Young "Bug Bounty Hunter" Bags $6M Pre-Seed Round for Security Startup

Bug bounty hunting has evolved from a niche side‑gig into a credible pathway for building cybersecurity expertise. Roni Carta’s track record—earning close to $800,000 from Google, Amazon and other giants—demonstrates how real‑world vulnerability discovery can be monetized and leveraged into a commercial venture. By channeling his hands‑on experience into Lupin & Holmes, Carta bridges the gap between independent security research and enterprise‑grade protection, offering investors a founder with proven technical chops and market credibility.

Enterprises increasingly recognize that traditional perimeter defenses miss the complex, layered codebases that modern applications rely on. Lupin & Holmes’ Depi platform tackles this gap by visualizing upstream attack paths, allowing security teams to anticipate and neutralize threats before they surface. This proactive stance aligns with a broader industry shift toward continuous, risk‑based security orchestration, where identifying weak links early can save millions in breach remediation costs. Early adoption by Fortune 500 firms such as Ledger underscores the platform’s relevance in high‑stakes environments.

The $5.9 million pre‑seed round, led by seasoned micro‑VCs and tech founders, reflects a growing appetite for security startups that embed hacker culture into product DNA. With capital earmarked for research—dubbed “hack the planet”—and a modest team expansion, Lupin & Holmes is positioned to accelerate feature development and broaden its client base. As regulatory pressures mount and cyber‑risk budgets swell, the company’s upstream approach could become a benchmark for next‑generation threat intelligence, offering investors a timely foothold in the expanding cyber‑defense market.