RegScale Triples ARR, Achieves FedRAMP High, and Accelerates Federal and Commercial Adoption
Company expands executive team, adds strategic advisors, and cements leadership in OSCAL, for FedRAMP 20x and Cyber Risk Institute
TYSONS CORNER, Va., July 22, 2025 /PRNewswire/ -- RegScale, the Continuous Controls Monitoring (CCM) platform purpose-built for the CISO, today announced record-breaking business momentum, tripling ARR in the last year while expanding its footprint across both U.S. federal agencies and global enterprises. The company recently achieved FedRAMP High, a critical milestone that enables broader adoption across government agencies and regulated industries.
"Legacy GRC platforms were never built for the speed of today's cloud-native and complex DevSecOps-driven environments," said Travis Howerton, Co-Founder and CEO of RegScale. "We're seeing incredible demand from organizations that need to automate manual risk and compliance processes, achieve an always audit-ready posture, and embed real-time risk visibility into every layer of their infrastructure. Our growth reflects a fundamental market shift—from compliance as a manual checkbox to compliance as code with full automation."
Strategic Growth: Customers, Talent, and Industry Advisors
RegScale's growth is fueled by increased adoption in both government and commercial sectors. In the federal sector, RegScale has expanded its support to the Department of Energy, the Department of the Navy, and the U.S. Marine Corps. Commercial momentum is also building with global expansion of the platform into new geographies, such as Canada and Europe.
To support its growth, RegScale added strategic advisors Roland Cloutier, former Global CSO at EMC & ADP, and Alex Tosheff, former CISO at VMware, to guide its expansion in highly regulated and security-conscious industries. The company also welcomed Devon Goforth as Chief Technology Officer, bringing deep expertise in cybersecurity, threat intelligence, and engineering excellence. Additionally, it welcomed Rich Shirley as VP of Strategic Partnerships and Meghan Shafer as AVP of Sales to scale commercial and partner growth. The company also promoted Dale Hoak to its Chief Information Security Officer, after achieving the coveted FedRAMP High Authorization for RegScale.
Industry Leadership in Federal and Commercial
The company also solidified its position as a leader in compliance standards by being named the lead affiliate for the Cyber Risk Institute's OSCAL initiative for financial services and a founding member of the new OSCAL Foundation, focused on standardizing machine-readable compliance content. RegScale is an early implementer and core contributor to FedRAMP 20x, helping define the future of continuous authorization in the federal government.
"Our conviction in RegScale has only deepened—and faster than we anticipated, said Yanev Suissa, Managing Partner & Founder of SineWave Ventures, an investor in RegScale. "They're executing against a massive market opportunity with speed and precision. Their ability to modernize legacy risk and compliance processes in both federal and commercial markets—and lead foundational standards like OSCAL and AI—positions them to transform how the industry approaches risk and compliance."
Compliance Automation Platform Advances Automation, AI, and Risk Assessment
RegScale continues to differentiate itself in AI, compliance as code, and automation, having built and deployed its first fleet of AI agents, including intelligent threat modeling, MITRE ATT&CK-aligned dashboards that help customers identify risk, calculate cost savings, and stay audit-ready at scale. The company also adopted OSCAL, OCSF, and SBOM across its platform, and integrated with over 400 commercial tools to enable self-updating paperwork and real-time automated workflows with Microsoft Defender for Cloud, AWS Security Hub, Okta, and more.
RegScale has also recently released its 2025 State of Continuous Controls Monitoring (CCM) Report, a first-of-its-kind research study offering critical insights from hundreds of CISOs about GRC. The report shows that organizations are seeking CCM solutions to streamline GRC processes, reduce risks, and improve cost efficiency. The company's growth leadership has been recognized throughout the industry, including being named the Best Compliance Solution by SC Media in 2024, Compliance Software Solution Provider of the Year by the 2024 Cybersecurity Breakthrough Awards, Innovator winner for the 2025 Pinnacle Business Award, and NVTC Tech100 and Cyber50 Award winner.
RegScale is actively hiring across engineering, sales, customer success, and product to support its rapid growth and to prepare for the next round of innovation in this space. With customers needing faster time to compliance, real-time monitoring, and reduced audit fatigue, RegScale is positioned to support complex and highly regulated organizations across the federal and commercial sectors.
To learn more about RegScale's CCM platform, please watch this video.
About RegScale
RegScale's Continuous Controls Monitoring (CCM) platform streamlines GRC by bridging security, risk, and compliance with AI-driven automation. It reduces costs, accelerates certifications, and integrates compliance into DevSecOps pipelines. Customers achieve up to 90% faster certifications and 60% less audit prep effort, enhancing risk management and improving ROI. Recognized as Best Compliance Solution by SC Awards, RegScale leads in transforming GRC efficiency. For more information, visit www.regscale.com.
Media Contact:
Angelique Faul
Silver Jacket Communications
398273@email4pr.com
513-633-0897
View original content to download multimedia:https://www.prnewswire.com/news-releases/regscale-triples-arr-achieves-fedramp-high-and-accelerates-federal-and-commercial-adoption-302509898.html
SOURCE RegScale