RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries

RevEng.AI, a London-based cybersecurity startup founded in 2023, today announced it has raised $15 million in a Series A funding round, bringing its total raised to $19.5 million. The round was led by NATO Innovation Fund, with participation from Sands Capital, In-Q-Tel (IQT), IQ Capital, and Episode One. The company plans to use the capital to scale its AI-powered binary analysis platform, BinNet, which is designed to hunt for vulnerabilities and backdoors in compiled software without requiring access to source code.

BinNet is an AI model trained with elite cyber units across allied government and commercial organizations to perform automated binary analysis. Unlike traditional static or dynamic analysis tools, BinNet analyzes compiled executables, firmware, and third-party software at the binary level, identifying hidden functionality, dangerous behaviors, security defects, and abnormal release changes. The platform can analyze software in seconds, providing organizations with visibility into artifacts, dependencies, and integrity.

The technology addresses a critical gap in software supply chain security, which has become a prime target for attackers. With the surge in AI coding agents used for autonomous software development, the volume of code being produced without human review has skyrocketed. RevEng.AI founder and CEO James Patrick-Evans emphasized that "the only universal source of truth is the executable binary files that actually run on machines," and that the platform gives organizations "an independent way to verify software at the binary level before it is released, bought, or deployed."

RevEng.AI's solution integrates with existing security and software delivery workflows, enabling proactive verification of closed-source, internally developed, and third-party software. This is particularly valuable for organizations that rely on a complex web of open-source and commercial components, where supply chain attacks—such as those seen in the SolarWinds and Codecov incidents—can introduce backdoors that evade traditional source-code-level scans.

The funding round underscores growing interest from both government and commercial investors in binary-level security tools. The participation of NATO Innovation Fund and In-Q-Tel, the strategic investment arm of the U.S. intelligence community, signals that the technology is seen as critical for national security. RevEng.AI's approach complements other emerging tools like Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, but focuses specifically on the binary analysis niche.

As AI coding agents become more prevalent, the attack surface for supply chain compromises expands. RevEng.AI's binary-first approach offers a layer of verification that can catch flaws introduced by AI-generated code, malicious modifications to third-party libraries, or intentionally planted backdoors. The company's ability to analyze software in seconds without source code makes it a practical tool for continuous integration pipelines and procurement vetting.

The $15 million Series A positions RevEng.AI to scale its engineering team and expand its customer base, particularly among government agencies and large enterprises that need to validate the integrity of software they deploy. The startup's focus on binary analysis aligns with a broader industry trend toward "shift-left" security, but with a twist: instead of catching bugs early in development, RevEng.AI catches them after compilation, when they are most likely to be deployed.

With the rise of AI-assisted attacks and autonomous development, the ability to trust compiled binaries is becoming a cornerstone of cybersecurity. RevEng.AI's funding and technology represent a significant step toward making that trust verifiable at scale.