Celebrating Four Years of Innovation: RegScale’s Journey to Series B and Beyond

RegScale is turning four, and what a year it’s been! Since our third birthday celebration, we’ve transformed from a rising startup into a recognized leader in the GRC space — and there’s so much more to come. Join us as we reflect on our extraordinary year of growth, innovation, and impact. 

Breaking Records, Building Momentum

This year brought milestone achievements that far exceeded our goals. We tripled our Annual Recurring Revenue (ARR), established our presence in new markets across Canada and Europe, and grew our partner ecosystem with strategic relationships to help us reach and serve customers more effectively. We’ve also significantly grown our channel and partner program, leveraging resellers and distributors as a part of our expansion strategy.  

We’ve also expanded our roster by hiring dozens of new employees. From R&D to leadership, from customer success to sales, we’ve brought on the best of the best to continue accelerating our growth across the country. 

Just as importantly, we closed an oversubscribed $30+ million Series B funding round led by Washington Harbour Partners, with additional investment from new investors M12, Microsoft’s Venture Fund; Hitachi Ventures; and Ankona Capital; as well as continued participation from existing investors SYN Ventures and SineWave Ventures. 

But the numbers only tell part of the story. 

“This year validated that our focus on building the most engineering-friendly Cyber GRC is addressing a real and urgent market need,” said Travis Howerton, Co-Founder and CEO of RegScale. “We’re fundamentally changing the market by powering cyber resilience for government services and critical infrastructure, and we’re transforming how GRC is done through compliance as code. Our growth reflects the industry’s recognition that there’s a better way forward.” 

Customer Success: Our North Star

At RegScale, we’re all about strengthening collaboration and building partnerships. This year, our customer-obsessed approach has driven both our growth and our innovation as we’ve worked hand in hand with organizations to tackle their most complex compliance challenges. 

We’ve had the privilege of expanding our relationships with mission-critical organizations including the Department of Homeland Security, Department of Energy, Department of War, and others across the federal, commercial, and critical infrastructure sectors. By truly understanding their pain points and delivering solutions that make a measurable difference, we’ve seen tremendous success as organizations and agencies discover new ways our CCM platform can transform their GRC operations. 

Our approach is multi-faceted: share knowledge widely, make sure we know what “done” means to each customer, invest in world-class technical support, and solve problems relentlessly. Whether we’re supporting a federal agency in accelerating their ATO process or enabling a Fortune 500 company to stay always audit-ready, we’re committed to helping our customers overcome complex operational challenges. 

“Our customers are partners in our mission,” said Gavin Maxfield, Vice President of Customer Success and Services at RegScale. “Every conversation, every implementation, and every challenge they bring to the table makes our solution stronger. This year, we’ve seen incredible expansion because when you truly solve people’s hardest problems, they want to do more with you. That’s the foundation of everything we do.” 

Industry Recognition and Technical Excellence

Our achievements haven’t gone unnoticed. Gartner® mentioned us more than 15 times this year, most notably in the 2025 Gartner® Cool Vendors™ With AI-Powered Technologies for Assurance Leaders report. In our view, the recognition underscores the industry-defining work we’re doing to advance AI and continuous monitoring. 

Regionally, RegScale has been recognized as a 2025 NVTC Cyber50 Award honoree, a 2025 NVTC Tech100 Award Honoree, and a 2025 Pinnacle Innovator Award recipient. We’re also honored to have won this year’s CoDIE Awards and CyberSecurity Breakthrough Award for Compliance Software Solution Provider of the Year, cementing our position as innovators in the GRC space. 

But our proudest accomplishment is how we’ve led by example. This year, we received our FedRAMP High Authorization, one of the most rigorous security certifications out there, with agency sponsorship by the Department of Homeland Security. And we did it 3-4x faster and at 50% of the average cost by using our own platform. 

We’ve also been listed in the Cloud Security Alliance (CSA) STAR designation as a Valid-AI-ted solution, demonstrating our commitment to our mission of intelligent, real-time compliance powered by AI. 

“Security isn’t just what we sell; it’s who we are,” said RegScale CISO Dale Hoak. “Achieving FedRAMP High authorization and excelling in the Valid-AI-ted program shows that we hold ourselves to the same exacting standards that our customers need to meet. Every certification we pursue feeds directly back into making our platform more powerful and effective.” 

Product Innovation: Building the Future of GRC

We’ve continued to focus on evolving our platform to meet the ever-changing needs of our customers. This year brought some of our most significant product advancements yet, transforming how organizations experience and interact with compliance.  

First, we’ve delivered major improvements to platform stability, performance, and overall user experience. Our team introduced a streamlined, walk-up friendly interface with faster navigation and reduced cognitive load, while also modernizing our styling and UI patterns to improve responsiveness and centralize key information. These ongoing UI and UX refinements have significantly reduced friction and improved clarity for users at every level. 

One of our biggest launches this year was our full suite of Builders, which empowers customers to configure forms, workflows, dashboards, reports, and exports without custom development. This capability puts control directly in the hands of GRC teams, allowing them to adapt the platform to their unique needs quickly and efficiently. 

We also expanded RegML across the platform with powerful new capabilities for control writing, evidence mapping, policy generation, SSP automation, and automated third-party response. By leveraging AI throughout the compliance lifecycle, we’re helping teams work smarter and faster than ever before. 

Beyond these headline features, we’ve made dozens of enhancements that add up to a dramatically improved experience. Each one reflects our commitment to making compliance less burdensome and more strategic: 

• Upgraded questionnaires with cleaner layouts, improved assignments, and access to past answers for better collaboration. 
• Added new reporting and dashboard tools with charting, multi-level reporting, and flexible layouts. 
• Strengthened compliance configuration with native language frameworks, improved rollups, and streamlined setup. 
• Improved enterprise scalability through job-based processing and a more resilient API layer. 
• Expanded automation and ecosystem integrations, especially for scanners and vulnerability data. 
• Improved data modeling, inheritance consistency, and predictability across modules. 
• Increased auditability and transparency with clearer histories and better tracking. 

To lead our product vision forward, we recently welcomed Chad Woolf as our new Chief Product Officer. Chad brings 14 years of experience from AWS, where he served first as Director of Risk and Compliance and then as Vice President of Security, pioneering ways to innovate the compliance function at scale. Learn more about why he brought his deep expertise in building compliance solutions to RegScale in his article here. 

Connecting Across the Community

In addition to growing internally, we’ve been expanding our reach and deepening our relationships across the industry. Our team participated in 55 events this year from coast to coast, with speaking appearances everywhere from FS-ISAC and NLIT Summit to ISC2 Security Congress and Microsoft Ignite. 

We’ve also delivered dozens of webinars to cybersecurity professionals, sharing insights on everything from AI efficiency and ATO modernization to continuous monitoring and compliance as code. We value the chance to engage with experts across industries, from financial services and energy to government and tech, as we help shape how the market approaches compliance. 

“This year, we’ve seen both our reach and our relevance grow tremendously,” said Esty Peskowitz, VP of Marketing at RegScale. “Whether we’re on stage at Microsoft Ignite or hosting a fireside chat with one of our customers, our goal is the same: share what we’ve learned, respond to what the market needs, and build relationships that matter. This year, we showed up in hundreds of conversations, from major publications to center stage in the largest industry conferences.” 

Until Our Next Birthday… 

Year four has been remarkable, and we’re not slowing down any time soon. We’re continuing to invest in product innovation, team growth, and customer success in order to advance our mission: transforming compliance from a burden into a strategic advantage. 

To our customers who trust us with their most critical compliance needs, our partners who amplify our impact, and our team who make it all possible: thank you. We couldn’t have done it without all of you. 

Here’s to four years of ongoing innovation and to many more breakthroughs ahead!