Skip to main content

November 2017


Continuum Security – an investment to address application security at the development stage

Sonae IM invests in Continuum Security to address application security at the development stage

Spanish-based threat modelling tool to continuously manage application security risks from the design phase, enabling more agile and flexible development cycles

Continuum Security, a Spanish-based company, pioneer in the field of application security, has just closed its latest funding round to consolidate its product offer and build a sales team to fuel its international expansion.

This investment reinforces the strategy of Sonae IM to build a world-class portfolio in cyber security, on the back of its early-stage vehicle, Bright Pixel, a venture builder studio that contributes with in-depth technology know-how and early-stage investment expertise.

Sonae IM and Bright Pixel will jointly play an active role in supporting the company’s expansion plans and will join the lead investor, Swanlaabs, a Spanish VC backed by a leading Israeli fund with a track record of $ 600M investments and 38 successful exits, and JME, a local Spanish VC.

Continuum Security was founded by Stephen de Vries, a renowned security consultant and researcher to tackle vulnerabilities early in the development cycle. It empowers security analysts with a platform to manage application risks taking into account inputs from the development team, prioritizing which vulnerabilities to tackle and embedding security by design.

The funds raised will be to face an expanding market of application security, recently identified by Gartner as the fastest segment in the security market, and deal with the many requests they have from potential clients.

The company has been registering a strong traction and raising interest from global tier-1 players from multiple sectors and with very demanding application development cycles, including: Salesforce, BBVA, Inditex and Invesco.

Continuum Security integrates a growing portfolio of cyber security, which includes S21sec – a leading European MSSP (managed security services provider) based in Spain, with a strong presence in Latin America, as well as a leadership position in Portugal since its Sysvalue acquisition last year; the recent investments in – an early startup that is developing a web application vulnerability scanning suite for agile teams; ArcticWolf Networks – a fast growing, US-based, SOC-as-a-service provide; and, Secucloud – a security solution provider for telecoms and ISPs.

Commenting on the deal, Stephen expressed: “This investment is great news for Continuum Security as it will allow us to follow-up on several requests we have been getting and respond to potential clients that are reaching out to us”

Alexandre Santos, Head of Venturing at Sonae IM and Founder & Investment Partner at Bright Pixel, said “Our investment in Continuum Security allows us to complement our cyber security offer, tackling vulnerabilities at the design phase and marks an important milestone in our goal to build a portfolio of worldwide leading solutions in the space”

About Continuum Security

Founded in 2012 in Huesca, Spain Continuum Security provides an automated threat modelling platform for security analysts to implement security during the design phase with the benefit of lower costs and more agile development cycles. Since it launched its beta version in 2015, the company was been growing rapidly having signed key clients, including Salesforce, BBVA and Inditex. Continuum Security follows a multi-sector approach with 2 main sales channels, directly to the end customers and via partnership with key value-added resellers and tech consulting companies.

For additional information, visit