French cybersecurity startup Riot has successfully closed a $30 million Series B funding round. The investment follows a milestone year for the company, which reached $10 million in annual recurring revenue in 2024. Led by Left Lane Capital, with continued participation from Y Combinator, Base10, and FundersClub, the round pushes Riot’s post-money valuation beyond $170 million.
From Phishing Simulations to Active Defense
Originally launched to train employees against cyber threats through simulated phishing campaigns, Riot is now pivoting toward a proactive security model. By mimicking real-world malicious emails, the platform has historically trained staff to identify and report suspicious activity. The company’s ecosystem includes a dedicated security chatbot, “Albert,” which integrates directly into Slack and Microsoft Teams to provide real-time educational support.
This strategy has scaled rapidly. Riot currently secures 1 million employees across 1,500 organizations, including major clients like L’Occitane, Deel, Intercom, and Le Monde. This represents a massive leap from its base of just 100,000 employees only two years ago.
Addressing the Human Vulnerability Gap
Despite increased awareness, cyber incidents remain a critical threat. The massive Change Healthcare data breach, which impacted 190 million Americans, serves as a stark reminder of the risks posed by poor credential management and the lack of multifactor authentication (MFA).
Riot’s new “Employee Security Posture Management” platform aims to solve these lapses by acting as a central cockpit for individual security. “Our job is to look at employees’ posture,” says Benjamin Netter, founder and CEO of Riot. “Do they activate multifactor authentication? Do they have a secure code on their smartphone? Are their privacy settings on LinkedIn too permissive?”
Gamifying Security for Better Compliance
To ensure high adoption, the platform introduces a “karma score” that evaluates an employee’s overall security hygiene. By nudging users to perform simple, quick tasks—such as enabling MFA or tightening privacy settings—Riot intends to make life significantly harder for attackers.
The platform leans into consumer-grade design, utilizing animations and gamification to encourage participation. This approach is essential as threats evolve, with social engineering attacks now frequently bypassing traditional corporate filters via platforms like WhatsApp or LinkedIn.
Long-term Vision for the Security Stack
Looking ahead, Netter envisions Riot becoming a comprehensive provider for the entire employee security stack. While the current focus remains on posture management, the company is not ruling out future expansion into tools like password managers or antivirus software.
With this fresh injection of capital, Riot plans to accelerate its international expansion and aggressively grow its client base. The funding will fuel the development of more sophisticated, automated security tools designed to turn the workforce from a liability into a primary line of defense.