New approach to application security in production at 11 companies analyzes code behavior at runtime rather than relying on CVEs or external defenses

PALO ALTO, Calif., March 18, 2026 /PRNewswire/ — RAVEN.IO, a cybersecurity company that protects applications at runtime and prevents attacks in real time, today announced it has raised $20 million in funding. Norwest led the seed round, with a post-seed investment led by Elron Ventures. RedSeed, UpWest, SentinelOne, Jibe Ventures, Dnipro VC, Unusual Ventures, CyberFuture and Descope CEO Slavik Markovich also participated in the seed round. The funding will be used to accelerate product development, expand go-to-market activities in the United States, and grow the company’s engineering and research teams.

In just under three years, Raven developed its platform, which analyzes how code behaves within the running application, taking a fundamentally different approach from traditional tools that monitor applications externally or rely on known vulnerability signatures such as common vulnerabilities and exposures (CVEs). The platform is already deployed in production with 11 enterprise customers, primarily large insurance and financial organizations that are highly sensitive to application layer and supply chain attacks.

A New Model: CVE‑less Runtime Behavioral Security
The rapid rise of artificial intelligence (AI)‑generated exploits has fundamentally changed the threat landscape. Attackers can now weaponize new vulnerabilities faster than the traditional CVE system can identify, validate and publish them, creating a widening gap where organizations are exposed long before patches or signatures exist. As Time‑to‑Exploit (TTE) approaches zero, and in many cases becomes negative, security teams can no longer rely solely on known vulnerabilities, external defenses or signature‑based detection.

Raven was built for this new reality, focusing on what occurs within the applications themselves, where many advanced attacks actually take place. The company’s technology observes the application’s internal execution paths in real time. By breaking down runtime behavior into execution chains and generating a unique behavioral “fingerprint” for each path, Raven can detect malicious deviations instantly, even when no known vulnerability exists. This runtime behavioral analysis enables organizations to detect and stop attacks in real time, eliminating reliance on CVE publication cycles.

One example of how quickly application‑layer vulnerabilities can escalate is the React2Shell attack, reported in December 2025. An estimated 39% of servers worldwide were vulnerable despite widespread use of modern web application firewall (WAF) and endpoint detection and response (EDR) tools. Attacks like React2Shell highlight the limits of external, signature‑based defenses.

By analyzing code behavior from inside the running application, Raven can detect and stop similar exploitation attempts in real time without inserting instrumentation or slowing execution, even when the underlying vulnerability remains unknown.

Raven’s technology has been registered in three U.S. patents.

Founders with Deep Application Security Expertise
Raven was founded in 2023 by three alumni of elite cyber and technological units in the Israel Defense Forces (IDF)—CEO Roi Abitboul, CTO Guy Franco and Chief Research Officer Omer Yair—who bring decades of combined experience in developing cybersecurity systems and leading technology teams.

After completing their military service, the founders conducted industry malware research and worked in cybersecurity consulting roles. In 2014, they founded Javelin Networks, which focused on endpoint protection and was acquired by Symantec four years later. Following the acquisition, they led the development of the company’s EDR and cloud protection products.

Quotes

Roi Abitboul, Co-Founder and CEO, RAVEN.IO: “In an era where AI tools can identify and exploit vulnerabilities at unprecedented scale and speed, organizations can no longer rely solely on signatures or on CVEs published after the fact. We founded RAVEN.IO to enable organizations to precisely prevent attacks and to truly understand, in real time, what is happening inside their applications, without compromising performance or business continuity.”

Yaniv Shnieder, CEO, Elron Ventures: “RAVEN.IO operates in one of the fastest-growing areas of cybersecurity. The application security market is currently estimated at around $17 billion, with runtime application security among its fastest-growing segments. The shift toward modern architectures, cloud environments and accelerated AI-driven development is creating a need for a deeper security layer within the application itself. We believe strongly in the company’s business momentum and in its potential for broad adoption across global enterprises, which is why we joined and are supporting the company post-seed.”

Dror Nahumi, General Partner, Norwest: “The cybersecurity market landscape is undergoing a fundamental shift—from code-level vulnerability detection to runtime detection and prevention. This transition is accelerating amid significant growth in AI-generated code, which expands the attack surface and makes traditional security solutions increasingly ineffective. The RAVEN.IO team has previously demonstrated deep technological expertise in building runtime exploit prevention solutions, deployed in complex, large-scale production environments. Today, they are leveraging these capabilities to return control over vulnerability management to application owners.”

About RAVEN.IO
RAVEN.IO is a cybersecurity company that protects applications at runtime and prevents both known and unknown attacks in real time. Founded in 2023 by veterans of elite Israeli cyber units and the creators of Javelin Networks (acquired by Symantec), Raven addresses the growing need for visibility inside modern, cloud‑native applications as AI‑driven development accelerates new classes of vulnerabilities. The platform provides CVE‑less behavioral protection without instrumentation or performance impact and is already deployed in production with 11 enterprise customers across insurance and financial services. The company is backed by Norwest, Elron Ventures, RedSeed, UpWest, SentinelOne, Jibe Ventures, Dnipro VC and CyberFuture. Learn more at raven.io.

SOURCE Raven

Copyright © 2026 Cision US Inc.