The Italian embedded cybersecurity specialist has now raised €170 million in 2025, positioning itself to challenge perimeter-based security models as connected devices emerge as the dominant attack surface.
Strategic Capital Injection Fuels Expansion Beyond Europe
Exein, the Rome-headquartered firmware security firm, has closed a €100 million funding round to accelerate international expansion and develop next-generation protection for connected devices. The investment brings the company’s total capital raised in 2025 to €170 million, following a €70 million Series C completed in July.
Blue Cloud Ventures led the round, with participation from HV Capital, Intrepid Growth Partners, Geodesic Capital, and J.P. Morgan. The financing package combines equity investment with a credit facility arranged by J.P. Morgan.
The company reports fivefold year-over-year revenue growth, with nearly half of its revenue now originating from the Asia-Pacific region. Its valuation has approximately doubled since the July raise, reflecting strong commercial performance in a sector increasingly viewed as critical to infrastructure resilience.
Firmware-Level Defense Against Expanding Attack Surfaces
Founded in 2018 by Gianni Cuozzo, Exein embeds artificial intelligence-powered security directly into device firmware rather than relying on traditional network perimeter defenses. The platform operates independently of continuous connectivity, enabling real-time threat detection and response even in isolated environments.
The company claims to protect more than 1.5 billion devices across sectors including industrial automation, automotive, energy, healthcare, semiconductors, aerospace, and robotics with its technology. This figure is projected to exceed two billion by the first quarter of 2026 as deployment scales and regulatory pressures intensify.
Exein has established strategic partnerships with major manufacturers and chipset providers, including Kontron, a global embedded computing technology provider, and MediaTek, one of the world’s largest semiconductor companies. These relationships enable pre-integration of security capabilities at the hardware level.
Rising Vulnerabilities Drive Regulatory Response
The funding arrives amid mounting evidence of device-level security risks. Forescout‘s 2025 Riskiest Connected Devices report documented a 15 percent year-over-year increase in average device risk, with routers now accounting for more than 50 percent of devices carrying the most critical vulnerabilities. Healthcare networks emerged as the fastest-growing area of concern, with four new types of medical devices appearing on the risk charts for the first time.
Research from PSAcertified indicates that the average cost of a successful attack on an IoT device exceeds $330,000. Data from Forrester shows that 34 percent of enterprises experiencing breaches via IoT devices faced cumulative costs between $5 million and $10 million, higher than attacks targeting non-IoT assets.
These trends have accelerated regulatory action. The European Union’s Cyber Resilience Act, published in November 2024, introduces mandatory cybersecurity obligations for internet-connected hardware and software products. Companies must comply with incident reporting requirements by September 2026, with full compliance required by December 2027. Fines for violations can reach €15 million or 2.5 percent of worldwide annual turnover.
Compliance Frameworks Shape Market Demand
The EU’s Radio Equipment Directive Article 3.3 requirements, effective August 2025, mandate cybersecurity, privacy protection, and fraud prevention measures for wireless devices sold in the European market. The directive covers equipment communicating via the internet, processing personal data, or enabling financial transactions.
In the United States, the Federal Communications Commission launched the voluntary U.S. Cyber Trust Mark program in January 2025. The initiative allows qualifying consumer IoT products meeting cybersecurity standards developed by the National Institute of Standards and Technology to display a certified label, with UL Solutions serving as lead administrator.
Exein positions its platform as compliant with these emerging frameworks, offering manufacturers supply chain integrity verification alongside regulatory compliance capabilities.
M&A Strategy Signals Consolidation Intent
The company plans to deploy the new capital across several strategic priorities. Product development will focus on embedded runtime security for on-device AI and large language models, with initial capabilities scheduled for unveiling at the RSA Conference in early 2026.
Additionally, Exein intends to execute a multi-transaction M&A program in 2026 across Europe and the United States, targeting expansion into adjacent edge security capabilities including local servers, localized AI models, and systems operating outside cloud infrastructure.
Geographic expansion will prioritize the U.S. and Asia-Pacific markets, building on the planned opening of a Taipei office in early 2026. The company currently maintains operations in Germany, Taiwan, and the United States alongside its Rome headquarters, with approximately 100 employees distributed across regions.
Market Context and Competitive Positioning
European cybersecurity funding in 2025 has been characterized by smaller, early-stage rounds. Notable raises include Verona-based Equixly at €10 million for API security testing, Paris-based Evertrust at €10 million for digital trust services, and various pre-seed rounds under €3 million for specialized security niches.
Against this landscape, Exein’s back-to-back raises totaling €170 million represent the largest European cybersecurity funding activity of the year, positioning the company for potential market leadership in embedded device security.
The embedded security approach addresses fundamental limitations of perimeter defenses. Traditional firewalls and network filters can only intercept traffic they can observe, leaving devices outside monitored environments vulnerable. Cyberattacks targeting physical infrastructure—disrupting hospitals, airports, and supply chains—have demonstrated the real-world consequences of inadequate device-level protection.
