AegisAI, a cybersecurity startup founded by former Google Safe Browsing and reCAPTCHA leaders Cy Khormaee and Ryan Luo, has announced a radical approach to email security as parts of both its public launch and seed funding round. The premise is the use of autonomous AI agents that eliminate phishing, malware, and business email compromise (BEC) attacks before they reach user inboxes. At the same time, the agents reduce false positives by up to 90% compared to traditional solutions.
This issue is significant because Email threats are becoming more advanced, with AI-generated phishing attacks proving significantly more effective than traditional ones. AegisAI addresses this by using autonomous agents (LLMs) that proactively neutralize threats early on, dramatically reducing user risks. AegisAI’s solution autonomously learns from adversarial behavior, offering a more dynamic defense. It’s able to detect novel attacks that evade all other systems.
“We are thrilled to announce that we have raised a $13M Seed Round for AegisAI Security,” said Cy Khormaee, co-founder and CEO at AegisAI, and Ryan Luo, CTO and Co-Founder of AegisAI. “This is a significant milestone for our company and a testament to the hard work of our incredible team.
“This journey started from a simple observation from our combined decade of experience at Google – enterprise email defenses are falling behind,” said Khormaee and Luo. “While we were protecting billions of users, we saw firsthand the growing sophistication of AI-powered attacks and how existing email security solutions are struggling to keep up. This leaves businesses and their security leaders without the tools they need to effectively defend their organizations in this new era of threats.”
The big issue is that traditional email security solutions rely on static rules and extensive user training, which are becoming increasingly inadequate. AegisAI’s solution autonomously learns from adversarial behaviour, offering a more dynamic defense. It’s able to detect novel attacks that evade all other systems. AI has created a new wave of threats that rule-based systems are not prepared for. Adversaries can rotate graphics, messaging, and fabricate supporting content to create lures that look more real than ever. A 2024 study showed LLM-generated phishing messages had a significantly higher click-through rate (54%) than human-written ones (12%), proving their effectiveness.
“Our mission at AegisAI Security is clear – to build intelligent, adaptive systems that can learn and evolve as fast as the threats they are facing,” stated Khormaee and Luo. “We are not just building another email security product; we are reimagining what email security can be. We are customizing large language models to detect and respond to the full spectrum of known and emerging email threats – from zero-day phishing to highly targeted social engineering. Our vision is to create a future where communication is inherently safe, and trust can be scaled. Every inbox deserves real-time, AI-powered protection, and we are here to deliver on that promise. That’s email secured.”
The $13m seed funding round was led by Accel and Foundation Capital. The funding will accelerate product development, expand the engineering team, and support go-to-market efforts as the company scales its autonomous email security platform.
Modern attackers are also increasingly abusing trusted platforms like Salesforce, Zoom or Google to deliver malicious content, exploiting the inherent trust these services carry to bypass traditional reputation-based security filters and rules that would typically block suspicious domains or unknown senders. Their platform uses AI agents to detect and block phishing, impersonation attempts, ransomware, and financial fraud before they ever reach a user.
“Unlike traditional filters, which often miss evolving threats or create headaches by blocking safe communication, Aegis analyzes messages through intent, context, and user relationships, replicating how a skilled analyst would triage an email, but at scale,” Khormaee commented.
So how is AegisAI responding? They are introducing a paradigm shift — an orchestrated network of real-time AI agents that inspect, analyze, and neutralize email threats autonomously, eliminating the need for static rules, extensive user training, or complex playbooks.
“We believe the only way to combat AI-native threats is with AI-native defense,” noted Khormaee and Luo. “In the early days of our work, we saw just how powerful large language models could be, not just for generating language, but for understanding context, intent, and deception in ways traditional rule-based systems never could. We realized that this wasn’t just an incremental improvement. It was a step-function change in how security could be done.
“The mission ahead isn’t easy,” the founders stressed. “But it’s clear – to build intelligent, adaptive systems that can learn and evolve just as fast as the threats they’re facing. It means customizing language models to detect and respond to the full spectrum of known and emerging email threats—from zero-day phishing to highly targeted social engineering. It means treating every inbox like a dynamic, high-value environment that deserves real-time, AI-powered protection.”
The AegisAI platform integrates seamlessly with Microsoft 365 and Google Workspace via API deployment. Unlike traditional rule-based gateways, its AI agents continuously learn from real-world adversarial behavior and share threat intelligence across organizations, enabling rapid detection and remediation of emerging phishing, spoofing, and executive impersonation tactics.
“We’ve spent almost a decade each protecting billions of users at Google, and we’ve seen firsthand how enterprise email defenses are falling behind” Khormaee said. “We’re seeing the sophistication of AI powered attacks increase rapidly while existing email security defences are standing still. This leaves security leaders without the tools they need to defend their organizations.”
Core platform capabilities include Autonomous Threat Detection, with real-time analysis of every message component including links, attachments, metadata, QR codes and behavioral patterns. They also include Intelligent False Positive Suppression, so that customers in production environments have seen up to 90% reduction in false positives.
There is zero-configuration operation, with autonomous response, escalation, and policy enforcement requiring minimal SOC setup or maintenance. Finally, security-first design ensures the system is built with enterprise-grade encryption and data minimization principles.
“We don’t believe in creating more alerts – we believe in creating better security outcomes,” Luo said. “Our mission is to protect organizations without adding operational burden and to give security teams the reliable intelligence they need to focus on what matters most.”
The founding team brings deep expertise from Google. Following a successful stealth phase with pilot customers across fintech and tech companies, AegisAI has demonstrated significant improvements in threat detection accuracy and operational efficiency.
One of those customers is Ian Cohen, CEO at Lokker
“We immediately saw threats to our accounting, engineering, and executives teams in the dashboard,” Cohen indicated. “Aegis enabled us to see and stop these threats without our team manually hunting them down.”