Below is a look at how the Feroot platform evolved in 2025 and how these improvements support your compliance and security strategy heading into 2026.
DXComply: Closing the security gap in mobile apps
This year, we launched DXComply, expanding Feroot’s visibility and compliance intelligence into mobile environments.
MobileGuard AI enables teams to:
- Detect unauthorized SDK or API behaviors
- Monitor data flows and telemetry in real time
- Automatically adjust compliance based on user location
- Generate audit-ready reports for HIPAA, GDPR, CCPA, and more.
DXComply fills the long-standing visibility gap in mobile application security, giving organizations the same level of clarity they expect from web environments.
Strengthening security and compliance across our solutions suite
PaymentGuard: Stronger PCI DSS 4.0.1 alignment
PaymentGuard now offers enhanced support for Requirements 6.4.3 and 11.6.1, automating continuous script validation and change detection on payment pages.
Key enhancements include:
- Improved script integrity monitoring
- Real-time detection of unauthorized changes
- Continuous verification of all payment page scripts
- Audit-ready evidence for PCI DSS assessments
These updates support organizations facing heightened scrutiny around payment security and data handling.
DXComply: Enhanced HIPAA and BAA oversight
Following HIPAA guidance on tracking technologies, healthcare organizations face heightened expectations for PHI protection. DXComply has enhanced its capabilities to better meet these expectations.
This year’s updates introduced:
- Enhanced BAA reporting and verification workflows
- More precise PHI detection across all digital properties
- Real-time blocking of unauthorized tracking technologies
These improvements help healthcare teams so that compliance evidence is always ready when needed.
DXComply: Adaptive global privacy controls
As privacy regulations evolved across more than 50 jurisdictions, DXComply introduced new capabilities to help teams keep pace.
Enhancements include:
- Location-based policy enforcement for every visitor
- Stronger consent validation and documentation
- Expanded mapping for emerging regional laws
- Unified reporting for trackers, cookies, and policy behavior
DXComply helps organizations maintain transparency and trust across diverse regulatory landscapes.
DXSecure: Protecting the client-side runtime environment
A key advancement this year was Deep Trace, a capability that identifies suspicious encrypted data exfiltration patterns, including attempts to extract credentials or sensitive information from forms.
DXSecure now provides:
- Enhanced runtime behavioral analysis
- Detection of hidden data exfiltration attempts
- Integration with enterprise SIEM and governance systems
These updates help organizations strengthen their client-side defenses while supporting compliance requirements around unauthorized access prevention and data integrity.
Breakthroughs that defined 2025 for Feroot
Let’s look at the milestones that shaped this year, strengthening customer trust and positioning Feroot at the center of the global digital compliance conversation.
Series A funding
- Raised $14M Series A to scale our AI-powered compliance platform supporting organizations across web and mobile environments.
(Learn more: https://www.feroot.com/news/feroot-security-raises-14m-series-a-to-scale-ai-powered-compliance-platform-protecting-websites-and-applications/)
Feroot findings that earned media attention
- Revealed that TikTok collects large amounts of U.S. personal data, even from individuals who don’t use the app.
- Discovered that DeepSeek’s web login page connects directly to China Mobile, a company designated as a Chinese military organization.
- Identified that healthcare websites leak sensitive patient data to major tech platforms, including Google, Facebook, and TikTok.
- Cited in a U.S. Congress report exposing DeepSeek’s ties to the Chinese Communist Party and highlighting risks of foreign access to Americans’ personal information.
Building toward 2026: A platform designed to stay ahead
Across all these developments, one theme guided our product goals: Visibility is the foundation for a resilient security and compliance posture. Whether your organization must comply with HIPAA, PCI DSS, GDPR, CCPA, or emerging state and international laws, the expectations are clear – organizations must understand how data moves, how scripts behave, and how third parties interact with their environments.
The Feroot platform is built to deliver that clarity continuously. As you prepare for 2026, you can rely on Feroot for:
- Real-time insight across web and mobile
- Automated detection of risky third-party behaviors
- Compliance-ready documentation for audits
- Proactive controls that prevent data exposure
Thank you for being part of our journey this year. If your team is refining its 2026 compliance roadmap, we’re here to support you with clarity, insight, and technology that strengthens trust across every digital touchpoint.
