The IT Nerd

RegScale, the leader in Continuous Controls Monitoring (CCM), today announced it has raised $30+ million in an oversubscribed Series B round led by Washington Harbour Partners, with additional investment from new investors M12, Microsoft’s Venture Fund, Hitachi Ventures, and Ankona Capital, as well as continued participation from existing investors SYN Ventures and SineWave Ventures. This raise confirms what customers and investors already know: RegScale isn’t building the next wave of cyber GRC, it’s redefining it, turning compliance from a burdensome, manual checklist process into a real-time and automated platform for the most heavily regulated industries.

The new capital will accelerate RegScale’s leadership in the $50+ billion GRC market and fuel key hires across R&D and sales, enabling the company to deliver increased impact to its growing customer base. It will accelerate RegScale’s RegML, industry-leading AI roadmap, expanding the only CCM platform with AI agents purpose-built to continuously monitor compliance, automate evidence collection/reviews, conduct audits, and analyze risk — capabilities no other provider delivers securely at scale. “RegScale’s AI-powered compliance-as-code approach delivers what today’s operators need most: faster certifications, lower costs, and a stronger security posture. This is the future of cyber GRC, and we’re excited to support RegScale as they scale to meet the growing demand,” said Todd Graham, Managing Partner at M12, Microsoft’s Venture Fund.

With this funding, RegScale is not only strengthening its value for government agencies, financial services, and high-tech organizations but also accelerating expansion into energy, utilities, and other highly regulated sectors where continuous compliance and security assurance are most urgent.

With cyberattacks escalating, nation-states and criminal groups exploiting compliance gaps, and budget cuts pushing for cost takeout and tool consolidation across all industries, CISOs can no longer rely on traditional GRC and manual labor approaches to just check a box. They need CCM to operationalize their risk program and deliver real-time control assurance against a growing set of cybersecurity threats.

RegScale is leading this revolutionary change in managing cyber GRC. Customers report 60% faster audit prep, 3–4x faster FedRAMP High authorizations, and up to 80% greater accuracy, with AI and automation delivering up to 10x staff efficiency. RegScale continues to promote industry standards, serving as the lead affiliate for the Cyber Risk Institute’s (CRI) OSCAL initiative, as a founding member of the OSCAL Foundation, a participant in the Cloud Security Alliance (CSA) Compliance Automation Revolution, and a contributor to the FedRAMP 20x initiative. Its impact has been recognized across the industry, most recently being named Best Compliance Solution by SC Media and as an industry leader by Gartner.

As proof of its platform’s maturity, RegScale achieved FedRAMP High Authorization sponsored by the DHS in half the cost and in just six months, versus the typical 18–24 months. Inside the company, the team is driving incredible growth: ARR has tripled year-over-year, key enterprise and federal customers are on board, and the team has expanded with major additions, including Devon Goforth as CTO, Rich Shirley as VP of Strategic Partnerships, Mike Kimball and Meghan Shafer as VPs of sales, Jennifer Stafford as GM of Federal, and strategic advisors Roland Cloutier and Alex Tosheff.

RegScale is a continuous controls monitoring (CCM) platform that is designed to be the operational risk tool for the CISO. Built on a compliance as code foundation, RegScale enables extreme automation with our API first strategy, self-updating paperwork, and powerful AI agents that all but eliminate manual labor, turn your program more proactive, save money, accelerate time to market, and reduce risk in your operational environment. Heavily regulated organizations, including Fortune 500 enterprises and the Federal government, use RegScale and report achieving compliance certifications 90% faster and trimming audit preparation efforts by 60%, thereby strengthening security and reducing costs. Learn more at http://www.regscale.com.