The exploit intelligence specialist VulnCheck has secured $25 million in Series B funding, a round led by Sorenson Capital with participation from National Grid Partners and existing backers including Ten Eleven Ventures and In-Q-Tel. The raise brings VulnCheck’s total funding to $45 million and lands at a moment when vulnerability exploitation timelines are compressing faster than most security teams can realistically react, a problem the company has built its entire thesis around, closing that gap before it becomes operationally painful or outright catastrophic.
What makes this round notable isn’t just the amount, but the confidence investors are placing in VulnCheck’s machine-first approach to exploit intelligence. Traditional vulnerability management tools were designed for analysts sifting dashboards, spreadsheets, and alerts by hand, a workflow that simply doesn’t scale when thousands of new CVEs appear each year and exploitation often starts the same day they’re disclosed. VulnCheck flips that model, delivering exploit intelligence as a fully autonomous, machine-consumable dataset, with human review treated as a downstream benefit rather than the primary bottleneck. According to Sorenson Capital partner Ken Elefant, this architecture positions VulnCheck to outperform legacy systems that only ever see a fraction of real-world exploited vulnerabilities.
The growth metrics underline why the market is paying attention. Over the past year, VulnCheck reports enterprise ARR growth of 557 percent and government ARR growth of 306 percent, numbers that feel less like steady scaling and more like a product snapping into place at exactly the right moment. The company has also climbed from number 143 to number 28 globally in CVE assignment rankings, with nearly 2,000 CVEs issued, a detail that quietly signals how deeply embedded it has become in the vulnerability disclosure ecosystem. Its community has expanded rapidly as well, now exceeding 13,000 users across vendors, practitioners, and vulnerability management teams with access to VulnCheck KEV and NVD++ datasets.
The data itself paints a sobering picture of the threat landscape. Throughout 2025, VulnCheck added nearly 900 vulnerabilities to its Known Exploited Vulnerabilities list, a 25 percent year-over-year expansion. More striking is the timing: 32 percent of those vulnerabilities were exploited on or before the day their CVEs were disclosed, a sharp increase compared to the previous year. That statistic alone explains why automation and machine-speed intelligence are no longer optional luxuries but baseline requirements, especially for organizations defending critical infrastructure, governments, and large enterprises with sprawling attack surfaces.
Partners and customers are already building on top of that intelligence. Mark Kuhr, co-founder and CTO of Synack, describes combining VulnCheck’s exploit data with automated AI penetration testing and elite human analysis to create a continuous defense loop, one that doesn’t just identify theoretical weaknesses but focuses attention on vulnerabilities that are actively exploitable in the wild. It’s a pragmatic framing, less about chasing perfect security and more about spending limited time and resources where attackers are already moving.
From a technical standpoint, VulnCheck’s platform continuously analyzes first-party evidence of exploitation and scans more than 500 million records drawn from over 500 sources, refreshing multiple times per day. The goal is velocity with context, not just alerts, but insight into threat actors, ransomware associations, and proof-of-concept exploits already circulating. Founder and CEO Anthony Bettini frames the challenge bluntly: weaponization is accelerating faster than remediation, and exploit timelines are now so compressed that defenders who wait for traditional signals are already behind.
The Series B also reinforces broader market validation. Over the past two years, VulnCheck has moved from RSAC Innovation Sandbox finalist to being selected as a SINET16 Innovator, and in 2025 it reached finalist status at both Black Hat Asia and Black Hat Europe Startup Spotlight competitions. Most recently, CRN named the company one of its Top 10 Cybersecurity Startups to Watch in 2026, recognition that tends to follow companies just before they become unavoidable fixtures in enterprise security stacks.
For investors like National Grid Partners, the appeal is clear. Critical infrastructure operators face relentless pressure to modernize vulnerability prioritization as attackers automate faster than defenders can triage. VulnCheck’s promise of continuously updated, machine-speed intelligence speaks directly to that imbalance, and this funding round suggests the market believes that closing the exploitation-timing gap is no longer a niche problem, but one of the defining cybersecurity challenges of the decade.
Leave a Reply