RevEng.AI, a cybersecurity company focused on software supply chain verification, has raised $15 million in a Series A funding round led by NATO Innovation Fund, with participation from Sands Capital, In-Q-Tel, IQ Capital, and Episode One.
The company is building a binary-native verification layer for the software supply chain, helping organisations analyse compiled software to determine what is actually inside executables, firmware, and third-party applications without requiring access to source code.
Software supply chain attacks are becoming a growing risk as organisations increasingly rely on third-party software, open-source components, and vendor updates. At the same time, AI-generated code is making it harder for security teams to verify that deployed software is secure and free from hidden vulnerabilities or malicious functionality.
RevEng.AI aims to address this challenge through its foundational AI model, BinNet, which analyses software directly at the binary level. Trained alongside government cyber units and commercial security teams, the system is designed to automatically identify hidden vulnerabilities, backdoors, suspicious functionality, and abnormal changes in released software before it is deployed or purchased.
According to James Patrick-Evans, PhD, Founder and CEO of RevEng.AI, as AI takes on a growing role in software development, executable binaries are becoming the most reliable way to verify what software actually does once it runs on machines.
RevEng gives organisations an independent way to verify software at the binary level before it is released, bought, or deployed. This is critical because much of the software being built today is never reviewed or seen by a human, making it untrustworthy. It needs to be automated, and that’s exactly what RevEng delivers.
Unlike traditional application security tools that primarily focus on source code and repositories, RevEng works directly on compiled executables, including closed-source and third-party software. The platform is designed to help organisations identify hidden or undeclared components, detect vulnerabilities and malicious behaviour, compare releases against trusted versions, and verify software before deployment or procurement decisions are made.
David Ordonez, Senior Associate at NATO Innovation Fund, said modern economies and critical national infrastructure increasingly depend on software across sectors such as energy, transportation, healthcare, finance, and defence.
RevEng.AI gives organisations the ability to understand what is actually inside the software they rely on, even when that software is closed-source or delivered by third parties. That closes a critical gap in software supply chain security and strengthens the resilience of the systems our societies depend on.
The company says it is already seeing early demand from enterprise and defence customers, while continuing to integrate its technology into existing security and software delivery workflows to support more proactive software verification processes.
The funding will be used to support the growth and deployment of RevEng.AI’s binary-level software verification platform as demand increases from enterprise and defence organisations.
Would you like to write the first comment?
Login to post comments