Stories of Technology, Innovation, & Entrepreneurship in the Southeast

RegScale, the leader in Continuous Controls Monitoring (CCM), announced on Wednesday that it has raised more than $30 million in a Series B round led by Washington Harbour Partners, with additional investment from new investors M12, Microsoft’s Venture Fund, Hitachi Ventures, and Ankona Capital, as well as continued participation from existing investors SYN Ventures and SineWave Ventures.

The company’s headquarters is in Tysons Corner, VA, but its R&D operations are located in Knoxville.

This raise confirms what customers and investors already know: RegScale isn’t building the next wave of cyber Governance, Risk and Compliance (GRC) technologies, it’s redefining it, turning compliance from a burdensome, manual checklist process into a real-time and automated platform for the most heavily regulated industries.

“We invested in RegScale because the stakes could not be higher. Protecting critical infrastructure and high-value assets must be achievable, scalable, and resilient,” said Mina Faltas, Founder and Chief Investment Officer at Washington Harbour Partners. “RegScale has the technology, leadership, deep expertise, and market traction to transform GRC from a cost center into a force multiplier for security and resilience. With compliance debt dragging down agencies and enterprises alike, the company doesn’t just check compliance boxes; it increases security effectiveness while cutting compliance costs.”

The new capital will accelerate RegScale’s leadership in the $50+ billion GRC market and fuel key hires across R&D and sales, enabling the company to deliver increased impact to its growing customer base. It will accelerate RegScale’s RegML, industry-leading artificial intelligence (AI) roadmap, expanding the only CCM platform with AI agents purpose-built to continuously monitor compliance, automate evidence collection/reviews, conduct audits, and analyze risk — capabilities no other provider delivers securely at scale. “RegScale’s AI-powered compliance-as-code approach delivers what today’s operators need most: faster certifications, lower costs, and a stronger security posture. This is the future of cyber GRC, and we’re excited to support RegScale as they scale to meet the growing demand,” said Todd Graham, Managing Partner at M12, Microsoft’s Venture Fund.

With this funding, RegScale is not only strengthening its value for government agencies, financial services, and high-tech organizations but also accelerating expansion into energy, utilities, and other highly regulated sectors where continuous compliance and security assurance are most urgent.

With cyberattacks escalating, nation-states and criminal groups exploiting compliance gaps, and budget cuts pushing for cost takeout and tool consolidation across all industries, Chief Information Security Officers can no longer rely on traditional GRC and manual labor approaches to just check a box. They need CCM to operationalize their risk program and deliver real-time control assurance against a growing set of cybersecurity threats.

RegScale is leading this revolutionary change in managing cyber GRC. Customers report 60 percent faster audit prep, 3 to 4x faster FedRAMP High authorizations, and up to 80 percent greater accuracy, with AI and automation delivering up to 10x staff efficiency. RegScale continues to promote industry standards, serving as the lead affiliate for the Cyber Risk Institute’s (CRI) OSCAL initiative, as a founding member of the OSCAL Foundation, a participant in the Cloud Security Alliance (CSA) Compliance Automation Revolution, and a contributor to the FedRAMP 20x initiative.

Its impact has been recognized across the industry, most recently being named Best Compliance Solution by SC Media and as an industry leader by Gartner.

As proof of its platform’s maturity, RegScale achieved FedRAMP High Authorization sponsored by the Department of Homeland Security in half the cost and in just six months, versus the typical 18–24 months. Inside the company, the team is driving incredible growth: Annual Recurring Revenue has tripled year-over-year, key enterprise and federal customers are on board, and the team has expanded with major additions, including Devon Goforth as Chief Technology Officer, Rich Shirley as Vice President of Strategic Partnerships, Mike Kimball and Meghan Shafer as Vice Presidents of Sales, Jennifer Stafford as General Manager of Federal, and strategic advisors Roland Cloutier and Alex Tosheff.

---