CRACI raises €1.4M for EU cybersecurity compliance platform

Finnish cybersecurity startup CRACI has raised €1.4 million in pre-seed funding in a round led by Lifeline Ventures, with participation from First Fellow Partners and Wave Ventures. The funding will support product development and the expansion of the platform ahead of new European cybersecurity regulations coming into force in 2026.

Founded in 2025 by Juho Niemi, Dennis Marttinen, Jaakko Sirén and Petteri Pulkkinen, CRACI develops software supply chain security technology designed to help companies comply with the European Union’s Cyber Resilience Act (CRA). The regulation will require products with digital elements sold in the EU to meet stricter cybersecurity, documentation and lifecycle management standards, affecting hundreds of thousands of companies globally.

The company says the increasing complexity of software development, driven by third-party components, open-source dependencies and AI-generated code, is making visibility and control across software supply chains more difficult. At the same time, businesses face growing regulatory pressure to ensure software products remain secure and traceable throughout their lifecycle.

CRACI’s platform provides visibility across software supply chains while automating vulnerability tracking, lifecycle management and compliance processes. The company aims to help organisations meet CRA requirements related to supply chain control, traceability and continuous security without slowing software development.

Juho Niemi, co-founder and CEO of CRACI, said:

Supply chain security is now business-critical for software organisations. Companies that invest early will gain a competitive edge through faster market access and stronger trust. Those relying on manual approaches risk delays and higher costs. We enable fast and reliable security and compliance without slowing growth.

He added that AI-driven software development is increasing both the complexity and risk associated with modern applications, while the CRA places greater accountability on companies to ensure the security of every product they ship.

The new funding will support CRACI’s efforts to help businesses prepare for the Cyber Resilience Act and manage evolving software supply chain security and compliance requirements across the European market.