Secfix raises $12M Series A to build end-to-end security compliance platform

Munich-based Secfix, an end-to-end security compliance platform, has closed an oversubscribed $12 million Series A round led by Alstin Capital, with participation from Bayern Kapital and existing investor neosfer, an early-stage investor of the Commerzbank Group. The funding will support the company’s expansion across Europe and the further development of its AI-native capabilities and CISO-as-a-Service offering.

European companies have traditionally faced lengthy and resource-intensive certification processes, often requiring months of manual work and delaying commercial opportunities. Secfix was founded to address this challenge by automating compliance across standards, including ISO 27001, the EU AI Act, NIS2, GDPR, and SOC 2, helping small and mid-sized businesses reduce manual effort and streamline certification.

However, certification often proved to be only the first step. As customers achieved initial certifications, many encountered growing security and compliance demands as their organisations scaled, creating demand not only for automation tools but also for ongoing expert support.

In response, Secfix expanded its offering into an end-to-end security compliance platform that combines automation with an AI-native CISO-as-a-Service model. The platform provides continuous monitoring, incident management, security questionnaires, gap assessments, policy reviews, access management, cloud security scanning, penetration testing, and broader security leadership support.

Fabiola Munguia, CEO and co-founder of Secfix, said the company initially focused on helping businesses achieve certification more efficiently and is now expanding its role to support customers as a broader security and compliance partner beyond the certification phase:

Our vision is to solidify Secfix as Europe’s leader in end-to-end security compliance – one that grows with companies from their first ISO 27001 certification through their entire security and compliance journey.

With regulatory requirements such as ISO 27001, NIS2, DORA, and the EU AI Act increasing the compliance burden on European organisations, Secfix positions its platform as a combined automation and AI-driven solution informed by audit experience, customer feedback, and extensive cybersecurity expertise.

The Series A funding will support Secfix’s continued European expansion, further product development to enhance its AI-powered automation capabilities, and the scaling of its CISO-as-a-Service offering to meet growing mid-market demand.