Flare Secures $30 M to Accelerate Exposure Management for Identity and Threat Risks

What happened

Flare, a Montreal‑based threat exposure management (TEM) platform founded in 2017, announced it has raised US$30 million in a funding round (a US$15 million Series B extension led by Inovia Capital along with support from Base10 Partners and White Star Capital, plus US$15 million in debt financing from BMO) bringing the company’s total funding close to US$70 million.

Flare states that it will utilize the new capital to enhance its “Identity Exposure Management” (IEM) capabilities, which were launched just weeks ago, and to pursue strategic acquisitions.

According to Flare’s CEO Norman Menz, the company believes several external cybersecurity disciplines (threat intelligence, digital risk protection, exposure validation) are converging under the broader TEM umbrella.

Who is affected

• Organisations managing digital identities and exposed credentials will be the key beneficiaries of Flare’s enhanced IEM capabilities, which integrate with platforms like Entra ID and scan dark web and stealer log exposures.
• CISOs and risk and security teams at mid- to large-enterprises, especially those with substantial identity estates or exposure footprints, will want to monitor how TEM tools evolve.
• Vendors in the TEM, threat intelligence, and identity‑exposure markets likewise see potential shifts in competitive positioning and solution capabilities.

Why CISOs should care

• The funding increase signals strong investor confidence in TEM and identity exposure management as strategic areas of cybersecurity. That suggests that identity-centric exposure risk is increasing in boardroom and security portfolio priorities.
• Flare’s move indicates that the market is moving beyond simply detecting threats to measuring and managing exposure (identities, credentials, dark‑web footprints) with more context and automation. For CISOs, this means that your exposure map is as important as your threat map.
• If your organisation under‑invests or delays visibility into identity exposure or dark‑web leaks, you risk being reactive rather than proactive. By tracking vendors such as Flare, you stay informed about emerging tools that can be integrated into your broader security architecture.
• With identity risks and ransomware/data breach vectors increasingly driven by the exposure and misuse of credentials, having TEM/IEM capabilities is becoming part of the baseline for mature security and risk management programs.

3 Practical actions

1. Audit your identity exposure landscape: Start by assessing the number of identities, credentials, and access points (on-premises, cloud, and third-party) you have. Then benchmark whether you (or your tool suite) can scan for leaked credentials, dark‑web logs, and stealer dumps. If not, build a gap list and prioritize remediation.
2. Integrate exposure visibility into your risk-management framework: Ensure that identity-exposure insights are fed into your enterprise risk dashboard, alongside threat intelligence, vulnerability status, and business-critical asset exposure. For example, link dark-web credential findings to business-unit access and potential impact.
3. Evaluate TEM/IEM vendors with an eye to acquisition, integration, and roadmap: Since vendors like Flare are positioning themselves for M&A and capability expansion, CISOs should identify which tools support identity-exposure workflows, are cloud-native, and align with their operations. Build pilot projects before broader roll‑outs to avoid getting locked into legacy‑style implementations.