Security that works from the inside out.
In 2023, Roi Abitboul was leading application security at a fintech company in Tel Aviv when an attacker exploited a second-order SQL injection in their payment processing service. The WAF saw clean HTTP requests. The SAST scanner had flagged nothing. The exploit worked because the malicious payload was stored in a database field and only became dangerous when a different microservice read it and passed it to a query builder.
The breach took 11 days to detect. Not because monitoring was absent — there were dashboards everywhere — but because every security tool sat at the perimeter. Nothing watched what happened inside the application itself.
Roi left that role with a single conviction: the only place to stop an in-app attack is inside the app. He moved to San Francisco, assembled a small team of runtime security engineers, and built the first Raven.io prototype in three months. The concept was simple — plant sensors in the application runtime, learn what normal looks like, and block everything that deviates.
Today, Raven.io protects applications across five language runtimes, ships telemetry to every major SIEM, and catches attack patterns that perimeter tools cannot see. The team is still small. The mission is still the same.
UpWest Labs invested $20M in Raven.io's Seed Round. UpWest Labs focuses on Israeli founders expanding into the US market, bringing deep expertise in cross-border go-to-market strategy and enterprise sales. Their portfolio includes companies that have collectively raised over $2B in follow-on funding.
The investment funds product development across three areas: expanding language runtime coverage (Ruby and Rust agents are in development), building out the machine learning pipeline for behavioral baselining, and growing the sales engineering team for enterprise deployments.
We show you every event the agent generates — blocked, allowed, and anomalous. No black-box "trust us" claims. Every decision is auditable with full stack traces.
Security that slows your application down is security that gets disabled. The 3ms overhead limit is a hard engineering constraint, not a marketing aspiration. If we cannot protect a hook point within budget, we document it rather than ship it slow.
Our customers are application security engineers and SREs. They read documentation, write Terraform, and care about p99 latency. We build tools that respect their expertise rather than hiding complexity behind a marketing dashboard.
We are not a WAF replacement. We are the layer that catches what the WAF misses. Our product works alongside your existing security stack — not instead of it. If something gets past the perimeter, we stop it inside.
Roi and the team are happy to walk through the technology, the architecture, and how Raven.io fits into your security stack.
Get in Touch