Oplane Raises €4.5M to Automate Threat Modeling for AI-Generated Code

The team currently counts 8 people and is actively hiring .

An agentic threat-modeling platform for the AI era

Oplane's core thesis is direct: AI coding assistants like Claude Code, Cursor, and GitHub Copilot are optimized for speed and task completion, not for holistic security. The resulting code can inadvertently introduce architectural vulnerabilities that traditional static analysis tools miss .

To counter this, Oplane runs continuously in the background, mapping the architecture of an entire codebase, surfacing system-level security requirements, and delivering contextual remediations inside the tools developers already use—IDEs via the Model Context Protocol (MCP), pull requests on GitHub or GitLab, and Slack .

The platform is described as agentic because it doesn't simply run a periodic scan. Instead, it analyzes every code change as it happens, refining its understanding of the system's architecture with each iteration . The product page details a multi-pass LLM analysis that takes plain-language project descriptions and repository architecture as input, asks follow-up questions, and generates precise, actionable security requirements in roughly 10 minutes .

"AI coding tools are optimized to solve the immediate problem in front of them – not for security… It needs to be addressed with agentic solutions, tightly embedded with an organization's development workflow." — Emil Kvarnhammar, CEO

Traction with Miro and Tandem Health

The company already has tangible traction with early enterprise customers. Oplane is deployed in production at Miro, the visual collaboration platform, and Tandem Health, a healthcare technology company. At both, adoption has scaled from a handful of repositories to several hundred, generating thousands of threat models within months of deployment .

Oplane further confirms that additional pilots are active with more customer announcements expected soon .

How the funding will be spent

With the new capital, Oplane plans to pursue three immediate priorities :

1. Expand commercial operations across Europe. The company aims to build out its sales, marketing, and customer-facing functions to capture growing demand for AI-aware security tooling.
2. Deepen integrations with AI coding tools, specifically Claude Code, Cursor, and GitHub Copilot. Tight embedding into these fast-growing ecosystems is central to the product strategy.
3. Grow the team across four functions: engineering, cybersecurity, quality assurance, and go-to-market. The hiring push will support both product development and the European expansion.

As AI-generated code becomes standard practice inside engineering teams, Oplane's funding round signals that investors are betting the security layer cannot be an afterthought. The company's approach—continuous, embedded, and agentic—positions it to become a critical part of the modern development pipeline.