·Sofia

Exein lands EUR 200m to scale embedded IoT security

#Exein funding#embedded IoT cybersecurity#runtime security firmware#EU Cyber Resilience Act#Blue Cloud Ventures

Embedded IoT cybersecurity vendor Exein has secured EUR 200 million in funding, backing a model where device makers and industrial operators pay to bake security into firmware rather than bolt it on later. The workflow is about stopping compromises on connected products and control systems where patching is slow, connectivity is intermittent and a single vulnerability can cascade across fleets.

The round was backed by Blue Cloud Ventures, HV Capital, Intrepid Growth Partners, Geodesic Capital and J.P. Morgan, according to a FinSMEs report. Exein has been actively financing growth: verified disclosures show EUR 170 million of total funding in 2025, including a EUR 70 million Series C and an additional EUR 100 million round led by Blue Cloud Ventures with participation from J.P. Morgan and others.

Why investors are leaning into embedded security

Exein’s core pitch is AI-powered runtime security integrated into firmware. Instead of relying on perimeter tools or cloud-only monitoring, the software is designed to detect, contain and respond to threats in real time on the device itself, including offline. That matters for industrial and critical infrastructure environments where devices may sit at the edge with constrained compute, long lifecycles and limited ability to update.

Investors cited rising cyberattacks targeting IoT and critical infrastructure and the growing requirement for device-level security. This is also becoming a procurement checkbox: Exein states its platform supports compliance with major frameworks and regulations including the EU Cyber Resilience Act, RED 3.3, the US Cyber Trust Mark, ETSI EN 303-645 and IEC 62443.

From a go-to-market perspective, regulation does two things for vendors like Exein:

  • It shifts security from “nice-to-have” to “must-have” in OEM design cycles.
  • It raises switching costs because security becomes part of certification and product release processes.

Commercial model: deep integration and long tails

Runtime security that sits in firmware tends to be sticky. Once embedded into a device line, replacing it can mean redesign work, re-validation and potential recertification. That implementation depth can support retention and expansion through:

  • Land-and-expand across product families as OEMs standardise a security stack.
  • Upsell into compliance reporting and fleet-level controls as regulations and customer audits intensify.
  • Channel leverage via silicon and module partners, where security becomes part of a reference design.

Exein says it already protects over 1 billion devices, with projections to exceed 2 billion by Q1 2026 driven by new rollouts and regulatory pressure. The company also points to 450% year-on-year growth, alongside partnerships with players including MediaTek and Kontron.

What the funding is likely to finance

Verified reporting links the financing to next-generation AI-powered runtime security development and global expansion. Exein is already building presence across multiple markets, including the US, Japan, Taiwan, South Korea and Germany.

In practical terms, scaling an embedded security vendor usually means investing in:

  • OEM and industrial sales capacity with longer design-in cycles and multi-stakeholder buying groups.
  • Field engineering and integration support, since wins often depend on implementation quality and time-to-certification.
  • Ecosystem partnerships with chipmakers, module vendors and industrial platforms to shorten adoption timelines.

Market signal: embedded becomes the default

This round is another indicator that investors see embedded IoT security as a separate category from traditional endpoint protection. The addressable problem is less about office IT and more about heterogeneous device fleets in energy, healthcare, automotive and industrial automation, where downtime and safety risks are non-negotiable.

As regulation hardens and OEMs face greater liability for insecure products, demand is shifting toward vendors that can prove they operate at the device layer and support compliance regimes across regions. For Exein, the challenge now is execution: converting momentum into repeatable design wins, maintaining performance on constrained devices, and proving that runtime response can scale across diverse hardware and operating environments.

What this enables

  • Faster global rollout of embedded runtime security across OEM product lines
  • Stronger compliance-led sales motions tied to the EU Cyber Resilience Act and related standards
  • Deeper partnerships with chipmakers and module vendors to drive reference-design adoption

What to watch

  • Evidence of repeatable design-in wins across multiple OEMs and verticals
  • Gross margin and support costs as deployments scale across heterogeneous device fleets
  • How Exein packages compliance and reporting into monetisable modules
  • Competitive pressure from platform vendors and security incumbents moving down the stack

More Articles

Fuse Energy lands EUR 66.5m for full-stack power play

UK energy startup Fuse Energy has raised EUR 66.5 million from Balderton Capital and Lowercarbon Capital as it scales a vertically integrated model spanning generation, trading and retail supply.

TT buys OpenGamma to embed margin analytics

Trading Technologies International has acquired UK-based OpenGamma in an undisclosed deal, adding real-time derivatives margin analytics to TT’s multi-asset trading platform.

FoRx raises EUR 50m to push PARG inhibitor into Phase I

Swiss precision oncology biotech FoRx Therapeutics has secured a EUR 50 million Series A led by repeat backers EQT Life Sciences, Novartis Venture Fund and Pfizer Ventures, with M Ventures participating. Proceeds fund Phase I development of lead asset FORX-428 with data expected by mid-2026.