Fintech Spotlight

Tag: cybersecurity

  • RedMimicry raises seed funding for cyber defense platform

    RedMimicry raises seed funding for cyber defense platform

    RedMimicry, a cybersecurity startup launched in 2023, has completed a seed financing round to advance its cyberattack simulation platform. The Hamburg-based company, founded by Alexander Rausch and Stefan Steinberg, secured investment from High-Tech Gründerfonds (HTGF), Capital Square, Munich-based superangels, and several business angels.

    The fresh capital will fuel product development and sales expansion as RedMimicry targets organizations seeking to strengthen their cyber defenses through realistic attack emulations.

    Addressing Cyber Defense Testing Gaps

    Traditional cybersecurity testing often falls short of replicating genuine attack conditions, leaving companies vulnerable to sophisticated threats. RedMimicry’s platform bridges this gap by delivering repeatable simulations that mirror actual cyberattack patterns, including malware deployments and targeted infiltration attempts.

    The startup’s approach becomes increasingly relevant as regulatory frameworks like DORA and NIS-2 mandate comprehensive security testing protocols. These regulations require organizations to regularly validate their defensive capabilities against current attack methodologies.

    Technology Focus and Market Strategy

    The funding will accelerate development of specialized threat scenarios, particularly those targeting operational technology (OT) systems and financial service infrastructure. This focus reflects growing concerns about attacks on critical systems that control industrial processes and banking operations.

    Beyond direct client implementations, RedMimicry operates through an expanding partner network designed to serve companies across different size segments. This distribution strategy enables broader market penetration while maintaining service quality.

    “Our vision is to offer companies the opportunity to independently and effectively protect themselves against increasingly complex cyberattacks” ~ Alexander Rausch, founder and CEO.

    Investor Perspectives on Cybersecurity Market

    The investment round attracted notable backing from established venture capital players. HTGF led the financing, recognizing the technical capabilities of the founding team and the market opportunity in enterprise cybersecurity.

    “Alex and Stefan combine technical excellence with entrepreneurial vision” ~ Björn Sykora, Principal at HTGF.

    Capital Square’s participation underscores investor confidence in RedMimicry’s approach to cybersecurity challenges. The Hamburg-based firm sees potential in the startup’s comprehensive testing methodology.

    “RedMimicry’s bold vision and outstanding team embody exactly the kind of ambition and expertise we look for in founders” stated Martin Ostermayer, co-founder of Capital Square.

    Strategic Development Priorities

    The company plans to allocate resources across three primary areas: technology enhancement, team expansion, and partnership development. Product improvements will concentrate on industry-specific attack scenarios, reflecting the diverse threat landscapes faced by different sectors.

    Sales team growth represents another key investment priority, enabling RedMimicry to engage directly with prospective clients while supporting partner relationships. This dual approach aims to accelerate market adoption while maintaining service standards.

    The cybersecurity testing market continues expanding as organizations recognize the limitations of traditional security assessments. RedMimicry’s platform addresses this need by providing controlled environments where companies can evaluate their defensive capabilities without risking operational disruption.

    Founded by experienced cybersecurity professionals, the startup brings technical depth to attack simulation methodologies. This expertise positions RedMimicry to develop sophisticated testing scenarios that accurately reflect real-world threat patterns.

    As cyber threats evolve in complexity and frequency, organizations require more effective methods to validate their security investments. RedMimicry’s platform offers a systematic approach to identifying vulnerabilities before they can be exploited by malicious actors.

  • Innerworks raises $4M seed to fight AI fraud with 97% rate

    Innerworks raises $4M seed to fight AI fraud with 97% rate

    Innerworks has completed a $4 million seed funding round to advance its artificial intelligence fraud detection platform, marking a significant investment in next-generation cybersecurity technology. The London-based startup, which specializes in what it calls Synthetic Threat Intelligence, attracted backing from AlbionVC as lead investor alongside participation from Digital Currency Group, Founders Capital, and several other venture firms.

    The funding round also drew support from notable industry figures, including executives from major financial institutions such as Citi, UBS, and Coinbase, as well as representatives from Apple and Crypto.com. This diverse investor base reflects growing concern about sophisticated fraud attempts that leverage artificial intelligence to bypass conventional security measures.

    Advanced Detection Technology

    The company’s platform demonstrates a 97% detection rate against AI-powered fraud attempts, according to internal metrics. This performance level represents a notable advancement over traditional fraud detection systems, which typically struggle to identify synthetic attacks that closely mimic legitimate user behavior.

    Innerworks was established by Oliver Quie, Oscar Hayek, and Tom Ryan, who developed their approach around the premise that conventional security systems fail because they expect fraudulent activity to appear obviously different from authentic user interactions. Their technology instead focuses on identifying subtle patterns that distinguish human behavior from AI-generated actions.

    Growing Market Challenge

    The rise of deepfake technology and sophisticated AI tools has created new vulnerabilities for financial institutions and online platforms. These synthetic attacks can replicate legitimate user behavior with increasing accuracy, making detection through traditional rule-based systems increasingly difficult.

    We’re facing AI-powered deception that can mimic legitimate users with frightening accuracy” said Oliver Quie, CEO of Innerworks. “Existing security companies have become obsolete because they assume threats will behave differently than legitimate users

    The platform already provides protection for major payments networks, digital asset companies, and critical infrastructure providers. This existing client base demonstrates early market validation for the company’s approach to synthetic threat detection.

    Investment Strategy and Market Response

    AlbionVC Partner Cat McDonald emphasized the fundamental nature of Innerworks’ approach rather than incremental improvements to existing technology. “We invested in Innerworks because they’re not incrementally improving fraud detection, they’re fundamentally reimagining it” McDonald stated.

    The venture capital firm’s investment thesis centers on the belief that traditional fraud detection methods require complete rethinking rather than marginal enhancements. This perspective aligns with growing industry recognition that AI-powered threats demand correspondingly advanced defensive measures.

    Expansion Plans and Strategic Focus

    The startup plans to deploy the new capital across several key areas, including accelerated product development and expansion of what it terms its RedTeam infrastructure. The company also intends to establish a stronger presence in major financial centers globally.

    Strategic partnerships with tier-one financial institutions represent another priority for Innerworks, particularly with organizations actively seeking solutions for synthetic threat detection. The company aims to enhance its platform’s adversarial training capabilities, which enable the system to learn from increasingly sophisticated attack patterns.

    The decentralized training approach employed by Innerworks allows the platform to adapt to new threat vectors without requiring centralized data collection from client organizations. This methodology addresses privacy concerns while enabling collaborative defense against emerging AI-powered fraud techniques.

    As financial institutions grapple with the challenge of distinguishing authentic human activity from AI-generated interactions, Innerworks’ approach offers a potential solution to a problem that traditional security measures appear unable to address effectively. The company’s early success in securing significant funding and establishing relationships with major industry players suggests strong market demand for innovative fraud detection capabilities.

  • 1Kosmos raises $57M to combat identity fraud threats

    1Kosmos raises $57M to combat identity fraud threats

    Identity verification specialist 1Kosmos has closed a $57 million Series B funding round to address mounting enterprise security concerns around impersonation attacks and credential fraud. The investment, led by Forgepoint Capital alongside Origami’s Oquirrh Ventures, brings the company’s total capital raised to more than $72 million.

    The funding package includes a $10 million credit facility from Bridge Bank, with additional participation from Craig Abod of Carahsoft, NextEra Energy Ventures, Gula Tech Adventures, and the management team. This capital injection follows 1Kosmos achieving significant federal contracts and security certifications that position the firm for expanded government and enterprise adoption.

    Addressing Modern Identity Threats

    Recent cyberattacks have highlighted vulnerabilities in traditional authentication methods, particularly through social engineering tactics targeting IT help desks. The company’s platform combines biometric verification with blockchain-secured identity storage to prevent unauthorized account access before breaches occur.

    Identity has become the first step in the kill chain. This investment allows us to strengthen the proactive controls organizations need to prevent impersonation-based attacks—whether it’s a sophisticated hacking group or a state-sponsored developer hiding in plain sight” ~ Hemen Vimadalal, CEO of 1Kosmos.

    Federal Market Validation

    The funding announcement coincides with substantial government contract wins that validate the company’s technology approach. 1Kosmos recently secured a 10-year, $194.5 million blanket purchase agreement to provide identity verification services to Login.gov, the federal authentication platform serving multiple government agencies.

    The company has also achieved FedRAMP High authorization, the most stringent security certification for cloud services used by federal agencies. This certification enables 1Kosmos to serve government workloads requiring the highest security standards, representing a significant competitive advantage in the public sector market.

    Technology Integration Strategy

    Rather than requiring organizations to replace existing security infrastructure, the 1Kosmos platform integrates with established identity and access management systems. The company plans to deepen these integrations across IAM, CIAM, PAM, and zero trust platforms using the new funding.

    We invested in 1Kosmos because they’ve built a rare combination: a defensible platform, strong commercial traction, and proven scalability” ~ Ron Heinz, Founder and General Partner at Oquirrh Ventures.

    Global Expansion Plans

    The Series B capital will fuel international growth initiatives across North America, Europe, Middle East and Africa, and Asia-Pacific regions. The company intends to scale both direct sales operations and channel partnerships to meet increasing demand for advanced identity verification solutions.

    Market momentum has been driven by enterprises seeking to consolidate fragmented authentication tools while improving user experience. The platform eliminates password-based vulnerabilities by combining identity proofing with passwordless authentication in a single solution.

    Investor Confidence in Identity Security

    Lead investor Forgepoint Capital emphasized the company’s consistent focus on user-controlled digital identity since inception. “The mission at 1Kosmos since its inception has stayed remarkably focused on providing individuals with a secure digital identity” said Ernie Bio, Managing Director of Forgepoint Capital.

    The investment thesis reflects broader market recognition that identity verification represents a fundamental security requirement rather than an optional enhancement. Enterprise customers increasingly view identity fraud prevention as essential infrastructure for digital operations.

  • MoD awards contract to Castlepoint after data breach scandal

    MoD awards contract to Castlepoint after data breach scandal

    The UK’s Ministry of Defence has awarded a contract to Australian cybersecurity firm Castlepoint Systems to automate data classification processes following a damaging breach that exposed thousands of sensitive Afghan records in 2022.

    Castlepoint, which recently established its global headquarters in London, secured the deal as its first UK government contract. The selection comes after the MoD faced intense scrutiny over the mishandling of nearly 19,000 personal records belonging to Afghan civilians who had assisted British forces.

    The breach highlighted vulnerabilities in manual data handling processes that government agencies have traditionally relied upon. Human error in classifying and securing unstructured data has emerged as a significant weakness in national security operations.

    Automated Classification Technology

    Castlepoint’s platform automatically evaluates documents, emails, and reports at the point of creation, assigning appropriate security classifications based on content analysis. The system addresses the challenge of managing vast datasets where a single misclassification could have severe consequences.

    “Securing this contract with the Ministry of Defence as our first UK account is a key milestone for Castlepoint, underscoring the critical importance of sophisticated data control for any organization, not just national security” ~ Rachael Greaves, CEO of Castlepoint Systems.

    The technology incorporates explainable AI capabilities, providing traceable reasoning for each classification decision. This transparency meets UK requirements for ethical AI deployment in government operations.

    Market Expansion Strategy

    The MoD contract represents Castlepoint’s formal entry into UK and European markets, where demand for AI-driven data governance solutions in the public sector continues to grow. The company has established a strong presence in the Asia-Pacific region, serving two-thirds of the Australian Federal Government.

    Greaves emphasized the system’s ability to improve classification accuracy without disrupting existing workflows. “Castlepoint, with Explainable AI and true autoclassification at its core, can increase labeling accuracy and coverage without disrupting the essential work of MoD personnel” she stated.

    Government Data Security Concerns

    The 2022 Afghan data breach sparked widespread concern about the government’s ability to protect sensitive information. The incident potentially endangered civilians who had cooperated with British forces, drawing sharp public criticism and calls for improved data handling procedures.

    The MoD conducted what Greaves described as “a very thorough global search” before selecting Castlepoint as the preferred solution. This suggests growing recognition that traditional manual processes may be insufficient for modern data security challenges.

    The contract signals a broader shift toward automated solutions as government agencies seek to minimize human error in handling classified information. With the company now operating from London, Castlepoint appears positioned to pursue additional contracts across UK government departments.

  • SymphonyAI cuts payment fraud false positives by 55%

    SymphonyAI cuts payment fraud false positives by 55%

    SymphonyAI has developed a payment fraud detection platform that addresses one of the financial industry’s most persistent challenges: identifying fraudulent transactions without disrupting legitimate payments. The company’s NetReveal Payment Fraud solution combines artificial intelligence with behavioral analytics to deliver sub-50-millisecond processing times while maintaining detection accuracy.

    Real-Time Detection Meets Speed Requirements

    The platform operates through real-time risk scoring that evaluates transactions before settlement occurs. This approach allows financial institutions to intercept suspicious activity early in the payment process, reducing potential losses and supporting regulatory compliance through detailed transaction reporting.

    According to Matt Wilkins, product manager for fraud at SymphonyAI, the system addresses how institutions can “stop bad transactions without slowing down the good ones” The NetReveal platform processes legitimate payments with latency often remaining below 50 milliseconds, maintaining smooth user experiences while preserving risk management protocols.

    Industry Pressures Drive AI Adoption

    Financial institutions face mounting pressure from multiple directions. Post-pandemic cybercrime increases, heightened regulatory oversight, and the expansion of FinTech and payment providers have created a more complex fraud landscape. Legacy fraud detection systems struggle to keep pace with these evolving threats.

    Resource constraints compound these challenges. Wilkins notes that “teams are being asked to do more with fewer resources, making automation and AI-powered tools essential for fraud operations” This environment has accelerated demand for platforms that can scale fraud detection capabilities without proportional increases in human oversight.

    Machine Learning Reduces False Alerts

    NetReveal’s approach combines behavioral analytics, machine learning algorithms, and rules-based detection methods to identify anomalies across large transaction volumes. The platform’s ability to learn from transaction patterns helps distinguish between legitimate behavioral variations and potentially fraudulent activity.

    The system has demonstrated measurable improvements in operational efficiency. SymphonyAI reports that NetReveal has achieved a 55% reduction in false positives compared to traditional detection methods. This improvement allows fraud teams to allocate more resources toward investigating genuine threats rather than processing false alerts.

    Balancing Security and User Experience

    The challenge of maintaining security without creating friction for legitimate users remains central to payment fraud detection. NetReveal’s architecture prioritizes rapid processing of standard transactions while applying deeper analysis to those exhibiting suspicious characteristics.

    This selective approach helps financial institutions maintain customer satisfaction while strengthening their fraud prevention capabilities. By minimizing delays for legitimate transactions, the platform supports the seamless payment experiences that customers expect in digital banking environments.

    As fraudsters continue adapting their methods to exploit new payment technologies and channels, financial institutions require detection systems that can evolve alongside emerging threats. SymphonyAI’s integration of generative AI capabilities into fraud detection represents one approach to addressing this ongoing challenge in the payments industry.

  • Approov secures £5m funding for mobile app security tech

    Approov secures £5m funding for mobile app security tech

    Edinburgh-based mobile app security firm Approov has closed a £5 million funding round, with £1.2 million coming from the Maven managed Investment Fund for Scotland. The round includes participation from Souter Investments alongside existing backers Lanza techVentures and Scottish Enterprise.

    The company has developed proprietary mobile security technology designed to shield applications and APIs from artificial intelligence-powered cyber threats. Unlike conventional code obfuscation methods, Approov employs a cloud-first strategy to authenticate mobile applications and prevent unauthorized backend access.

    Technology Focus and Market Recognition

    Approov’s security solution operates by continuously monitoring app and device integrity to block automated bots and modified applications. The platform combines real-time analytics with cloud-based secret management to safeguard mobile applications and their associated APIs from fraudulent access attempts.

    The company recently earned recognition as winner of the Cyber Innovation Award at the Scottish Cyber Awards, highlighting its technical achievements in the cybersecurity sector. Approov has established client relationships within the automotive and financial services industries, demonstrating commercial traction for its security offerings.

    Mobile Security Market Dynamics

    The mobile Runtime Application Self-Protection (RASP) market represents a rapidly expanding segment within the broader cybersecurity industry. Growth drivers include the increasing frequency of mobile-targeted attacks and rising enterprise demand for integrated, application-level security measures.

    Organizations are increasingly incorporating security protocols directly into their application development processes to address threats including reverse engineering, application tampering, and overlay attacks. Approov’s technology addresses these vulnerabilities by preventing application modification and blocking fraudulent API requests.

    Investment Impact and Growth Strategy

    The funding will enable Approov to expand its research and development capabilities in Edinburgh, focusing on advanced technologies to counter evolving mobile threats, particularly those leveraging artificial intelligence. The investment also supports expansion of the company’s sales and marketing operations as it targets new industry sectors and international markets.

    “As the threat landscape continues to evolve, developers and enterprises alike are recognizing that mobile app security cannot be an afterthought” ~ Ted Miracco, CEO of Approov.

    The funding represents a strategic milestone for the company as mobile applications and APIs become increasingly central to business operations across industries.

    Investor Perspectives

    Maven Investment Manager Craig McGill emphasized the company’s market opportunity, noting Approov’s intellectual property portfolio and the growing industry demand for API-level security defenses.

    “Approov is a leading innovator in mobile app and API security with proven applications in multiple target sectors” ~ Craig McGill, Maven Investment Manager.

    Sarah Newbould from the British Business Bank highlighted the strategic importance of protecting mobile applications and APIs from sophisticated threats, including those powered by artificial intelligence.

    Investment Fund Portfolio

    This investment marks another addition to the IFS Maven Equity Finance portfolio, which has previously backed several Scottish technology companies. The fund’s investments include gene control spin-out Concinnity Genetics, water treatment business Scotmas Group, workforce optimization software provider Corporate Modelling Services, and premium Indian ready meals business Praveen Kumar.

    IFS Maven Equity Finance provides investment capital up to £5 million to support early and later-stage businesses throughout Scotland, focusing on companies with growth potential and innovative technologies.

  • SAFE raises $70M series C for AI-powered cyber risk platform

    SAFE raises $70M series C for AI-powered cyber risk platform

    Cybersecurity startup SAFE has completed a $70 million Series C funding round, bringing its total capital raised to over $170 million since its 2020 founding. The round positions the AI-powered cyber risk management company to expand its autonomous security solutions across enterprise markets.

    Avataar Ventures led the investment, joined by Susquehanna Asia Venture Capital, NextEquity Partners, and Prosperity7 Ventures. Previous backers Eight Roads, John Chambers, and Sorenson Capital also participated in the round.

    Expanding Beyond Risk Quantification

    SAFE built its reputation in cyber risk quantification (CRQ), establishing itself as a category leader since launching its platform four years ago. The company has since expanded into autonomous third-party risk management (TPRM) and now introduces what it calls the world’s first fully autonomous continuous threat exposure management (CTEM) solution.

    The three-pronged approach reflects SAFE’s strategy of applying what it terms “Agentic AI” across different cybersecurity domains. Each solution operates with minimal human intervention, automating processes that traditionally require extensive manual oversight.

    Enterprise Client Base Drives Growth

    SAFE’s client portfolio includes major corporations such as Google, Fidelity, T-Mobile, Chevron, and IHG. These enterprise relationships provide the company with substantial recurring revenue streams and validate its technology across diverse industry verticals.

    The platform’s ability to quantify cyber risk in financial terms appeals to executives who need concrete metrics for board reporting and insurance purposes. This capability differentiates SAFE from traditional cybersecurity vendors that focus primarily on threat detection and prevention.

    Pursuing “CyberAGI” Vision

    CEO and co-founder Saket Modi outlined the company’s ambitious roadmap, stating: This is a defining moment in our pursuit of CyberAGI The term references artificial general intelligence applied specifically to cybersecurity challenges.

    Modi emphasized the company’s methodical market approach: When we launched our platform in 2020, we carefully selected a market that would be the foundation of cyber risk management – Cyber Risk Quantification (CRQ). Not only did we shape the category, we’ve become its undisputed leader

    The CEO highlighted the company’s expansion strategy: In 2023, we brought the same disruptive mindset to Third-Party Risk Management (TPRM) with Agentic AI, and today we’re fast emerging as the clear frontrunner

    Market Timing and Competitive Landscape

    The funding comes as organizations face increasing pressure to demonstrate measurable cybersecurity outcomes. Regulatory requirements and insurance mandates now require many companies to quantify their cyber risk exposure using standardized methodologies.

    SAFE’s autonomous approach addresses the cybersecurity talent shortage by reducing the need for specialized personnel to manage routine risk assessment tasks. The platform’s AI capabilities handle continuous monitoring and analysis that would otherwise require dedicated security teams.

    Strategic Investment Implications

    The Series C funding enables SAFE to accelerate product development across its three core offerings while expanding its sales and marketing operations. The company plans to leverage the capital to enhance its CTEM solution and strengthen its market presence in the enterprise segment.

    Avataar Ventures’ leadership of the round signals confidence in SAFE’s technology differentiation and market opportunity. The investor’s backing provides SAFE with strategic guidance as it scales its operations and explores potential partnerships or acquisition opportunities.

    Modi concluded by connecting the new CTEM launch to the company’s broader vision: Each of these domains are critical building blocks in our singular pursuit: achieving CyberAGI This statement suggests SAFE views its current products as components of a larger autonomous cybersecurity platform.

  • Dawnguard emerges from stealth with $3M for AI-driven security

    Dawnguard emerges from stealth with $3M for AI-driven security

    Dawnguard, an Amsterdam-based cybersecurity startup, has completed a $3 million pre-seed funding round to develop what it calls a fundamentally different approach to digital security. The company aims to integrate artificial intelligence and machine learning capabilities throughout the entire software development lifecycle, moving beyond traditional reactive security models.

    The startup was founded by CEO Mahdi Abdulrazak and CTO Kim van Lavieren, both bringing extensive backgrounds from major technology companies including IBM, Microsoft, and Amazon, as well as military cybersecurity operations. Their combined experience spans large-scale security implementations and cloud infrastructure management.

    Rethinking Security Architecture

    Rather than treating cybersecurity as a separate layer added after development, Dawnguard embeds security protocols directly into system architecture from the initial design phase. The company’s platform serves as a collaborative environment where engineering and security teams work together to create systems that balance protection, compliance, cost efficiency, and sustainability.

    “Our industry treats security as a checkbox. It’s broken. We built Dawnguard because security needs to be part of the system’s DNA from the start, not an afterthought” ~ Mahdi Abdulrazak, co-founder and CEO.

    The platform targets security architects, DevOps engineers, and cloud teams working in cloud-native environments. Its core functionality includes validating cloud infrastructure designs before deployment, automatically generating Infrastructure as Code from approved designs, and maintaining security standards after implementation to prevent configuration drift.

    AI-Powered Security Integration

    Dawnguard’s approach involves deploying multiple AI and machine learning engines across different stages of the IT infrastructure lifecycle. These systems identify potential security issues during the design phase and adapt to changing environments over time, making security protocols an inherent part of system operations.

    The company describes its offering as a security architecture automation platform specifically built for cloud-native environments. Kim van Lavieren explained the company’s mission “We’re giving teams the power to translate security intent into enforceable code so they don’t have to rely on spreadsheets, static docs, or guesswork

    Investment and Market Response

    The funding round was led by 9900 Capital, with participation from angel investors including startup founders and senior technology executives. The investment reflects growing concern about the limitations of current cybersecurity approaches, particularly as artificial intelligence capabilities advance on both defensive and offensive fronts.

    Chris Corbishley, Managing Partner at 9900 Capital, noted the strategic importance of addressing security at the code level: “Hundreds of security tools overwhelm CISOs with promises of better detection, yet few tackle the root issue: design flaws in code that AI-driven threats exploit

    Dimitri van Zantvliet, Chief Information Security Officer at Dutch Railways and a Dawnguard advisor, emphasized the company’s fundamental approach to security challenges. He described the startup as “rewriting the DNA of cybersecurity” by focusing on underlying causes rather than surface-level fixes.

    Future Development Plans

    The company plans to use the funding to expand its engineering team and develop deeper integrations with enterprise systems. Dawnguard also aims to extend its platform capabilities to handle increasingly dynamic computing environments, particularly those supporting generative AI applications.

    The startup intends to address what it sees as a growing gap between rapid software development practices and the infrastructure requirements for AI-powered applications. This includes developing new operational models for building trust and security at scale in modern development environments.

    As software development cycles continue to accelerate, Dawnguard positions its platform as a solution that makes secure architecture both practical and automatic for development teams. The company’s approach represents a shift from post-development security patches toward integrated security design from the earliest stages of system planning.

  • Cavelo raises $5M to expand cybersecurity platform for MSPs

    Cavelo raises $5M to expand cybersecurity platform for MSPs

    Cavelo has completed a $5 million CAD seed extension round as the Kitchener-Waterloo cybersecurity firm doubles down on its channel-first approach to market expansion. Led by existing investor Inovia Capital, the funding will accelerate the company’s sales operations and product development whilst strengthening partnerships with managed service providers.

    The Canadian startup, established in 2020, has carved out a distinctive market position by exclusively targeting managed service providers (MSPs) and managed security service providers (MSSPs) rather than pursuing direct client relationships. This strategic focus addresses the growing demand from smaller organisations lacking internal cybersecurity capabilities.

    Channel Strategy Delivers Market Traction

    Since completing its initial seed round in 2023, Cavelo has demonstrated the effectiveness of its partner-centric model by adding 50 new customers. Notably, 70% of this expansion occurred within the United States market, spanning law firms, municipal governments, and financial services organizations.

    Chief Executive James Mignacca attributed this growth to the company’s alignment with channel partner needs. “By focusing on enablement and partner success, we’ve aligned our business model with the needs of the channel—and the response has been incredible” he stated.

    The approach represents a departure from conventional direct sales models prevalent amongst cybersecurity startups. By leveraging existing MSP and MSSP client relationships, Cavelo can potentially reduce customer acquisition costs whilst accelerating adoption rates.

    Data Protection Platform Targets Service Providers

    Cavelo’s cybersecurity platform enables organizations to identify, classify, and protect sensitive information including credit card details and passport data. The solution streamlines compliance reporting whilst managing vulnerabilities, specifically designed for service providers supporting clients without dedicated security teams.

    This market focus reflects broader industry trends where smaller enterprises increasingly rely on external providers for cybersecurity capabilities. Service providers benefit by expanding their security portfolios without developing proprietary technology, creating mutual value from growing demand for cybersecurity services.

    AI Enhancement and Product Development

    The fresh capital will support expansion of Cavelo’s product capabilities, particularly artificial intelligence-driven threat detection and automated remediation features. These enhancements aim to reduce manual security monitoring requirements whilst improving response times to potential threats.

    Despite broader market challenges in 2025, James Mignacca noted sustained demand for attack surface management and risk reduction solutions, particularly within the US market. This resilience suggests organizations continue prioritizing cybersecurity investments despite economic uncertainty.

    Flexible Funding Timeline

    Whilst Cavelo previously indicated plans to pursue Series A funding within two years of its last round, strong business performance has reduced urgency for additional capital. “We’ll raise a Series A when the time is right” James Mignacca stated, suggesting flexibility in funding timeline.

    This measured approach reflects confidence in current business trajectory and allows potential for improved terms when market conditions strengthen. The ability to delay Series A funding whilst maintaining growth demonstrates the effectiveness of the channel strategy and recurring revenue strength from MSP partnerships.

    Cavelo’s focus on data classification and protection addresses fundamental requirements across industries as regulatory compliance becomes increasingly complex and data breaches carry greater financial and reputable costs. The channel-first approach differentiates the company from competitors pursuing direct sales models, potentially creating sustainable competitive advantages through partner loyalty and network effects.

  • Maro secures $4.3m to address human cybersecurity risks

    Maro secures $4.3m to address human cybersecurity risks

    Cybersecurity firm Maro has secured $4.3 million in seed funding from Downing Capital Group to advance its platform targeting human-related security vulnerabilities. The investment will fuel team expansion, product development, and market entry for the startup’s behavioral intervention technology.

    Addressing the Human Factor in Security

    The company’s platform focuses on threats stemming from human error, insider risk, and the misuse of artificial intelligence tools through real-time interventions. This approach represents a shift from traditional security measures that often react to incidents after they occur.

    Founded in late 2024, Maro emerged from the combined expertise of cybersecurity veterans Jadon Montero, Gwen Betts, and Jen Andre. The trio previously collaborated across multiple security companies, bringing their collective experience to bear on human-centred security challenges.

    Industry Input Shapes Development

    Security leaders from financial technology, healthcare, and retail sectors contributed to the platform’s development process. Their involvement helped identify artificial intelligence governance and social engineering as primary risk areas requiring attention.

    “Maro was born from our years spent inside broken security workflows where SOC analysts didn’t have time to speak directly to every employee who urgently needed their help after legacy tools failed to stop the employee from taking a risky action” ~ Jadon Montero, founder and CEO.

    Modern Workplace Challenges

    The rise of remote work and widespread adoption of software-as-a-service applications has created new vulnerabilities that traditional security tools struggle to address. Montero highlighted how these developments compound existing risks.

    “The acceleration of generative AI, coupled with remote work and shadow software as a service (SaaS), exponentially increases the risk that users run afoul of company policy without even knowing it. Maro’s approach ensures governance, risk, and compliance happen in the moment so that human risk is managed and mitigated – before issues even reach the SOC” ~ Jadon Montero, founder and CEO

    Investor Perspective

    Jesse Downing, Chief Executive of Downing Capital Group, praised the founding team’s track record and approach to human-focused security challenges. “When stress levels are high and attackers use that opportunity to manipulate your workforce into taking risky actions, Maro protects how people think, decide, and act” ~ Jesse Downing, CEO of Downing Capital Group.

    The investor noted the team’s extensive background, highlighting their collaboration across three companies, including several successful exits. This experience provides the foundation for tackling complex human behavior patterns in cybersecurity contexts.

    Market Timing and Opportunity

    The funding comes at a time when organizations increasingly recognise that technology alone cannot solve security challenges. Human behavior remains a significant factor in security incidents, with employees often unknowingly creating vulnerabilities through their daily activities.

    Maro’s real-time intervention approach aims to address this gap by providing immediate guidance and support when users encounter potentially risky situations. This proactive stance differs from traditional security measures that typically focus on detection and response after incidents occur.

    The company’s focus on artificial intelligence governance reflects growing concerns about the rapid adoption of AI tools in workplace environments. As organizations struggle to balance innovation with security, platforms like Maro’s may become increasingly valuable for maintaining control over emerging technologies.