Raven Raises $20M Seed for Runtime App Protection

Raven raised $20M seed led by Norwest Venture Partners for runtime protection inside cloud apps blocking CVE-less exploits. Founded by Symantec alumni with 11 enterprise customers.

Emel Kavaloglu

Raven Raises $20M Seed for Runtime App Protection

Raven, a Palo Alto-based provider of runtime application protection, has raised $20M in seed funding led by Norwest Venture Partners with participation from Elron Ventures, RedSeed, UpWest, and SentinelOne. The platform deploys inside cloud-native applications to block exploits and malicious code execution in real-time, independent of CVEs, signatures, patches, or instrumentation. The capital will support product development, US expansion, and team growth.

Runtime AppSec Draws Big Investments

The round emerges as application security heats up. Apiiro raised $100M Series B in January 2026 for its cloud-native AppSec platform. Analyst firm Latio's 2026 report names Raven alongside Contrast Security and Upwind as runtime innovators, signaling a shift from perimeter defenses to in-app protection amid AI-generated exploits.

CVE-Less Exploits Bypass Traditional Tools

AI tools now generate exploits at scale faster than CVE disclosure cycles. Traditional WAFs and EDR fail against these, as seen in the React2Shell (CVE-2025-55182) attack affecting 39% of servers despite patches. Runtime visibility inside apps addresses this gap, where static SCA tools flag unexploitable vulnerabilities.

Function-Level Monitoring Prevents Attacks

Raven's eBPF-based layer monitors execution paths without code changes or performance hits, deploying in minutes across Java, Python, Node.js, and more. Unlike static analysis, it uses reachability to deprioritize 99% of SCA findings and block zero-days pre-execution. Early customers include Favor Delivery, SageSure, GoPuff, and Windward in high-compliance sectors.

Runtime ADR provides forensics, while AI agents and SCA features prioritize real risks.

As Raven CEO Roi Abitboul noted:

“EDR protects workstations. CNAPP protects infrastructure. But nobody was protecting what actually runs the business, the application itself.”

Serial Founders From Symantec Exit

Founders Roi Abitboul (CEO), Omer Yair (CRO), and Guy Franco (CTO) previously built Javelin Networks, acquired by Symantec in 2018 for around $25M. Their endpoint and AD security expertise pivoted to app runtime after the XZ backdoor incident. This team brings proven scaling experience post-acquisition.

AppSec Market Scales to $66B

The application security market stands at $41.16B in 2026, projected to reach $66.03B by 2031 at 9.9% CAGR. Runtime self-protection (RASP), a key subset, hits $2.6B this year. Latio reports validate runtime as the fastest-growing segment against CVE-less threats.

Investors like Norwest and Elron signal conviction in behavioral runtime over signature-based tools. SentinelOne's participation adds endpoint-to-app synergy.

Expanding With 11 Customers

Raven serves 11 production customers in insurance and finance. Funds target engineering hires, marketing, and broader US rollout beyond Palo Alto HQ.

TAMradar monitors companies, people, and industries so you never miss important updates - tracking funding rounds, new hires, job openings, and 20+ signals.

Request access to get insights like this via webhooks or email.

Request access →

Index