TrustInSoft raises $1.2M from Idinvest Partners

Print: english, français.

TrustInSoft raises $1.2M from Idinvest Partners to change the rules in software development and automate code vulnerability detection at a wide scale.
TrustInSoft is the first company to offer developers a guarantee on the quality of their code, a significant breakthrough for the software industry. After 10 years of R&D at CEA, the National Research Center in France, TrustInSoft has successfully applied its technology in critical applications for industry and detected crucial source code vulnerabilities. The company is now preparing the release of a SaaS version of its TrustInSoft Analyzer for commercial applications, making this powerful tool available to any software developer and enabling code vulnerability detection and remediation at a very large scale.

San Francisco, March 09th 2017 – A spin-off from the CEA (French Atomic Energy Commission), a widely acknowledged French research lab for industrial applications, nuclear energy and security, TrustInSoft has developed a novel technology capable of mathematically demonstrating the safety and security a software code.
The company, which was ranked among the top 10 most innovative companies at the RSA Conference in 2015, has been widely recognized in the United States and in Europe for its unique technology. TrustInSoft is one of few companies selected by the Linux Foundation for the protection of its open source software stack, and the only company recognized by NIST (The US National Institute of Standards and Technology) as capable of truly guaranteeing the quality of a software. TrustInSoft has already achieved strong commercial traction in the US, where it captures over 50% of its revenues.
“Our objective is to provide software developers the tools that guarantee the quality of the software they have developed” says Fabrice Derepas, the CEO of TrustInSoft. “With this capital raise, we are going empower software developers with a game-changing technology that will enable them to guarantee the safety and security of their software from inception.”
TrustInSoft’s team is composed of distinguished mathematicians who started working together in 2006 at CEA to lower the cost of software certification. Their technology proved its efficiency in critical applications for key industries such as defense, aerospace and nuclear power. In 2013, the team set up a company to expand into new commercial markets such as mobile, telco infrastructure, automotive.

With this fundraising, TrustInSoft aims to make its technology available to wider audience of code developers around the world. The company will benefit from the support of Idinvest’s industrial sponsor, EDF in particular. The technology will soon available online in SaaS: it will allow developers to detect vulnerabilities in code they have already written, or check real-time that software under development is immune to attacks, a particularly valuable asset for the Internet of Things and in mobile.

TrustInSoft’s technology platform has game-changing potential for new markets such cyber insurance and or technology certification, whether by national regulators or private industry.

Julien Mialaret, Operating Partner at Idinvest Partners – the French venture capital firm which has supported technology companies such as Criteo and Talend in the U.S. until their IPOs on Nasdaq – comments on the firm’s first investment in cybersecurity: “we were really impressed by the disruptive potential of the technology, as were our industrial sponsors. The founders of TrustinSoft have tremendous scientific backgrounds and the company solves a crucial problem for the software industry: developers willingly or not, often overlook code vulnerabilities or sacrifice the quality and security of their code to accelerate the time to market of products and applications. Their clients often get caught up later by attacks that cause irreversible damages to their reputation”.

About TrustInSoft:
TrustInSoft, a software company based in Paris, France provides source code analysis which mathematically guarantees that source code is immune to all known family of vulnerabilities and attacks. With clients distributed in the United States and Europe, TrustInSoft is transforming the software market by providing insurance on the reliability and security of software products. TrustInSoft clients have successfully used the software for critical applications (defense, aviation, nuclear power) and the software’s is gaining commercial traction is wider range of sectors where rapid digitalization is a key factor for success.

Media contact TrustInSoft :
Fabrice Derepas
222 Cour avenue du Maine
75014 Paris, France
06 51 70 36 77

About IdInvest Partners

Idinvest Partners, with assets under management of over €7 billion, is the largest venture capital investor in continental Europe and one of the most active investors in the European mid-market segment. Idinvest has supported over 160 high-tech companies to date and has specific expertise in information technologies (internet/media, software and telecommunications), new energy and environmental technologies, mobility and healthcare (biopharmaceuticals, diagnostics and medical instruments). Idinvest Partners benefits from the support of blue chip corporates such as EDF, PSA and Allianz who are investors in several funds managed independently by Idinvest (Electranova Capital II, Digital Fund II). These funds leverage the business partnerships, technical collaboration and sales references provided by corporate sponsors.

Media Contact Idinvest:

Idinvest Partners Steele & Holt
Marie-Claire Martin Claire Guermond
Directrice de communication Consultante
06 85 52 52 49 06 31 92 22 82

Prove&Run and TrustInSoft Extend their Partnership in SoftwareSecurity


Paris, France – March 6th, 2017 – With the advent of the IoT and the growing number of sophisticated cyber-attacks on connected systems, customers need to raise the quality and robustness of their software projects so as to get as close to possible to zero-defects.

To further their existing partnership on tools and services, Prove & Run and TrustInSoft have decided to extend their partnership: TrustInSoft will promote ProvenCore, Prove & Run’s ultra-secure OS, to their customers looking for a platform to run security-critical applications while Prove & Run will promote using TrustInSoft Analyzer for verifying security applications running on top of ProvenCore.

“The security properties of ProvenCore have been formally proven, down to generated code,” explains Fabrice Derepas, TrustInSoft’s CEO. “This creates the best security foundation for highly secure applications.”

“With TrustInSoft Analyzer, the security applications running on top of ProvenCore can be brought to the highest level of confidence in the most cost-effective manner“ concludes Dominique Bolignano, President and Founder of Prove & Run.

About Prove & Run

Prove & Run’s mission is to help its customers resolve the security challenges linked to the large-scale deployment of connected devices and of the Internet of Things by providing cost effective off-the-shelf software solutions that dramatically improve the level of security of connected systems so as to protect them against remote cyber-attacks. Further information can be found at

About TrustInSoft

TrustInSoft’s mission is to empower its customers to guarantee the quality of critical software assets. Its advanced source code analyzer provides mathematical guarantees and can be used efficiently on existing legacy, proprietary or open source software applications. Further information can be found at

Prove & Run and TrustInSoft join forces to increase software security

pdf version


Software is getting increasingly entwined with our daily lives, whether through our mobile devices (smartphones, tablets, laptops), Cloud services, or the Internet of Things. At the same time, industrial applications that used to be independent are increasingly connected to other systems. Our increasing reliance on software, whether in industrial or personal settings, is paralleled by an increasing exposure to security issues that can have severe consequences.

Together, Prove & Run and TrustInSoft aim to raise the quality and security of software development projects to the very high levels required in today’s markets while taking into account real-world constraints such as time-to-market, cost and required skill levels. To this avail, Prove & Run and TrustInSoftwill market a shared offering, including tools and services, to address the security needs of complete software stacks, from the most sensitive and exposed low level components that support the security of the whole device (microkernels, hypervisors, bootloaders) to the higher-level functions (applications and libraries), with adequate solutions for both new and existing components.

Prove & Run and TrustInSoft have strong roots in the academic community and are focused on industrializing technical approaches developed over decades of research in the field of formal methods by INRIA, the CEA and public universities. This new offering combines the strengths of both technical approaches in order to better serve our customers” said Dominique Bolignano, Prove & Run’s CEO.

Prove & Run and TrustInSoft share a common approach to software security. This approach is based on ground-breaking technologies to help their customers deliver perfect zero-default products. The partnership between the two companies enables us to assess the security of a complete software system, ranging from low-level to high-level software containing open source, legacy and custom elements” said Fabrice Derepas, TrustInSoft’s CEO.

About Prove & Run

Prove & Run produces the ProvenTools, a complete software development toolchain that enables a software engineer to build formal models of software components and then gradually refine these models into implementation-level models, while maintaining perfect coherence between each level. This approach allows to get as close as possible to zero-bug software. The ProvenTools are forged to deal with the most sensitive software components (OS kernels, hypervisors, lifecycle managers, secure bootloaders, etc.) and to meet the highest security requirements (CC EAL7 and beyond). Prove & Run licenses the ProvenTools as well as off-the-shelf software components built with them. This offering is complemented by a comprehensive set of consulting services to help its customers to create highly secure software components.

About TrustInSoft

TrustInSoft produces the TrustInSoft Analyzer, an advanced static source code analyzer, based on the open source Frama-C platform. The TrustInSoft Analyzer enables software developers and integrators to exhaustively detect the most frequent and dangerous families of threats: this unique feature has been recognized by NIST and guarantees that TrustInSoft customers’ products do not contain hidden technical zero-days. TrustInSoft offers professional services and expertise to audit safety- and security-critical existing software components without disrupting their existing development processes. TrustInSoft licenses the TrustInSoft Analyzer and sells source code formal verification services. TrustInSoft also licenses ready-made formal verification reports for major Open Source components: these reports bring guarantees about the security and reliability of the software stacks and are instantly useful to all software engineers relying on these components. The first available report guarantees that the PolarSSL stack is immune to all forthcoming Heartbleed-like zero-days.

For more information, please contact TrustInSoft ( and Prove & Run (

© Prove & Run S.A.S. & TrustInSoft S.A.

pdf version

TrustInSoft joins HexaTrust


TrustInSoft now joins HexaTrust . The HexaTrust club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity and digital trust.

TrustInSoft unique value proposal is the ability to provide guarantees on safety and security of the software. Joining HexaTrust now leverages this value proposal in a more integrated offer, reaches more customers.

Welcome Anne!

TrustInSoft is proud to welcome Anne Pacalet! Anne will contribute to develop TrustInSoft’s distinctive value proposal: the ability to deliver guarantees on the absence of the most common security flaws in software.


Anne Pacalet

Anne is an expert in cutting edge formal methods. She has been a key designer of innovative validation tools. She was involved in the design of both Caveat and Frama-C platforms. Anne also developed the capacity to master these technologies to deliver efficient validation results on industrial software.