Tracebit secures £15m series A to shorten breach detection with security canaries
This article covers Tracebit, a cybersecurity startup, which has raised £15.03m ($20m) in a series A funding round to accelerate product development and expand customer support from the UK to a New York office. The funding aims to speed its product roadmap and hiring to bolster intrusion-detection tooling that supports SecOps teams and developer-heavy enterprises amid a shift towards AI-assisted threats.
Tracebit, a cybersecurity startup, has raised £15.03m ($20m) in a series A funding round to accelerate product development and expand customer support from the UK to a new New York office. The raise matters because Tracebit's canary-based intrusion-detection approach is pitched as a rapid-response tool at a moment when AI-assisted attackers are reshaping the threat landscape and stretching SecOps teams.
Why it matters
The round highlights growing investor interest in tooling that shortens the detection window for intruders. Tracebit argues that for intrusion detection the difference between months and seconds is not incremental; it can be the difference between containment and a major breach. As defenders adopt more automated tooling, startups that make detection faster and easier to manage are being pulled forward by demand from large engineering-led customers.
Inside the product
Tracebit deploys "security canaries"—decoys and deceptive artefacts designed to trigger alerts when an attacker has bypassed perimeter defences. Since launching, the company says it has deployed millions of canaries at customers including Riot Games, Snyk, Docker and Synthesia. Riot Games is a major game developer; Snyk and Docker are developer-focused security and container platforms; Synthesia is an AI video company—together they signal traction with developer-heavy enterprises.
Following a 2024 seed round, Tracebit expanded beyond AWS to support Azure, Kubernetes, CI/CD pipelines, developer workstations and identity providers. The company also launched a Community Edition to lower the barrier to entry for teams wanting to try deception tooling. Today it is announcing new products: Perimeter Canaries, Deceptive Artifacts and GCP Support, and says it will hire across engineering and commercial teams in London and New York.
Who are the investors?
The series A was led by FirstMark and joined by Accel, MMC Ventures, Tapestry VC and CCL, with continued backing from existing angel investors. The round brings Tracebit’s total funding to about £18.8m ($25m) including the 2024 seed.
Investors are backing a product that combines enterprise integrations and broad customer deployment with a low-friction Community Edition, giving it multiple paths to adoption across cloud-native and developer environments. The line-up mixes established venture names and specialist backers, reflecting both US and UK investor appetite for defensive cybersecurity tooling as AI-driven threats rise.
If you're researching potential backers in this space:
- Explore our list of cyber security venture capital firms in the UK
- Browse our directory of cyber security angel investors in the UK
Founder perspective
In the announcement, Tracebit's co-founder said:
Sam and I started Tracebit 3 years ago, with the belief that “assume breach” is only going to become more critical; and that deploying canaries that force attackers to reveal themselves the moment they're inside, is a necessary part of the security stack.
In the announcement, Tracebit's co-founder said:
Our goal was to develop an enterprise platform that simplifies the deployment and management of security canaries for over-stretched SecOps teams. Because, for intrusion detection, the difference between months and seconds isn't incremental - it's the difference between catastrophe and containment.
The founders also note that generative AI has shifted both attacker and defender tooling, and that the new funds will be used to accelerate product roadmaps and customer support as the company scales geographically.
The bigger picture
Tracebit’s series A comes at a time when cybersecurity startups are finding receptive investors for tooling that reduces dwell time and integrates with developer workflows. The mix of US and UK investment here, plus a physical presence in New York, underlines the transatlantic nature of late-seed and series A rounds for enterprise security companies.
For the UK and wider European ecosystem, the deal is another signal that startups focusing on rapid detection and developer-friendly security can attract meaningful capital, especially where product traction with large engineering teams is demonstrable.
They've invested in Tracebit
Get to know these cyber security investors
Click here for a full list of 7,526+ startup investors in the UK