Munich-based security and compliance platform Secfix has raised $12 million in an oversubscribed Series A funding round led by Alstin Capital, with Bayern Kapital joining the round and existing investor neosfer continuing its support.
The fresh investment will be used to support Secfix’s growth plans across Europe and to further develop its product offering. The company’s leadership set out its priorities for the coming year. “Over the next 12 months, Secfix will focus on deepening our AI-native capabilities, scaling the security automation platform and CISO-as-a-Service offering, and accelerating expansion beyond our strong DACH base while adding coverage for EU AI Act, NIS2, ISO 42001 and more,” Munguia said.
Secfix’s platform is designed to take on much of the operational burden involved in meeting regulatory and certification requirements, including ISO 27001, NIS2, GDPR, SOC 2, DORA and ISO 42001. The system combines automated workflows with a CISO-as-a-Service model, providing services such as continuous monitoring, incident response, security questionnaires, gap analysis, policy checks, access management, cloud scanning and penetration testing.
Munguia pointed to the challenges faced by smaller businesses when navigating compliance processes. “For European SMBs and mid-market companies, achieving security certifications like ISO 27001, NIS 2, TISAX, SOC 2 and more has traditionally been a slow, manual, and resource-draining process, often taking 12–18 months and costing companies enterprise deals while they wait. Secfix eliminates this bottleneck.”
The company said its customers have seen major efficiency gains. “With Secfix, companies reduce up to 90% of compliance work, going from months to just a few weeks to finish their certification. C-Level personnel and engineering teams save hundreds of hours of manual work. Security questionnaire response time is cut by 50% and sales cycles accelerate by 3x. Across the board, Secfix customers achieve 100% audit success rates.”
Founded in Munich in 2021, Secfix was set up by three local founders with experience in technology and security. Fabiola Munguia, who leads strategy, fundraising and sales, previously worked in B2B sales and growth roles at Siemens and BMW and has spent five years in cybersecurity and compliance automation. The founding team also includes CTO Grigory Emelianov and CISO Branko Džakula.
The company has developed from an initial GRC automation tool into a full end-to-end security compliance platform. It now serves hundreds of customers across more than 15 European countries, including WorkMotion, Veremark, Trafigura and Orianda (Valantic Group), as well as banks, oil and energy firms and multinational groups.
