What happened
MoEngage, a customer engagement SaaS startup, has raised an additional $180 million as part of its ongoing Series F funding round, bringing the total capital raised in the round to $280 million. The extended financing was led by ChrysCapital and Singapore’s Dragon Fund, with participation from Schroders Capital and existing investors TR Capital and B Capital. The company’s post‑money valuation is around $850 million. A portion of the latest funding included employee liquidity and secondary share sales, allowing early backers and employees to realise some gains. 
Who is affected
MoEngage itself will be directly affected as the capital is earmarked to grow its global footprint, enhance its AI‑driven products, and pursue strategic acquisitions. Its enterprise B2C customers across sectors such as retail, fintech, media, and telecom, including brands like Swiggy, Ola, Mamaearth and Policybazaar, may benefit from expanded platform capabilities. Investors and employees also benefit from secondary liquidity events enabled by the round. 
Why CISOs should care
While MoEngage is primarily a marketing engagement platform, its expanded use of AI and broader adoption by enterprises mean security leaders need visibility into how customer engagement data is managed and protected. Growth and integrations raise potential attack surfaces, especially when consolidating customer data and workflows. CISOs should track how SaaS vendors like MoEngage secure data, comply with privacy regulations, and manage risk as they scale internationally. 
3 practical actions:
- Review Vendor Security Posture: Assess MoEngage’s security documentation, certifications (e.g., SOC 2, ISO 27001), and third‑party audit results before expanding usage within your organisation.
- Data Governance Evaluation: Ensure customer data flows into MoEngage are classified, encrypted in transit and at rest, and adhere to your data residency and privacy standards.
- Monitor Integration Risks: Evaluate APIs and integrations with other enterprise systems for security hardening, and enforce least‑privilege access and robust authentication controls where possible.