Newly Launched RegScale Announces $1.5M Early Funding Round and Key Customers for Its Security and Compliance Automation Software Platform

U.S. Air Force, Department of Homeland Security, Johnson Controls Federal Systems and Fortune 500 financial services company highlight early customer traction

Source: businesswire | November 30, 2021 |

WASHINGTON–(BUSINESS WIRE)–RegScale, delivering continuous compliance automation for highly regulated public and private sector entities, was formally launched to the market today after spinning out from C2 Labs, a digital transformation services company. As part of this launch, RegScale also announced that it has secured an early funding round of $1.5M with participation from Virginia Innovation Partnership Corporation (formerly CIT), New Dominion Angels and several strategic investors, along with significant customer traction.

RegScale officially launched today after spinning out from C2 Labs. As part of this launch, RegScale also announced that it has secured an early funding round of $1.5M to deliver continuous compliance automation for highly regulated entities. Tweet this

“Meeting compliance obligations has traditionally been a manual, time consuming, and expensive process,” said Travis Howerton, co-founder and chief technology officer, RegScale. “We are bringing the principles of DevOps to compliance to solve the most difficult compliance headaches that companies face and help them transition their manual, static compliance documentation and processes into a dynamic, automated, and collaborative platform. The cybersecurity industry has been heavily focused on the concept of ‘shifting left’ security to make cybersecurity real-time, continuous, and complete, which positions compliance as the new bottleneck in the digital transformation process. This new funding will allow us to scale up and ‘shift left’ compliance to accelerate innovation, reduce risk, and lower the costs of manual compliance documentation, which our customers are demanding.”

“Our customers are seeing real results by implementing RegScale, from saving $500,000 per year on their cyber insurance premiums to processing over 70 CMMC system security plans within a few months,” said Anil Karmel, co-founder and chief executive officer, RegScale. “One customer was able to dynamically report their state of compliance in real time in Tableau by integrating RegScale with, bringing in cloud compliance findings and marrying them against manual assessments of compliance controls. This allowed them to continuously meet their compliance obligations and update their documentation in real time.”

RegScale was built to help organizations in heavily regulated industries continuously manage the massive year over year growth in their compliance burden as they deal with fines that have increased more than 500% in recent years, according to McKinsey. The company’s continuous compliance automation solution moves organizations from manual compliance approaches and processes to an API-centric, automated approach.

Since the RegScale platform was launched in early 2021 (under the brand Atlasity), the company has seen more than 5,000 downloads of its freemium Community Edition and has signed on five major customers for its Enterprise Edition platform. Early customers include the U.S. Air Force (USAF), U.S. Department of Homeland Security (DHS), a Fortune 500 financial services company, and Johnson Controls Federal Systems, which is using RegScale to manage compliance to the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) standard.


The RegScale founding team has deep expertise in government regulations and the industries they affect. Howerton served in multiple executive positions in government and industry, including as CTO for National Nuclear Security Administration (NNSA), deputy CIO at Oak Ridge National Laboratory (ORNL), and as the global director for strategic programs at Bechtel Corporation. Co-founder Anil Karmel was deputy chief technology officer at NNSA and developed cloud computing solutions for the Department of Energy (DOE) Nuclear Weapons Complex while at Los Alamos National Laboratory (LANL). Karmel currently serves as the President of the Cloud Security Alliance’s (CSA) Washington, DC Metro Area Chapter and is a member of the CSA’s CxO Trust Advisory Council.

RegScale customers benefit from simple TurboTax-like wizards and automated drag and drop workflows, allowing them to create compliance artifacts quickly while speeding approvals. This is enabled by applying DevOps principles to the process, enabling what RegScale refers to as a Regulatory Operations or RegOps approach. Customers can integrate their existing security and compliance platforms with RegScale, supporting both manual and real-time automated assessments to help organizations better understand and holistically manage compliance risks in a proactive manner.

The collaborative capabilities of the platform allow all stakeholders and data owners in the compliance process to work together in one platform to dramatically improve productivity and lower costs. The burdens of collecting documentation and fulfilling reporting requirements is significantly reduced for RegScale customers via its’ API-centric approach, allowing customers to use the same assessment information to comply with multiple compliance requirements as well as visualize their real-time state of compliance via their business intelligence platform of choice.

The company has built an open source community to encourage 3rd party collaborators to create integrations with the RegScale platform. These integrations are published freely as open source for use by RegScale’s customers to support the RegOps movement through the power of the open source ecosystem.

“Cyber Security and Compliance are top of mind for heavily regulated organizations.”, said Jim Reavis, Co-Founder and CEO of the Cloud Security Alliance. “Purpose-built solutions that can help organizations proactively manage compliance with applicable laws and regulations are critically needed, and we applaud RegScale for bridging the divide between security and compliance via automation.”

RegScale is designed to meet any regulatory requirement with 70+ compliance requirements such as NIST, ISO, SOX, CMMC, and NERC-CIP supported out of the box and the ability for RegScale to digitize any regulation in under a week. A full list of the regulations supported in RegScale today is at


Founded in 2021, RegScale delivers continuous compliance automation for heavily regulated industries, freeing organizations from paper via its security and compliance automation software. Through its Continuous Compliance Automation platform, RegScale helps organizations continuously meet any compliance obligation including laws and regulations such as GDPR, NIST, CMMC, and CCPA leveraging an API-centric approach. For more information, visit: