Why We Invested in RunSafe Security

RunSafe protects the software you can’t simply reboot: the embedded code running inside fielded vehicles, defence platforms and critical infrastructure, where a compromise is not an inconvenience but a safety event. Their patented cyberhardening neutralises memory-based vulnerabilities and zero-day exploits at the source, and it does so with no performance overhead and without changing a single line of code.

That last part is what sold us. It means even regulated or safety-certified software can be protected without being re-certified, and almost nothing else on the market can say the same. Add the timing — a sharp re-rating of dual-use deep-tech and regulation turning embedded security from a feature into a legal requirement — and the conviction was easy. We like tailwinds. We like them even more when they are written into law.

RunSafe sits across two of our top-tier pillars, Defence & Dual-Use and Mobility & Aerospace. ISO 21434 and UN R155/R156 made automotive cyber mandatory for type approval, and Europe’s post-2024 defence commitments lifted the whole sector. Their defensibility comes from building protection into the build toolchain itself, plus a compliance barrier rivals can’t simply step around. That is four of our five defensive attributes in a single company, and about as literal a definition of critical-systems software as you will find.

Scanning, patching and monitoring stopped being enough a long time ago — most software today is built on open-source and third-party code, and most of the dangerous bugs live in memory. If you build vehicles, aircraft or defence systems, your real exposure is the firmware you shipped years ago and can no longer easily reach. RunSafe hardens it in place, with no rewrite, no slowdown and no change in behaviour, and it disrupts the attacker’s economics by making whole fleets immune to the same exploit. It is, quite simply, the strongest way we have seen to protect software exactly where a silent failure does the most damage.