---
title: "Dawnguard Bets on Security by Design: Can Dutch-Led Cybersecurity Fix IT’s Flaw at the Root?"
description: Dawnguard’s design-first cybersecurity approach blends AI and automation to cut breach costs and build resilience into cloud architecture from day one
author: Darie Nani (Editor-in-Chief)
date: 2025-07-31T08:15:58.000Z
updated: 2026-07-01T09:02:41.864Z
canonical: https://www.sovereignmagazine.com/article/dawnguard-bets-on-security-by-design-can-dutch-led-cybersecurity-fix-it-s-flaw-at-the-root
image: https://cdn.nanimediahouse.com/LinkedIn-Launch-image.jpeg
categories: Artificial Intelligence
content_type: Spotlight
region: Amsterdam
publication: Sovereign Magazine
about:
  - type: Organization
    name: Dawnguard
    description: "Dawnguard’s mission is to redefine cybersecurity with a platform that enables true shift-left security , from day zero to day 10,000. For more information please visit https://dawnguard.ai/"
    url: https://dawnguard.ai/
---

Your IT team spends Monday patching last week’s vulnerability, Tuesday responding to a security alert, Wednesday updating configurations that should have been secure from day one. By Friday, they’re back to patching. Sound familiar? This endless cycle of reactive security work costs businesses far more than the headline-grabbing breach figures suggest.

![kim](https://cdn.nanimediahouse.com/kim.jpeg)

![Portrait Mahdi Abdulrazak 1024x683](https://cdn.nanimediahouse.com/Portrait_Mahdi-Abdulrazak-1024x683.jpg)

While global [data breach costs](https://www.infosecurity-magazine.com/news/data-breach-costs-fall/) hit $4.44 million on average this year, organisations using proactive AI and automation throughout their security operations saved $1.9 million in breach costs and cut response time by 80 days. Yet most companies still treat security as something bolted on after the fact, not built in from the start.

Dawnguard, a Dutch-led cybersecurity firm thinks it’s found a better way. The Amsterdam-based startup, led by veterans from IBM, Microsoft and Amazon, has just raised $3 million to tackle what CEO Mahdi Abdulrazak calls a fundamental industry problem: ‘Our industry treats security as a checkbox. It’s broken.’

## The Real Cost of Security as an Afterthought

The firefighting approach to cybersecurity isn’t just exhausting for IT teams – it’s expensive and increasingly dangerous. Over half of security incidents stem from unpatched vulnerabilities, according to [industry research](https://www.securityjournal.com/post/proactive-vs.-reactive-why-waiting-for-a-breach-to-invest-in-secure-coding-training-is-a-costly-mistake), while reactive security measures that address vulnerabilities piecemeal lead to higher cumulative costs than building protection in from the start.

The problem has become more urgent as [AI-powered attacks](https://www.sovereignmagazine.com/article/google-s-defence-architects-launch-aegisai-ai-native-email-security-as-phishing-attacks-quadr) accelerate. Cybersecurity researchers now document cases where [zero-day exploits are weaponised within minutes](https://blog.google/technology/safety-security/cybersecurity-updates-summer-2025/) of disclosure, with AI helping attackers rapidly discover vulnerabilities and create adaptive malware that evades [traditional AI cybersecurity defences](https://www.sovereignmagazine.com/article/what-ai-cybersecurity-really-looks-like-on-the-ground-for-us-businesses).

‘Hundreds of security tools overwhelm CISOs with promises of better detection, yet few tackle the root issue: design flaws in code that [AI-driven threats exploit](https://www.sovereignmagazine.com/article/uk-warns-of-ai-advancements-threatening-global-cybersecurity-systems),’ says Chris Corbishley, Managing Partner at 9900 Capital, which led Dawnguard’s funding round. ‘As attacks grow smarter, defences must shift left – embedding resilience at the codebase.’

## How Dawnguard Actually Works

Rather than adding another security scanner to an already crowded field, Dawnguard takes a different approach. The platform helps teams validate [cloud infrastructure designs](https://www.sovereignmagazine.com/article/mantas-is-turning-cloud-outages-into-an-insurable-financial-risk) before deployment, automatically generates production-ready Infrastructure as Code from validated designs, and continuously enforces security posture after deployment to prevent configuration drift.

The key difference, according to CTO Kim van Lavieren, is collaboration rather than bureaucracy: ‘We’re giving teams the power to [translate security intent into enforceable code](https://www.sovereignmagazine.com/article/tech-firms-get-a-straightforward-solution-for-complex-risks-seedpod-cyber-s-combined-e-o-and-) so they don’t have to rely on spreadsheets, static docs, or guesswork.’ The platform provides what the company calls a ‘shared canvas’ for engineering and security teams to work together on secure, compliant architecture that balances cost, resilience and sustainability.

This matters because traditional security approaches often create friction between development and security teams. Dawnguard’s method embeds security directly into system architecture from day zero through what it calls [day 10,000](https://www.sovereignmagazine.com/article/how-a-seven-year-old-startup-just-landed-a-1-1b-defense-contract-that-could-reshape-military-) – essentially the entire lifecycle of a system.

## Why This Approach Matters Now

The timing isn’t coincidental. As AI changes both attack methods and development practices, the window for addressing security flaws continues shrinking. Recent IBM data shows that 13% of organisations reported security incidents involving AI models or applications this year, with 31% of those incidents leading to operational disruption and sensitive data access.

The rise of [AI-generated code](https://www.sovereignmagazine.com/article/enterprise-security-goes-mainstream-how-one-firm-is-making-advanced-cybersecurity-accessible-) adds another layer of complexity. While developers increasingly rely on AI coding assistants, these tools can introduce vulnerabilities that traditional security reviews might miss. Dawnguard’s approach of validating architecture at the design stage aims to catch these issues before they become production problems.

Companies are also grappling with how to manage AI systems once deployed. [AI trust platforms](https://www.sovereignmagazine.com/article/bigeye-bets-on-ai-trust-platforms-as-mohamed-k-alimi-joins-to-build-agent-oversight-tools) are emerging to help with oversight, but the fundamental issue remains: [security needs to be built in](https://www.sovereignmagazine.com/article/businesses-should-be-paying-attention-to-ai-powered-social-engineering), not bolted on.

## The Dutch Connection

Dawnguard’s Amsterdam base puts it at the heart of Europe’s growing cybersecurity sector. The [Netherlands cybersecurity market](https://www.mordorintelligence.com/industry-reports/netherlands-cybersecurity-market) is valued at approximately $2.15 billion this year and expected to reach $3.55 billion by 2030, with Amsterdam housing one-third of Europe’s data centres.

The Dutch government has backed this growth with significant funding. In October 2024, the defence sector launched [SecFund](https://securitydelta.nl/news/overview/defense-invests-100-million-in-secfund-to-increase-innovative-power-of-dutch-startups), a €100 million investment fund providing early-stage financing up to €5 million per company for Dutch cybersecurity startups.

Dawnguard’s investor roster reflects these local connections. Dimitri van Zantvliet, CISO at Dutch Railways and Chair of the Dutch CISO Community, serves as both investor and advisor. ‘Dawnguard isn’t just building tech – they’re rewriting the DNA of cybersecurity,’ he says. ‘In a world addicted to patching symptoms, they’ve chosen to re-engineer the root.’

## What Comes Next

[The company plans to expand its platform](https://www.sovereignmagazine.com/article/dawnguard-opens-platform-new-york-office) to support more varied environments and address what Abdulrazak calls the security gap between [‘vibe coding’ – his term for rapid AI-assisted development – and the infrastructure where these applications run.](https://www.sovereignmagazine.com/article/how-a-seven-year-old-startup-just-landed-a-1-1b-defense-contract-that-could-reshape-military-)

‘With software moving faster than ever, security can’t be stuck in the past,’ Abdulrazak says. [We’re creating the platform that makes secure architecture not just possible, but inevitable.](https://www.sovereignmagazine.com/article/scalekit-raises-5-5m-as-authentication-systems-fail-ai-agent-test)’

For business leaders, the practical takeaway is straightforward: if design-first security becomes a market requirement – and the funding patterns suggest it might – suppliers and partners will need to adapt sooner rather than later. The companies that figure out how to [build security in rather than bolt it on](https://www.sovereignmagazine.com/article/kaizen-raises-21m-to-challenge-gov-tech-incumbents-as-federal-spending-opens-up) will likely have significant advantages in both cost and resilience.

The question isn’t whether the current model of security firefighting is sustainable – the costs and AI-accelerated threats make clear it isn’t. [The question is whether approaches like Dawnguard’s can deliver on their promise to fix the problem at its source rather than just managing the symptoms.](https://www.sovereignmagazine.com/article/why-firms-are-treating-cyber-attacks-like-crimes-newsky-security-s-take-on-digital-investigat)

**About Dawnguard**

Dawnguard’s mission is to redefine cybersecurity with a platform that enables true shift-left security , from day zero to day 10,000. For more information please visit https://dawnguard.ai/

[Website](https://dawnguard.ai/)
