• The platform enables enterprises and defence organizations to secure their software supply chain by ensuring that no malicious functionality exists inside the compiled software they ship, buy, deploy, and execute

RevEng.AI, a cybersecurity company building the binary-native verification layer for the software supply chain, today announced it has raised a $15 million Series A round led by NATO Innovation Fund with participation from Sands Capital, In-Q-Tel (IQT), IQ Capital, and Episode One.

RevEng.AI helps organizations analyze compiled software at the binary level to determine what is actually inside executables, firmware, and third-party software without requiring access to source code. While Anthropic’s Mythos has drawn significant attention to frontier AI for cybersecurity and autonomous vulnerability discovery, RevEng’s foundational AI model named BinNet translates these advances into practical application by working directly on released software binaries to find novel cyber threats in real-world environments. It has been trained with elite cyber units inside allied governments and top commercial teams to automatically hunt down hidden security vulnerabilities and backdoors placed in widely used software. This enables the platform to automate the analysis of binary software, identifying hidden threats, malicious functionality, unexpected components, vulnerabilities, and abnormal release changes before software is shipped, purchased, or deployed.

The company aims to use this technology to address one of the largest unsolved problems in the cybersecurity space: software supply chain integrity. Software supply chain attacks have become one of the fastest-growing and most consequential risks facing enterprises, governments, and critical infrastructure operators. Every organization now depends on software it did not fully build or inspect, including commercial applications, open-source dependencies, firmware, and vendor updates. Once that software is compiled into machine-executable form, its contents are no longer easily visible to humans—creating a powerful opportunity for attackers and a major blind spot for defenders.

That blind spot has become far more urgent as AI automates software development. In the last year, coding assistants have evolved into AI coding agents that autonomously generate, modify, and deploy increasingly large amounts of software. As a result, organizations face a new bottleneck in verifying the artifact that ships and ensuring it has no malicious or high-risk functionality embedded inside. RevEng.AI is built to solve this problem.

RevEng combines proprietary binary analytics with AI-assisted reasoning to automate work that has historically required scarce, highly specialized reverse engineering expertise. This allows organizations to analyze software at a fraction of the cost and time of manual review while scaling integrity checks across the complete binary artifacts they depend on.

Unlike legacy application security tools, which primarily inspect source code, repositories, or declared package metadata, RevEng verifies the compiled executables and artifacts. The platform works directly on closed-source, third-party, and internally developed software, enabling organizations to:

• Identify hidden, undeclared, or unexpected components in binaries and executables
• Detect malicious functionality, dangerous behaviors, and vulnerabilities that may not be visible in source-centric workflows
• Compare new releases against trusted versions to uncover abnormal drift or suspicious changes
• Make trusted decisions before software is shipped, procured, deployed, or updated

The company is already seeing strong early demand with enterprise and defense organizations who are working with and investing in the solution. RevEng integrates into existing security and software delivery workflows, helping customers move from reactive investigation to proactive software verification, stopping software supply chain attacks in their tracks.