EC-Council, a provider of cybersecurity education and creator of the Certified Ethical Hacker (CEH) credential, has confirmed a $20 million-plus investment in FireCompass, an AI-powered offensive security platform. This move is part of EC-Council’s $100 million Cybersecurity Innovation Commitment, created to accelerate the development of cybersecurity innovation.
FireCompass integrates six key capabilities into one unified platform: Attack Surface Management, Continuous Threat Exposure Management, (CTEM), Network and Application Pen Testing, Red Teaming, and Penetration Testing as a Service (PTaaS). Recognized by Gartner, Forrester, and GigaOm, FireCompass’ patented Agentic AI foundation enables real-world adversary emulation by chaining vulnerabilities, moving laterally, and validating risks continuously at machine scale, with near-zero false positives.
Cybercrime is projected to surpass $10.5 trillion annually in 2025, according to the White House’s AI Action Plan. Attackers are already leveraging artificial intelligence to outpace human defenders, creating an urgent need for equally intelligent, automated defences.
“With this investment, EC-Council is not only contributing significant capital but will also invest in growth opportunities, research collaborations, and provide access to our vast global ecosystem,” said Jay Bavisi, group president of EC-Council. “This is about building the future of cybersecurity by combining the power of AI technology with the scale of the world’s most trusted cybersecurity education platform.”
FireCompass has uncovered more than 2.5 million real attack paths and exploitable vulnerabilities, and reduced remediation times by an average of 40% for its customers. The platform also validates exposure within 24 hours of CVE disclosure and aligning multi-stage attack emulations to the MITRE ATT&CK framework.
“The AI race in cybersecurity isn’t coming; it’s here. Attackers are already using AI to move faster than human defenders can respond,” said Bikash Barai, co-founder and CEO of FireCompass. “Our AI-driven platform thinks and acts like a real attacker chaining vulnerabilities, moving laterally, and validating risks continuously at machine scale. It outpaces humans by orders of magnitude. This investment from EC-Council not only accelerates our innovation but also connects us to the strength of their global ecosystem, an incredible boost as we scale worldwide.”
FireCompass is expanding rapidly into finance, healthcare, telecom, and government.
The investment also strengthens EC-Council Global Services by integrating FireCompass Agentic AI into offerings like Automated Pen Testing, Red Teaming, and CTEM. This delivers continuous adversarial emulation and executive-level threat intelligence to help organizations stay prepared for tomorrow’s most sophisticated attacks.
