AegisAI, a cybersecurity startup built by two former Google security leaders, has raised $13 million in seed funding to tackle one of the oldest problems in enterprise technology, keeping malicious emails out of inboxes.
The company, founded by Cy Khormaee and Ryan Luo, both of whom previously worked on Google’s Safe Browsing and reCAPTCHA projects, seeks to ensure autonomous AI agents outsmart today’s phishing, malware, and business email compromise (BEC) attacks.
Unlike rule-based systems, which attackers usually bypass, AegisAI’s system learns in real-time and adapts to evolving threats.
Email is still the easiest entry point for attackers. Traditional filters struggle against AI-powered phishing campaigns, which are more convincing than ever.
A 2024 study found that phishing emails written by large language models had a 54% click-through rate, compared to 12% for human-written messages. This gap reveals how much more effective AI-powered lures have become, and how ill-prepared most defences are.
Attackers are no longer just relying on domains, they now exploit trusted services such as Salesforce, Zoom, and Google, making their content appear legitimate enough to bypass conventional filters. This has left enterprises exposed, with security teams overwhelmed by alerts and false positives.
AegisAI’s Pitch
Instead of static rules or user training manuals, AegisAI brings what it calls a network of AI agents that inspect and neutralise threats automatically. The company says customers are already seeing up to 90% fewer false positives compared to traditional solutions.
The platform integrates with Microsoft 365 and Google Workspace, with minimal setup required. Security teams can view real-time dashboards showing attempted intrusions, from AI-generated spear phishing to fuzzing attempts.
Co-founder and CEO Cy Khormaee explained the motivation, “We’ve spent almost a decade each protecting billions of users at Google, we’ve seen firsthand how enterprise email defences are falling behind. We’re seeing the sophistication of AI powered attacks increase rapidly while existing email security defences are standing still. This leaves security leaders without the tools they need to defend their organisations.”
Ryan Luo, co-founder and CTO, added, “We don’t believe in creating more alerts — we believe in creating better security outcomes. Our mission is to protect organisations without adding operational burden and to give security teams the reliable intelligence they need to focus on what matters most.”
Pilot customers say the results have been decisive. Bam Azizi, CEO of Mesh, stated, “As a former security founder, I’ve seen the cat-and-mouse game play out for decades—especially in email security, where attackers constantly evolve to trick employees. Aegis is the first solution that truly changes the game.
“They came into Mesh and stopped attackers in their tracks. Our dashboard shows everything from fuzzing attempts to AI-generated spear phishing and BEC, and Aegis catches them all—without my team wasting time managing rules.”
At Lokker, CEO Ian Cohen said the system immediately flagged threats aimed at critical teams, “We immediately saw threats to our accounting, engineering, and executive teams in the dashboard. Aegis enabled us to see and stop these threats without our team manually hunting them down.”
Backed by Accel and Foundation Capital
The $13 million seed round was co-led by Accel and Foundation Capital. The funds will drive product development, expand engineering talent, and accelerate go-to-market efforts.
According to Eric Wolford, Partner at Accel: “The AI era will inevitably drive disruption in email—the easiest attack vector. We were looking for a team that was AI-native—people who didn’t just whitewash with AI—people who had the DNA and career investments in the development of AI. Cy and Ryan were that right team. They are both AI-native and have spent an enormous amount of time in email security at Google.”
Following a stealth phase with fintech and tech companies, AegisAI is now moving into wider commercial deployment. Its founders argue that the industry doesn’t need more alerts or user training but tools that stop threats before they reach employees’ inboxes.
With both the scale of AI-driven attacks rising and traditional defences falling short, AegisAI is aiming to be a timely safeguard in one of cybersecurity’s biggest challenges.
