19.0.6, 19.1.7, or 19.2.6). * Plan the move off 13.x or 14.x. Those branches will not get these fixes. * Audit your middleware.ts. If a route is protected only by middleware, add a server-side auth check inside the route handler, server action, or layout. Do not skip this just because you upgraded. * For self-hosted Node deployments, look at edge or proxy logs for unusual .rsc requests, WebSocket upgrades to unexpected origins, and Image Optimization traffic spikes. The SSRF and DoS issues will show up in self-hosted environments first. A note on self-hosted vs platform. Several of these issues are explicitly scoped to self-hosted Node. Vercel says hosted projects had WAF rules in front of the patch. Netlify says some of the advisories don't apply to their serverless model at all. That gap is worth thinking about when you decide where to run Next.js. From its cloud-native development work, Itguys Systems Srl has seen plenty of teams pick self-hosting for cost or compliance reasons (Swiss enterprise clients especially), and that's a fine call. But you carry more of the responsibility for runtime security yourself, and patch cadence becomes part of the operating budget, not a quarterly afterthought. If keeping a self-hosted Next.js stack hardened and patched on a real schedule sounds familiar, let's talk. Itguys Systems Srl do this work across web and mobile builds and security reviews, and the answer is rarely "more middleware". expert-analysis nextjs security tech-news vulnerability web-development
FAQ: Vercel vs Netlify 2026. Is Vercel cheaper than Netlify in 2026? It depends on the workload. Vercel charges $20 per developer seat plus $0.15/GB bandwidth overage; Netlify charges $20 flat for unlimited seats plus roughly $0.55/GB bandwidth overage. For a 10-person team with 200 GB monthly bandwidth, Netlify is roughly 5x cheaper. For a 3-person team with 2 TB monthly bandwidth, Vercel is roughly 3x cheaper. Run your real numbers through both pricing pages. Can I host a commercial site for free on Vercel? No. Vercel's Hobby plan terms explicitly prohibit commercial use, including ads, affiliate links, lead generation, and SaaS subscriptions. To run a revenue-generating site on Vercel you must upgrade to Pro at $20/month per seat. Netlify Starter explicitly allows commercial use within its bandwidth and credit quotas. Does Netlify support Next.js as well as Vercel does? Almost. The Netlify Next.js Runtime adapter ships feature parity for most App Router APIs, but lags by one to two release cycles on bleeding-edge features. ISR, Server Actions, Server Components, and the App Router all work on Netlify; the new use cache directive and certain Vercel-specific Image Optimization paths require workarounds. For production Next.js apps that follow the framework's mainstream feature set, Netlify is fully production-ready. What is Vercel Fluid Compute and why does it matter? Fluid Compute, launched by Vercel in late 2025, lets a single serverless function instance handle multiple concurrent requests rather than spinning up a fresh instance per request. The result is dramatically lower cold-start frequency, lower per-request cost in steady state, and better behavior for AI-streaming workloads where the function holds open a connection for many seconds. Netlify does not ship an exact equivalent as of April 2026. Which platform is better for AI applications? Vercel, by a wide margin in April 2026. The Vercel AI SDK (around 2 million weekly downloads), v0 generative-UI, Vercel Agent, Edge Functions for streaming, and Vercel Postgres / KV combine into the deepest AI-native stack on any PaaS. Netlify Composer is a strong option for content-driven AI workflows, but it does not match the integration depth or product breadth. How long does a typical migration between the two platforms take? Static sites: under an hour for most projects. Server-rendered Next.js apps: one to two days, primarily for Vercel-specific API rewrites. Function-heavy SaaS apps: three to seven days, depending on how many proprietary services (Vercel KV, Netlify Forms, Netlify Identity) need replacement. Plan a low-traffic deploy window for DNS cutover and keep the previous platform live as a hot rollback for at least 48 hours. Are Vercel and Netlify SOC 2 and HIPAA compliant? Both ship SOC 2 Type II reports on standard tiers and HIPAA-eligible Enterprise tiers. Netlify has a longer track record with regulated-industry deployments (healthcare, finance), while Vercel has caught up rapidly with marquee enterprise logos like PayPal, Walmart, and Nike during 2024-2025. For procurement that requires extensive compliance documentation, request the trust packets from both vendors before deciding. Should I consider cloudflare pages or AWS Amplify instead? Yes, depending on your priorities. Cloudflare Pages + Workers is meaningfully cheaper at high volumes (Cloudflare's bandwidth is effectively unmetered) but ships less polished Next.js support. AWS Amplify is the right choice if your team already runs heavily on AWS and wants tight IAM/CloudWatch integration but expect more configuration overhead. Vercel and Netlify are the right defaults for teams that want a polished PaaS without managing the underlying primitives. Sources and external references: Vercel Pricing, Netlify Pricing, Next.js documentation, Next.js on GitHub, and Stack Overflow Developer Survey 2025. Pricing data verified against vendor pages on April 5, 2026. AI & Innovation Editor Nadia Dubois is the AI & Innovation Editor at Tech Insider, where she tracks the rapid evolution of artificial intelligence, from foundation models to real-world enterprise deployment. She previously covered AI and startups for La Tribune and contributed to MIT Technology Review's European coverage. Nadia specializes in generative AI, AI regulation, and the intersection of technology and European industrial policy. She holds a dual degree in Computational Linguistics and Journalism from Sciences Po Paris.
Vercel is Hiring for 73 Jobs on Simplify!
Find jobs on Simplify and start your career today
About Vercel
Industries
Data & Analytics
Enterprise Software
Cybersecurity
AI & Machine Learning
Company Size
501-1,000
Company Stage
Series F
Total Funding
$863M
Headquarters
San Francisco, California
Founded
2015
Vercel is Hiring for 73 Jobs on Simplify!
Find jobs on Simplify and start your career today