Scrut Automation raises $10 million in growth capital

Governance, risk, and compliance (GRC) platform Scrut Automation has raised $10 million in growth capital from existing investors Lightspeed , MassMutual Ventures and Endiya Partners.

The Scrut Automation team will use the funding to enhance their platform capabilities, incorporate generative AI use cases to reduce the manual effort for risk and compliance teams and expand to North American and European markets.

With this round, the company has now raised $20.5 million in total venture funding since its inception in 2021.

Scrut Automation was created to address the unique risk and compliance challenges faced by tech-first mid-market businesses in highly regulated industries.

These companies grapple with stringent compliance requirements from regulators and industry bodies, and mounting pressure to keep risk under the threshold, but are often hindered by limited budgets and understaffed teams.

Moreover, a rapidly evolving threat landscape, accelerated by the adoption of generative AI, massive layoffs in cybersecurity teams, and the counter-intuitive, yet very real increasing skill gap in cybersecurity further exacerbate the problem for the teams.

Aayush Ghosh Choudhury, co-founder and CEO of Scrut Automation, says: “Mid-market organizations have limited options.

“They can buy off-the-shelf compliance automation tools that offer a one-size-fits-all approach to compliance, disconnected from the organizational risks; or invest in expensive enterprise-grade tools with year-long implementation and underutilized features.”

Scrut Automation provides a third option for companies that seek to build scalable GRC programs aligned with the organization’s goals, risks, and resources.

Scrut helps companies consolidate their compliance and risk management processes while contextualizing their risks, reducing duplication of effort, and automating control monitoring.

Choudhury says: “A core USP for Scrut is offering an extremely high degree of flexibility in creating GRC programs that fits closely with the customer’s environment.

“For example, a financial services company in the lending space will have very different regulations, compliance frameworks, and risks from a healthcare services company for hospitals.

“Scrut accounts for this context – as the platform adapts seamlessly to these differences. Scrut has also built practice areas for regulated industries like healthcare, financial services, and enterprise software, that allow the platform to embed expertise in addition to automation.”

The Scrut platform pairs this configurability with deep automation capabilities and a proprietary unifying control framework.

Integrating across a growing library of 75+ products, Scrut automates tests across more than 70 percent of the controls, reducing manual effort in chasing control owners and capturing evidence.

This enables GRC teams to get near-real time visibility into their risk and compliance posture, enabling them to take corrective action on time.

The unifying control framework ties the organization’s controls to compliance requirements, which eliminates the duplicate effort required to demonstrate compliance with different frameworks.

Scrut customer Keshav Kumar, data protection officer at VWO, says: “Over the last financial year, we entered new geographies and industries, which were key drivers for our rapid growth. Our compliance requirements grew at a similar pace.

“Sourcing information across stakeholders, through multiple Google sheets, slack channels, and emails for compliance is an arduous job, something we don’t have to worry about since implementing Scrut.”

As Scrut continues to grow, it aims to help mid-market companies build strong risk and compliance management practices with reduced dependency on human capacity and expertise, through an AI-first GRC concierge.

Dev Khare, partner at Lightspeed, says: “A strong security posture has always been a core need for large enterprises globally.

“Given the increase in the number of breaches and attacks over the past few years as well as increase in regulatory compliance requirements, mid-size enterprises are now adopting strong Governance, Risk, and Compliance (GRC) practices.

“Scrut’s user-friendly and market-leading platform reduces this burden for security and GRC teams. We are happy to reaffirm our commitment to supporting the Scrut team.”

Scrut Automation has been recognized by G2, a social software review platform, on their 2024 lists for fastest-growing products and best security software .

Anvesh Ramineni, managing partner at MassMutual Ventures, says: “Legacy GRC products are built for enterprises, but fail to meet the needs of high-growth tech-first companies.

“Scrut Automation is built specifically to cater to their needs and addresses their pain points seamlessly. We’re excited to support Aayush, Jayesh, Kush, and the Scrut team in building one of the fastest-growing GRC platforms globally.”

Prior to Scrut Automation, co-founders Aayush Ghosh Choudhury and Jayesh Gadewar were building a procurement suite, where they spent months trying to fulfill the risk and compliance needs of their enterprise customers.

Recognizing this widespread pain, they teamed up with Kush Kaushik, their third co-founder, who was helping them navigate the challenging terrain of compliance, to build Scrut Automation.

With Scrut Automation, they have helped over 800 customers worldwide build enterprise-grade GRC programs.

The company has also added angels and advisors from SaaS and cybersecurity sectors, including Sandeep Johri (CEO, CheckMarx), Sachin Lawande (CEO, Visteon), Vetri Vellore (Ex-Corporate VP at Microsoft), Naresh Agarwal (Head of India R&D for Traceable), Davis Hake (Co-founder, Resilience) and Todd Dekkinga (CISO, Zluri).

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Share this:

Leave a Reply Cancel reply