Raven.io, a Palo Alto, CA-based cybersecurity company that protects applications at runtime and prevents attacks in real time, has raised $20 million in a funding round led by Norwest.
The round also saw participation from RedSeed, UpWest, SentinelOne, Jibe Ventures, Dnipro VC, Unusual Ventures, CyberFuture, and Descope CEO Slavik Markovich.
Raven.io also secured a post-seed investment led by Elron Ventures.
Read More:Obin AI Raises $7M in Seed Funding
The company plans to use the funds to speed up product development, expand U.S. sales efforts, and grow its engineering and research teams.
RAVEN.IO is a cybersecurity company that protects applications in real time, stopping attacks as they happen. The platform focuses on what happens within applications themselves, where many advanced attacks occur. It monitors the application’s execution in real time, breaking down behavior into chains and creating a unique “fingerprint” for each path. This lets Raven detect malicious activity immediately, even without a known vulnerability, allowing organizations to prevent attacks without waiting for CVE updates.
In less than three years, Raven built a platform that analyzes how code behaves in running applications, unlike traditional tools that monitor from the outside or rely on known vulnerabilities such as CVEs. The platform is already in use by 11 enterprise customers, mainly large insurance and financial firms that are highly sensitive to application and supply chain attacks.
The rise of AI-generated exploits has changed the threat landscape. Attackers can now exploit new vulnerabilities faster than CVEs are identified and published, leaving organizations exposed before patches are available. As Time-to-Exploit (TTE) approaches zero or even becomes negative, security teams can no longer rely only on known vulnerabilities, external defenses, or signature-based detection.
One example of how fast application-layer vulnerabilities can spread is the React2Shell attack, reported in December 2025. About 39% of servers worldwide were vulnerable, despite the presence of common web application firewalls and endpoint detection and response (EDR) tools. Attacks like React2Shell show the limits of external, signature-based defenses.
Raven analyzes code behavior from inside the running application, allowing it to detect and block similar attacks in real time—without adding instrumentation or slowing performance—even when the vulnerability is unknown.
Raven was founded in 2023 by three former members of elite cyber and tech units in the Israel Defense Forces (IDF)—CEO Roi Abitboul, CTO Guy Franco, and Chief Research Officer Omer Yair—who have decades of experience in cybersecurity and technology leadership.
After their military service, the founders worked in malware research and cybersecurity consulting. In 2014, they started Javelin Networks, a company focused on endpoint protection, which was acquired by Symantec four years later. After the acquisition, they led the development of Symantec’s EDR and cloud protection products.
Roi Abitboul, Co-Founder and CEO of RAVEN.IO: “With AI tools finding and exploiting vulnerabilities faster than ever, organizations can’t rely only on signatures or CVEs after the fact. We started RAVEN.IO to help companies stop attacks and see, in real time, what’s happening inside their applications—without affecting performance or business operations.”
Yaniv Shnieder, CEO of Elron Ventures: “RAVEN.IO is in one of Cybersecurity’s fastest-growing areas. The application security market is about $17 billion, with runtime application security growing fastest. Modern architectures, cloud adoption, and AI-driven development create a need for deeper security inside applications. We believe in RAVEN.IO’s momentum and global adoption potential, which is why we joined and are supporting the company post-seed.”
Dror Nahumi, General Partner at Norwest: “Cybersecurity is shifting from detecting code-level vulnerabilities to runtime detection and prevention. This shift is accelerating as AI-generated code rises, increasing attack risks and making traditional solutions less effective. The RAVEN.IO team has proven expertise in runtime exploit prevention for complex, large-scale environments and is now giving application owners control over vulnerability management.”
About RAVEN.IO
Founded in 2023 by Roi Abitboul, Guy Franco, and Omer Yair, RAVEN.IO is a cybersecurity company that protects applications in real time, stopping both known and unknown attacks. Built by veterans of elite Israeli cyber units and the creators of Javelin Networks (acquired by Symantec), Raven provides visibility inside modern, cloud-native applications as AI-driven development introduces new vulnerabilities. Its platform delivers behavioral protection without relying on CVEs, adding no instrumentation or performance impact. Raven is already in production with 11 enterprise customers in insurance and financial services and is backed by Norwest, Elron Ventures, RedSeed, UpWest, SentinelOne, Jibe Ventures, Dnipro VC, and CyberFuture.
Read More:RAAPID Raises Additional Series A Investment from UPMC Enterprises
