Matthew Fox

Matthew Fox With RiskApp

Matthew Fox, Co-founder of RiskApp, is a cybersecurity entrepreneur building AI-driven solutions to transform security compliance. Together with co-founder Rafael Carvalho, he launched RiskApp in 2023 after facing firsthand how outdated, slow, and painful audit processes can be. Their mission was clear: create a platform that makes compliance easier, faster, and aligned with real security—not checklists.

Headquartered in The Hague, Netherlands, RiskApp is built by security professionals for security teams. The platform automates complex compliance frameworks like ISO 27001 and SOC 2 while helping teams focus on what matters most: actual security. With a strong user-first mindset, Matthew and Rafael are reimagining compliance for the AI era.

Let’s have a look at the conversation CyberSecurity88 had with Mr. Matthew Fox:


What inspired the founding of RiskApp?

Security and compliance were disconnected. Teams were wasting time proving things they’d already done, and buyers couldn’t see what was real. We started RiskApp to change that. We use AI to collect live security evidence from your stack so you’re always audit-ready and can prove you’re secure. Come for the compliance automation, stay for the risk reduction.

 

What core problem does your service solve in the cybersecurity space?

Audit prep slows teams down. Security data is fragmented. Compliance checklists miss the point. RiskApp deploys AI agents inside your environment to gather evidence, map it to frameworks, and keep you ready for audits or security reviews.

 

What makes your solution different or innovative?

We deploy agents that stay connected to your systems and automatically collect audit-ready evidence. These agents continuously map your real controls to frameworks like SOC 2, ISO 27001, NIS2 and more. It’s not just dashboarding. It’s a live trust layer that reflects what’s actually happening in your environment. This is an entirely different approach to compliance AI from the ground up.

 

Could you share a milestone or success story you’re especially proud of?

We’re working with a fast-growing fintech where the pain wasn’t weak security… it was that every auditor, every framework, expected something different. They had strong controls, but proving that across frameworks was messy. We’ve now automated full frameworks for them — technical controls, policy generation, evidence collection. Compliance is getting close to autopilot, and in a lot of ways, stronger than what they were doing manually.

 

What’s your vision for the next 12 to 18 months?

We’re scaling two things. First, helping startups pass their first audit with near-zero overhead. Second, giving larger orgs a real-time trust layer that replaces static GRC tools. Our goal is to make RiskApp the fastest way for software companies to prove they’re secure.

 

What are your views on the impact of Generative AI on cybersecurity?

AI flips the model. Most teams can’t manually validate every control or prepare evidence on demand. GenAI makes that possible. We see a future where internal assurance is fully automated. Our agents are already doing that work today.

 

What’s your advice to other founders on building a design partner pipeline?

Find sharp customers with urgent pain. Don’t be afraid to pivot from being a vitamin to a true painkiller. The challenge isn’t getting the first call. It’s delivering enough value to earn a purchase order.

 

Learn More About RiskApp

Discover how RiskApp is simplifying compliance while strengthening real security.

🌐 www.riskapp.com
📧 yo@riskapp.com

U.S. Office
169 Madison Ave, Suite 11902
New York, NY 10016, USA

European Office
Wilhelmina van Pruisenweg 104
2595 AN Den Haag, Netherlands