RevEng.AI raises USD $15 million to secure software

RevEng.AI has raised USD $15 million in a Series A funding round led by the NATO Innovation Fund, with participation from Sands Capital, In-Q-Tel, IQ Capital and Episode One.

The London-based cybersecurity company analyses compiled software at the binary level, allowing organisations to inspect executables, firmware and third-party software without access to source code. It is focused on software supply chain security, an area of growing concern as companies and public bodies rely on increasing volumes of code from external suppliers, open-source libraries and automated development tools.

The funding comes as software supply chain attacks gain prominence across industry and government. Security teams often review source code, repositories and package records, but compiled software can become opaque once it is turned into machine-executable form. That creates a gap between what developers intend to ship and what actually runs on devices and networks.

RevEng.AI's platform works on closed-source, third-party and internally developed software. It is designed to identify hidden or undeclared components, malicious functions, vulnerabilities and unusual changes between software releases before software is shipped, bought, deployed or updated.

The platform is built around a model called BinNet, designed to work directly on released software binaries. The system has been trained with cyber units inside allied governments and with commercial security teams to help detect vulnerabilities and backdoors in software used in real-world environments.

The issue is becoming more pressing as artificial intelligence tools move from assisting programmers to generating, changing and deploying code with less direct human review. That shift has increased scrutiny of how organisations verify the final software artefact rather than only the underlying source files.

James Patrick-Evans, Founder and Chief Executive Officer of RevEng.AI, said the spread of AI-generated code had changed where trust must be established in the development process.

"In a world where AI increasingly writes the code, the only universal source of truth is the executable binary files that actually run on machines," said James Patrick-Evans, Founder and Chief Executive Officer, RevEng.AI. "RevEng gives organizations an independent way to verify software at the binary level before it is released, bought, or deployed. This is critical because much of the software being built today is never reviewed or seen by a human, making it untrustworthy. It needs to be automated, and that's exactly what RevEng delivers."

Investor backing

The NATO Innovation Fund's involvement highlights investor interest in tools that address cyber risks across critical infrastructure, defence systems and commercial networks. Software integrity has become a key concern for operators of energy, transport, healthcare, banking and government systems, where compromised updates or hidden functionality can have broad operational consequences.

"Software now underpins every layer of our economies and national security, from energy grids and transport systems to hospitals, banks, and defense infrastructure," said David Ordonez, Senior Associate, NATO Innovation Fund. "RevEng.AI gives organizations the ability to understand what is actually inside the software they rely on, even when that software is closed-source or delivered by third parties. That closes a critical gap in software supply chain security and strengthens the resilience of the systems our societies depend on."

In-Q-Tel, which also participated in the round, said the growing use of AI in software development had made binary verification more urgent for organisations seeking to understand and reduce cyber risk across supplier networks.

"Across our global partner community, strengthening the resilience of critical infrastructure depends on truly understanding the software that underlies it," said Dan Bocknek, Vice President, Technology, IQT. "As AI accelerates code generation, verifying what actually resides inside compiled binaries has become a strategic imperative. RevEng gives organizations the clarity they need to spot hidden functionality early and reduce risk across the software supply chain."

Binary focus

Unlike tools that focus on source code or software bills of materials, RevEng.AI examines compiled executables themselves. The approach is intended to help customers compare new releases with trusted versions, detect suspicious drift and decide whether to deploy or procure software.

The company is already working with enterprise and defence organisations, though it did not disclose customer names or revenue. Founded in 2023, RevEng.AI uses automated reverse engineering and binary analysis to reduce the need for scarce specialist expertise and shorten software inspection times.

The latest funding gives the company backing from investors spanning national security, deep technology and enterprise software, as scrutiny of software integrity rises alongside the spread of AI-generated code and growing dependence of critical systems on third-party software.