Bug Bounty Switzerland raises CHF 12 million to scale intelligent security testing internationally

The Series A financing round positions Bug Bounty Switzerland to expand its AI-driven Cyber Resilience Shield internationally, as artificial intelligence reshapes enterprise cybersecurity threats and opportunities.

by Isaak Mtizwa, Published on 29. April 2026 5 min Reading time

Zurich, April 29, 2026 – Bug Bounty Switzerland, the Swiss pioneer in ethical hacking, intelligent security testing, and the service-as-software model, announced today the closing of a CHF 12 million Series A round led by Direttissima Growth Partners with equal participation from Deutsche Beteiligungs AG (DBAG).

Direttissima, a European growth equity firm based in Zurich and Munich, brings hands‑on scale‑up experience across B2B technology and a network of operator‑investors. DBAG, listed since 1985, invests through its Long‑Term Investment strategy — balance‑sheet capital without fund‑structure holding‑period constraints — enabling a genuinely long‑term partnership. The investment represents a minority stake and is part of a capital increase.

The founding team continues to hold the majority of the shares and plays a key role in shaping the company’s strategic direction. With this investment, Philipp Bolliger, Partner at Direttissima, will join the board of directors of Bug Bounty Switzerland.

Bootstrapped, profitable, and trusted where it matters most

This financing marks Bug Bounty Switzerland’s next phase, transitioning from a bootstrapped founder team to a category-defining European scale-up, and a step toward making continuous, intelligent security testing a plug-and-play reality for enterprises worldwide. The funding will support international expansion, the transition from AI‑assisted to increasingly autonomous orchestration of security tests, and team growth.

Founded in 2020, Bug Bounty Switzerland has its roots in the first bug bounty programs in Switzerland, dating back to 2015. It has been self‑financed throughout, profitable, and trusted by over 50 enterprise customers: financial institutions, global consumer brands, critical‑infrastructure operators, and public‑sector bodies including the Swiss National Cyber Security Center (NCSC). This track record has translated into something much more valuable than a client list: a working understanding of how enterprise security testing must be conducted, which is captured in the platform, the codified playbooks, and the context carried from one engagement to the next.

A different approach to security testing: outcome, not tools

Enterprises run in permanent change. Cloud, SaaS, APIs, and AI‑assisted development ship code faster than any pentest cycle can chase — and every test is only as good as its scoping. At the same time, attackers use AI to find, weaponize, and deliver exploits at unprecedented speed and volume. Against that backdrop, point-in-time testing becomes structurally insufficient, and continuous, intelligent, outcome-based testing becomes a necessity. The market’s answer has been consulting‑heavy and fragmented across point tools, exactly as new European regulation pushes enterprises toward continuous, scenario‑based testing.

Bug Bounty Switzerland takes a different approach. Rather than selling tools and leaving coverage for the buyer to assemble, it sells the outcome: continuous, measurable testing coverage across the entire exposed attack surface, end to end. Its Cyber Resilience Shield combines AI‑driven orchestration, years of learned testing context, a vetted global community of over 16,000 ethical hackers, and — increasingly — offensive AI agents, delivered as a subscription that activates in 24 hours and needs no in‑house specialists. Customers replace a patchwork of one‑off pentests and disconnected scanners with a single continuous platform. They consistently report sharp reductions in cost and time‑to‑detection alongside deeper coverage. What’s delivered isn’t only testing — it’s visibility. From the CISO’s desk to the board, findings are continuously translated into the business context and risk terms each level needs — empowering c-level and board of directors to act.

“As AI reshapes cybersecurity, organizations need protection that’s continuous, intelligent, and simple to adopt. That’s what we’ve delivered to some of Europe’s most security-conscious institutions — and what we’re now bringing to customers worldwide. With the support of Direttissima and DBAG, we’re making intelligent security testing the new standard.”
— Sandro Nafzger, CEO & Co Founder, Bug Bounty Switzerland

“Bug Bounty Switzerland combines three things that rarely come together: a differentiated product built on years of proprietary know how and data, profitable execution from a bootstrapped start, and a market in which continuous security testing is shifting from best practice to baseline. The team has earned the right to redefine and lead this category.”
— Philipp Bolliger, Partner, Direttissima Growth Partners

“Bug Bounty Switzerland fits our Long-Term Investment profile: a founder led, profitable business with a clear technological edge in a structurally growing market. Our balance sheet capital gives the team the flexibility to compound their advantage over many years rather than optimize for a single cycle.”
— Jochen Baumann, Managing Director, Deutsche Beteiligungs AG

Caption: (from left to right) Leadership Team: Stefan Velikov (Head of Sales), Lukas Heppler (CTO &
Co-Founder), Sandro Nafzger (CEO & Co-Founder), Florian Badertscher (COO & Co-Founder), Lino
Simoni (Director of Delivery & Customer Success)

You can find more information and images for use in your reporting in our media kit.

About Bug Bounty Switzerland
Bug Bounty Switzerland is the Swiss pioneer in ethical hacking, intelligent security testing, and the Service-as Software model. Its Cyber Resilience Shield security platform enables organisations to run continuous, scalable, plug-and-play security assessments across their entire exposed attack surface without in-house specialists or fragmented tooling. Founded in Switzerland in 2020 by a team with deep roots in Swiss bug bounty work since 2015, Bug Bounty Switzerland is on a mission to redefine security testing: faster, smarter, more resilient. Its interdisciplinary team serves enterprise customers globally.
www.bugbounty.ch

About Direttissima Growth Partners
Direttissima Growth Partners is a European growth equity firm based in Zurich and Munich, providing growth capital to proven technology and service businesses advancing digitalization, automation, and sustainability in B2B value chains. The team brings hands-on experience as founders, executives, and investors, and is supported by a network of top-tier entrepreneurs and operators committed to building European champions.
www.direttissima.partners

About Deutsche Beteiligungs AG
Deutsche Beteiligungs AG (DBAG) is a listed private equity firm (since 1985), focusing on well positioned mid market companies in DACH and Italy. Its sector focus is on manufacturers, industrial service providers and IndustryTech enterprises, companies from the business services, IT services, software, healthcare, and environment, energy and infrastructure sectors. DBAG Group’s assets under management or advisory amount to approximately 2.7 billion euros. ELF Capital has expanded DBAG’s range of flexible financing solutions for mid market companies to include private debt.
www.dbag.de

Press contact
Bug Bounty Switzerland AG
Sandro Nafzger, CEO & Co-Founder
+41 41 562 05 65
hello@bugbounty.ch

Advisory Board Allgemein Allgemein Bug Bounty Bug Bounty Digital Trust Digital Trust Events Expert Talks General Innovation Keynote Legal Live-Stream Medienmitteilung NCSC Partnerschaften Partnerships Podcast Podcast Press Release References Referenzen Television VotM Vulnerability

We'll help you, let's chat about how!

Let's meet for a virtual coffee. Via calendly you can book yourself directly into our calendar. Try it out.

Schedule meeting

Contact Details

Bug Bounty Switzerland AG
The Circle 60
CH-8058 Zurich
+41 41 562 05 65