AegisAI, a new AI-driven email security startup, is the latest to come out of stealth mode with a jaw-dropping $13 million in seed funding. The $59 million round was co-led by the venture capital firms Accel and Foundation Capital. The company’s primary mission is to tackle the growing menace of phishing emails, which account for over 90% of successful cyberattacks globally.
After his time as Vice President of Product Management at Attentive, Cy Khormaee launched AegisAI. Today the company is dedicated to providing organizations with best-in-class protection against email-based threats. After leaving Attentive in November 2024, that’s when Khormaee started getting the ball rolling on the new venture. AegisAI, which is now a team of six, recently welcomed … Though young, they’ve already begun to make big waves in the cybersecurity ecosystem.
AegisAI’s system is made to be easy-to-use, and rapidly deployable. Go to the ConnectIt for Google or ConnectIt for Microsoft installation page. The actual process takes under five minutes with an API! The startup’s strategy has been to offer a very easy integration process. This strategy is designed to spur the private sector to ensure broad deployment of impactful email security solutions.
The underlying technology powering AegisAI is a much more dynamic and adaptable approach than legacy email security platforms which are often rules-based. Instead, AegisAI utilizes advanced AI agents that can identify attacks and self-tune to adapt to various attack vectors in real-time. These autonomous AI agents communicate with one another. Through sharing threat intelligence, they further enhance their capacity to detect and disarm emerging threats.
When AegisAI’s system is first deployed, it runs in a read-only mode for one week before turning on features that allow quarantining. The unique system not only collects data, but provides users with a detailed report of their data. This report discusses its findings, including false positives and false negatives identified during its automated and human monitoring period.
Khormaee tells the story of his time on Google’s GSuite team, stressing the need for a comprehensive understanding of email threats. He stated,
“What we know from building these tools at Google is what all the things are about an email you need to analyze? What are all the data sources? What are all the techniques for spotting invasion, and all the nasty stuff adversaries do that we’ve seen over 10 years of playing chess with these adversaries?”
AegisAI is just beginning its very cool adventure! It has already deployed pilot programs with customers in the United States and Europe. Lokker, which provides data privacy compliance software, was one of the first paid customers. Another one of the early customers is Mesh Connect, a cross-border crypto payments platform. This early traction is a testament to the momentum that is building around new, innovative approaches to tackling email security challenges.
Khormaee had similar motivation to tackle what he sees as a fundamental problem in cybersecurity, stating,
“The sum of all evil is a PDF attachment in an email. That’s always where all the attacks started, and so I really wanted to solve this problem.”
Despite the deep investment, AegisAI still has a lot of technical ground to cover and go-to-market infrastructure to fill out. Khormaee understands that the threat landscape is never going to be a static one as adversaries will always find a way to adapt and create new techniques. He noted,
“I fully believe that in two years, adversaries will understand what we’re doing. They’ll retool and attack what we’re doing, and then we’ll need to build more agents to stay ahead of them.”
AegisAI’s groundbreaking technology and approach give it the upper hand and make it a major competitor in the battle against email phishing threats. It uses cutting-edge AI powered technology to defend organizations against today’s most sophisticated attacks. Moreover, it hopes to get out ahead of challenges to come in the fourth dynamic and developing security environment of the cybersecurity domain.