RegScale, a leader in Continuous Controls Monitoring (CCM), announced on July 22, 2025, that it has tripled its Annual Recurring Revenue (ARR) in the past year, achieved FedRAMP High Authorization, and expanded its footprint across U.S. federal agencies and global enterprises. This milestone, supported by strategic hires and partnerships, positions RegScale as a frontrunner in automating compliance for highly regulated sectors.
ARR Growth: Tripled in the last year, reflecting strong market demand.
FedRAMP High: Achieved in six months, 3x faster than the 18-24 month average.
Federal Clients: Expanded to Department of Energy, Navy, and U.S. Marine Corps.
Commercial Expansion: New markets in Canada and Europe.
Leadership Hires: Added CTO Devon Goforth, VP Rich Shirley, AVP Meghan Shafer, and CISO Dale Hoak.
Industry Recognition: Named Best Compliance Solution by SC Media 2024, among other awards.
RegScale secured FedRAMP High Authorization on June 26, 2025, with sponsorship from the U.S. Department of Homeland Security (DHS), enabling it to support the federal government’s most sensitive systems. Using its AI-powered RegML engine, RegScale completed the 410 required controls in two weeks with three employees and 90 hours, achieving 95% less effort and 50% cost savings compared to the industry average. This aligns with the FedRAMP 20x initiative, which emphasizes automation and real-time monitoring to streamline compliance.
“Most companies our size don’t even attempt to pursue FedRAMP Moderate, let alone achieve FedRAMP High,” said Travis Howerton, CEO of RegScale. “We set out to prove that risk and compliance can be real-time, cost-effective, and scalable, without sacrificing security.”
RegScale’s growth is driven by adoption across federal agencies like the Department of Energy and U.S. Marine Corps, and commercial expansion into Canada and Europe. To support this, RegScale appointed Devon Goforth as CTO, Rich Shirley as VP of Strategic Partnerships, Meghan Shafer as AVP of Sales, and promoted Dale Hoak to CISO. Strategic advisors Roland Cloutier (ex-EMC/ADP) and Alex Tosheff (ex-VMware) joined to guide expansion in regulated industries.
RegScale leads in compliance standards as the lead affiliate for the Cyber Risk Institute’s OSCAL initiative and a founding member of the OSCAL Foundation, standardizing machine-readable compliance content. Its platform integrates with over 400 tools, including Microsoft Defender for Cloud and AWS Security Hub, and supports OSCAL, OCSF, and SBOM for real-time workflows. The 2025 State of CCM Report highlights demand for automation to reduce audit fatigue and compliance costs, with customers achieving up to 90% faster certifications and 60% less audit prep effort.
“Our conviction in RegScale has only deepened,” said Yanev Suissa of SineWave Ventures. “They’re executing against a massive market opportunity with speed and precision.”
The federal IT market, projected to reach $60.1 billion in 2024, is driven by cloud and cybersecurity needs, fueled by FedRAMP’s restructure and Executive Order 14028. RegScale’s CCM platform, recognized by SC Media and Cybersecurity Breakthrough Awards, addresses these demands by automating governance, risk, and compliance (GRC) processes, reducing costs, and enhancing risk management. The company is also pursuing DoD IL5 approval to enable broader Department of Defense adoption.
RegScale's Continuous Controls Monitoring (CCM) platform streamlines GRC by bridging security, risk, and compliance with AI-driven automation. It reduces costs, accelerates certifications, and integrates compliance into DevSecOps pipelines. Customers achieve up to 90% faster certifications and 60% less audit prep effort, enhancing risk management and improving ROI. Recognized as Best Compliance Solution by SC Awards, RegScale leads in transforming GRC efficiency.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.