Connect with us

Funding

RAVEN.IO Raises $20M to Rethink Application Security in the Age of AI-Driven Attacks

mm
Published
Co: Founders Guy Franco (CTO, _Roi Abitboul (CEO), and Omer Yair (CRO).

Cybersecurity startup RAVEN.IO has raised $20 million in new funding as it looks to redefine how applications are protected in production environments. The round, led by Norwest with additional backing from Elron Ventures and several strategic investors, comes at a time when traditional security models are increasingly struggling to keep pace with AI-generated threats.

The company is positioning itself around a core idea: that modern attacks are no longer predictable, and security systems built around known vulnerabilities are becoming less effective.

Moving Beyond CVEs and Signature-Based Defense

For years, application security has relied heavily on identifying known vulnerabilities—cataloged as Common Vulnerabilities and Exposures (CVEs)—and patching them after discovery. That model is now under pressure.

RAVEN.IO’s approach shifts focus away from what is known, toward what is actually happening inside a live application. Instead of scanning code statically or monitoring traffic externally, its platform analyzes how code executes in real time, detecting deviations from expected behavior.

This runtime-first model is designed to identify attacks even when no known vulnerability exists. By observing execution paths, libraries, and function calls, the system can flag abnormal activity and stop exploits at the moment they occur.

The shift reflects a broader reality: AI tools are enabling attackers to generate and deploy exploits faster than traditional vulnerability databases can keep up.

Why Runtime Visibility Is Becoming Critical

RAVEN.IO’s platform is built on the premise that most meaningful attacks now occur within the application layer itself, rather than at the network or endpoint level. This is especially relevant in cloud-native environments, where applications are distributed across containers, microservices, and multiple cloud providers.

According to the company, its technology provides deep visibility into application behavior—down to individual functions and execution chains—without requiring intrusive instrumentation or impacting performance.

This level of insight allows security teams to:

  • Detect exploit attempts in real time
  • Reduce noise by deprioritizing non-exploitable vulnerabilities
  • Trace attacks back to specific code changes or deployments

The goal is not just detection, but immediate prevention—blocking malicious execution before damage occurs.

Early Traction in High-Security Industries

RAVEN.IO was founded in 2023 by Roi Abitboul, Guy Franco, and Omer Yair—cybersecurity veterans with experience in Israeli defense units and prior startup success. The team previously built Javelin Networks, which was acquired by Symantec, where they later worked on endpoint detection and cloud protection technologies.

Their current focus builds on that experience but targets a different layer of the stack: the application runtime itself.

The platform is already in production with 11 enterprise customers, primarily in sectors like insurance and financial services, where application-layer and supply chain risks are particularly acute.

These environments tend to adopt new security models cautiously, suggesting that runtime behavioral security is gaining traction among organizations with complex infrastructure and high exposure to risk.

What This Signals for the Future of Application Security

The company’s strategy aligns with a growing movement in cybersecurity often described as “protect right”—securing applications during runtime rather than relying solely on early-stage (“shift left”) development checks.

Traditional approaches still play a, but they leave a gap between vulnerability discovery and patch deployment—a window that attackers are increasingly exploiting. Runtime protection aims to close that gap by continuously monitoring and defending applications while they are live.

As AI accelerates both software development and exploit creation, the attack surface is expanding rapidly. More code is being written faster, often with less human oversight, while attackers gain access to tools that automate vulnerability discovery.

In that environment, security models that depend on prior knowledge may continue to lose effectiveness.

RAVEN.IO’s funding reflects growing interest in approaches that assume attacks are inevitable—and focus instead on detecting and stopping them in real time. If that shift continues, runtime behavioral security could move from a niche category to a foundational layer in modern application protection.

Related Topics:
mm

Antoine is a visionary leader and founding partner of Unite.AI, driven by an unwavering passion for shaping and promoting the future of AI and robotics. A serial entrepreneur, he believes that AI will be as disruptive to society as electricity, and is often caught raving about the potential of disruptive technologies and AGI.

As a futurist, he is dedicated to exploring how these innovations will shape our world. In addition, he is the founder of Securities.io, a platform focused on investing in cutting-edge technologies that are redefining the future and reshaping entire sectors.