Mobile security has often been treated as something teams try to settle before release: scan the code, fix what can be fixed, ship the app, and hope the runtime environment behaves. RiskFront Lab is taking aim at the part of that workflow that happens after the build is ready.
RiskFront Lab has raised a $3 million seed round from MANTIS Venture Capital, Sequoia Capital, Original Capital and Next Play Ventures. The company, led by CEO Tomas Brown, builds post-build runtime protection for Android and iOS apps, with a focus on mobile products that face tampering, hooking, debugging, certificate bypass attempts, compromised devices, automation and other client-side abuse.
The pitch is straightforward: mobile teams do not always have time to rebuild product features around a security SDK before an app store deadline. RiskFront Lab works around the app package, applying protection policies after the build exists and giving security, release and risk teams evidence they can review before and after distribution.
Its platform is designed to help teams define rules for high-risk screens and workflows, detect runtime signals such as rooted or jailbroken devices, identify modified packages or suspicious tooling, and route events into AppSec, support, fraud or release review processes. An AI-assisted layer organizes threat signals, policy decisions, version context and reviewer notes into clearer evidence for internal approvals.
Brown said the funding will support product execution, release workflow integrations and expansion across sectors where a mobile app is now a business-critical surface. Those include banking, fintech, healthcare, retail, marketplaces, media, subscriptions, gaming and enterprise apps.
Brown said in a prepared press-style statement, "The mobile build is no longer the finish line for security; teams need defenses that live on real devices, in production sessions, and inside release workflows."
The seed round gives RiskFront Lab room to build around a category that sits between traditional app security testing and live fraud or security operations. Instead of only finding issues before launch, the company is positioning itself as a protection and evidence layer for mobile apps once the package is ready to ship.
