True Ventures leads funding for security firm whose research exposed data leaks on government sites and influenced federal legislation including the TikTok ban
Feroot Security, the AI-native compliance and security platform for websites, web apps and mobile applications, announced it has raised $14 million in Series A funding led by True Ventures, with participation from Industry Ventures, Preface Ventures, Y Combinator, and all existing investors. This brings Feroot’s total funding to $25 million.
The funding will be used to expand Feroot’s AI Agent capabilities, scale its go-to-market team, and accelerate product development for enterprise clients managing complex multi-site compliance requirements.
Feroot has experienced 300% year-over-year revenue growth in Q3 2025 and doubled its team size in the past year. Companies are rushing to protect websites, web apps, and mobile applications, which have become the most exposed point for sensitive user data despite getting the least attention from security teams.
Read More: SalesTechStar Interview with Travis Rehl, CTO and Head of Product at Innovative Solutions
The Runtime Compliance Gap
While most cybersecurity solutions focus on backend infrastructure and network security, Feroot addresses a critical blind spot: the client-side environments where users actually interact with sensitive data. Login pages, checkout flows, patient portals, and user registration forms are prime targets for data exposure through third-party scripts, misconfigured tracking pixels, and unauthorized code injections.
In 2024, a large healthcare provider settled a class action lawsuit after its Meta and Google tracking pixels transmitted patient information to third-party vendors without consent, affecting its entire base of 3 million patients. The incident triggered mandatory breach notifications, federal investigations, and reputational damage in addition to a $12.5M financial settlement. Front-end vulnerabilities that companies treat as routine marketing tools can become enterprise-wide crises.
Feroot AI Agents Replacing Manual Compliance Work
Feroot’s platform uses AI agents to continuously monitor and protect websites and mobile applications across 50+ global privacy frameworks, including PCI DSS 4.0.1 (Requirements 6.4.3 & 11.6.1), HIPAA, GDPR, LGPD, PIPEDA, CCPA/CPRA, DSP, and NIST standards.
“We’re at an inflection point. Healthcare systems are paying eight-figure settlements for misconfigured tracking pixels. Enterprises are drowning in compliance requirements they can’t possibly meet manually. This raise accelerates our ability to protect them before they become the next headline.” said Ivan Tsarynny, CEO and co-founder of Feroot Security.
Research Driving Policy and Regulatory Action
Feroot has distinguished itself as one of the only security vendors producing primary research that influences both commercial risk management and public policy. CEO Ivan Tsarynny has testified before Congress on data security vulnerabilities and played a pivotal role in developing federal legislation related to data privacy, most notably contributing to the research that informed the House vote to ban TikTok. Feroot’s DeepSeek research, which revealed hidden data pipelines to China, prompted lawmakers to call for immediate regulatory action and was covered by ABC News, Bloomberg, The Wall Street Journal, CNBC, The Guardian, and the Associated Press.
“We’ve watched tracking pixel settlements climb into eight figures while compliance requirements multiply every quarter. Feroot’s growth indicates the market has reached a tipping point and that companies are realizing their existing security stack doesn’t protect against data exposure. Ivan and his team saw this coming years ago,” said Puneet Agarwal, partner at True Ventures.
Feroot’s customers include Reddit, Xerox, Gusto, Bolt, Hornblower, Forbes, Sky, and Newegg, spanning industries from fintech and healthcare to media, travel, gaming and e-commerce.
“In my role, I want to reduce as much cyber risk as possible. We needed a better way to find client-side threats and address them on our front-end,” said Frederick Lee, former Chief Security Officer at Gusto and current CISO at Reddit. “With Feroot Inspector we have enhanced our ability to manage cyber risk and keep our customers safe at point of interaction.”
Read More: Why Pipeline-Driven Sales Will Dominate and Become the New Era of Sales Efficiencies