RevEng.AI, a cybersecurity company building a binary-native verification layer for the software supply chain, announced it raised $15 million in Series A funding. The round was led by NATO Innovation Fund with participation from Sands Capital, In-Q-Tel, IQ Capital, and Episode One.
Based in London, RevEng.AI helps enterprises and defense organizations analyze compiled software at the binary level to determine what is actually inside executables, firmware, and third-party software without requiring access to source code. The company’s platform is designed to identify hidden threats, malicious functionality, vulnerabilities, unexpected components, and abnormal software release changes before software is shipped, purchased, or deployed.
RevEng.AI said its foundational AI model, BinNet, applies advanced AI capabilities directly to released software binaries in order to identify cyber threats in real-world environments. The model has been trained alongside allied government cyber units and commercial cybersecurity teams to automate the discovery of hidden vulnerabilities and backdoors embedded in widely used software.
The company is focused on solving software supply chain integrity challenges, an area that has become increasingly critical as organizations rely heavily on third-party applications, firmware, vendor updates, and open-source dependencies. RevEng.AI noted that once software is compiled into machine-executable form, its contents are far less visible to human reviewers, creating opportunities for attackers and operational blind spots for enterprises and governments.
The company also emphasized that the rapid adoption of AI coding agents has increased the urgency of verifying software artifacts before deployment. As AI systems autonomously generate and modify larger amounts of code, organizations face growing challenges ensuring that shipped software does not contain malicious or high-risk functionality.
RevEng.AI combines proprietary binary analytics with AI-assisted reasoning to automate work that has traditionally required highly specialized reverse engineering expertise. According to the company, this enables customers to conduct software integrity analysis at significantly lower cost and faster speed than manual review methods.
The platform enables organizations to:
- Identify hidden, undeclared, or unexpected components within binaries and executables
- Detect malicious functionality, vulnerabilities, and dangerous behaviors not visible through source-code-centric tools
- Compare new software releases against trusted versions to uncover abnormal drift or suspicious changes
- Make trusted decisions before software is shipped, procured, deployed, or updated
Unlike traditional application security tools that focus primarily on source code repositories or package metadata, RevEng.AI works directly on compiled executables and software artifacts, including closed-source and third-party software.
The company said it is already seeing demand from enterprise and defense customers and integrates into existing security and software delivery workflows to help organizations move from reactive investigation to proactive software verification.
KEY QUOTES:
“In a world where AI increasingly writes the code, the only universal source of truth is the executable binary files that actually run on machines. RevEng gives organizations an independent way to verify software at the binary level before it is released, bought, or deployed. This is critical because much of the software being built today is never reviewed or seen by a human, making it untrustworthy. It needs to be automated, and that’s exactly what RevEng delivers.”
James Patrick-Evans, Founder And CEO, RevEng.AI
“Software now underpins every layer of our economies and national security, from energy grids and transport systems to hospitals, banks, and defense infrastructure. RevEng.AI gives organizations the ability to understand what is actually inside the software they rely on, even when that software is closed-source or delivered by third parties. That closes a critical gap in software supply chain security and strengthens the resilience of the systems our societies depend on.”
David Ordonez, Senior Associate, NATO Innovation Fund
“Across our global partner community, strengthening the resilience of critical infrastructure depends on truly understanding the software that underlies it. As AI accelerates code generation, verifying what actually resides inside compiled binaries has become a strategic imperative. RevEng gives organizations the clarity they need to spot hidden functionality early and reduce risk across the software supply chain.”
Dan Bocknek, Vice President Of Technology, In-Q-Tel
