Europe’s Future is Self-Hosted: Polish Defguard Redefines Enterprise VPN & IAM and Secures EUR 1.2M

• Defguard’s unified security platform secures EUR 1.2M Pre-Seed funding from Hard2beat, SMOK Ventures, S20Team, and angels
• The startup’s platform tackles fragmented enterprise security by integrating VPN, IAM, and ALM in a self-hosted solution
• WireGuard with protocol-level MFA meets modern regulatory and geopolitical demands and champions transparency and cyber independence for European organizations
• With the new investment, Defguard will accelerate product development and expand its team to enhance core platform features

This May, the Polish cyber security startup Defguard became one of the first portfolio companies of the newly formed VC firm Hard2beat which became the lead investor of the startup’s Pre-Seed round of EUR 1.2M. The famous Polish fund SMOK Ventures (invested in Workee, for example) joined the round, alongside S20 Team and Łukasz Jesis of Xopero, Piotr Karwatka and Tomasz Karwatka of Catch the Tornado, Janusz Niewiadomski and Maurycy Prodeus of ISEC as angel investors.

The Journey from Inception to Innovation

The co-founders Robert Olejnik (CEO) and Michał Gryczka (CRO) worked together at the software house called Teonite where they tried themselves in starting several spinoff companies, each with a specifically focused product, based on the clients feedback. Mr Olejnik was specifically responsible for IT security and infrastructure, so his interest was attracted by the constantly reported problems with remote access. Dedicated to this, he started OMNI, a solution for managing remote access and VPN, as early as around 2008-09. Since then, it has been growing into what eventually became Defguard.

‘In 2021, we sat down with our stakeholders to discuss what great product we could deliver, that was critically needed and globally scalable. Defguard grew, and we got our first paying customers in 2024. In April 2025, we pivoted the entirety of Teonite to work on Defguard exclusively,’ Mr Olejnik walks us through the startup’s brief history.

Untangling the Web of Enterprise Security Chaos

The problem that Defguard tackles is organizations’ struggle with enterprise security caused by the excess of tools that don’t integrate well. Legacy vendors offer closed, complex, and overpriced products, leading to a patchwork of disconnected systems for managing secure access, resulting in orphaned accounts, shadow IT, and increased risk.

Additionally, many modern VPN and identity and access management (IAM) platforms are cloud-only, posing compliance issues for regulated industries that need full control over their IT systems. While WireGuard, an efficient open-source VPN protocol, is appealing, it lacks native multi-factor authentication (MFA) and essential enterprise features (e.g. firewall), making it unsuitable for security-conscious organizations. Consequently, businesses remain stuck with outdated, expensive systems to meet security demands.

Internal workflows also often become chaotic. Employees request access via fragmented channels, identity systems don’t reflect current employment status, and accounts remain active long after an employee leaves. This lack of oversight creates significant risk, slows down teams, and drains IT resources.

The Master Key to Modern Security Challenges

Defguard addresses these challenges by offering modern, flexible VPN and access management with advanced security features in a self-hosted platform. It allows organizations to:

• adopt WireGuard VPN with protocol-level MFA enforcement;
• unify VPN, identity, and access lifecycle management (IAM + ALM);
• eliminate multiple tools and reduce complexity.

The startup claims to have developed the first platform to combine these three functions in a self-hosted solution, catering to enterprises, including those in regulated and high-security sectors. Its unique protocol-level MFA for WireGuard removes a major barrier to its adoption. This integrated approach has resonated with industry experts and organizations burdened by inflexible, black-box systems.

‘Defguard is among the examples of how open source can evolve into a fully-fledged corporate solution. Thanks to the support of multi-factor authentication within WireGuard, centralized VPN administration, SSO integration, and in-built firewall management, the platform encompasses key components of security infrastructure,’ Olga Voloshyna of the Committee on IT and Cyber Security of the German-Ukrainian Chamber of Industry and Commerce comments.

Surfing the Waves of Regulations, Geopolitics, and Digital Sovereignty

New regulations like NIS2, GDPR, and eIDAS 2.0 compel companies to rethink infrastructure access security. Growing digital sovereignty concerns and geopolitical pressures are also driving a shift away from foreign-controlled, cloud-hosted infrastructure. Defguard provides the much-needed full control, local hosting, and transparency over IT security infrastructure.

‘European enterprises want to use European-owned cyber security software, but there haven’t been many alternatives historically, so they have been forced to go with solutions like Cisco. That’s why we support Defguard, 100% Europe’s own Wireguard-based open-source zero-trust MFA enterprise VPN with 100% European tech. As geopolitics is getting more and more complex and intrusive, technology is now more a national issue than ever before. Transparency and openness are becoming crucial for enterprises to choose their cybersecurity solutions,’ SMOK Ventures’ founding partner Borys Musielak tells ITKeyMedia.

The Power of Openness: Trust, Control, and Customization

Still, there are companies that are not yet familiar with the importance of self-hosted IAM tools, and market education is needed. For now, Defguard addresses this by publishing use cases highlighting the benefits of their open-source solution.

‘We made Defguard open-source for reasons of transparency and trust, for our clients to be able to verify each line of code, that there are no backdoors or anything. Additionally, open-source makes Defguard customizable. Similar solutions that have been available so far are not open-source, which raised concern with clients and added to the demand in a solution like ours,’ Mr Olejnik comments.

Putting it briefly and simply, Defguard allows rolling out your cyber security solutions in your own space, where you are in charge. One might assume that Defguard’s on-site deployment demands specific and costly hardware.

‘As a matter of fact, you can roll it out even on your cloud space, but you will essentially be using it only as a storage space in this case. So, the cost depends on what the client prefers. It has been our priority to offer the user-friendly version of the WireGuard protocol, a visually intuitive one. But, one will still require some domain knowledge to operate the security infrastructure. Naturally, this knowledge is available from our manuals, but it’s easier when the person is no stranger to the topic,’ Mr Gryczka responds to the concern.

Strategic Vision and Confidence

A mere couple of months after the launch of its Enterprise platform offering, Defguard earned the trust of Polish investors. According to Hard2beat’s founding partner Maciej Zawadzinski, his VC firm got convinced of this investment decision because Defguard addresses a critical, widespread problem of fragmented and insecure access management by unifying VPN, IAM, and ALM in a unique, open-source platform.

The investor underscores that Defguard’s timely solution offers the first WireGuard protocol-level MFA, meeting new regulatory demands and geopolitical shifts towards self-hosted infrastructure. Despite no marketing spend, Defguard has strong organic traction with thousands of downloads and active users, demonstrating significant market potential within the rapidly growing ZTNA, IAM, and DevSecOps sectors.

Of course, the experience and dedication of the founding team also played a critical role, along with the fast execution and a clear exit potential in the consolidating enterprise security market.

‘Defguard uniquely combines VPN, identity management, and access management in one platform, solving multiple security challenges simultaneously. The enterprise VPN market is growing rapidly and could reach USD 534B by 2034. Remote work is now common, and cyber threats are increasing, creating strong demand for such solutions,’ S20 Team’s managing partner Marcin Fejfer states.

Defguard’s Horizon: Product Evolution and Market Reach

Defguard’s newly raised funds will allow the company to accelerate product development, expand the engineering and security teams, and enhance the platform’s core features. Based on the collected feedback from clients, more features will be added. For example, the team is working on the platform’s mobile client.

‘A marketing team is also underway to accelerate that market education that we mentioned, among other purposes,’ Mr Gryczka adds.

‘Everybody can see the growing concern regarding the reliability of the popular solutions, which are US-based. Some companies and organizations across Europe grow hesitant to use them any longer, while others are downright legally restricted. As a Polish company, we are in a perfect position to empower these companies and organizations with true cyber independence,’ Mr Olejnik concludes.

‘EU-based cybersec firms are more crucial for our strategic long-term security concerns, as a region, than ever. This was our philosophical rationale for investing in this sector,’ Piotr Karwatka continues.

Defguard’s sizable Pre-Seed investment round highlights the rising importance of self-hosted cybersecurity in Europe’s pursuit of cyber independence. Their innovative solution, featuring the first WireGuard VPN with protocol-level MFA, offers a crucial and transparent alternative to foreign-controlled systems, empowering a more secure digital landscape for Europe. Unified VPN, IAM, and ALM in an open-source, European-owned platform empower organizations to regain and retain control over their IT infrastructure, especially amid geopolitical shifts and new regulations.