In an era where cyber threats are becoming increasingly sophisticated, particularly through the use of artificial intelligence (AI) by malicious actors, a new startup, AegisAI, has emerged to bolster email security. Founded by former Google security leaders Cy Khormaee and Ryan Luo, AegisAI has successfully raised $13 million in seed funding, co-led by Accel and Foundation Capital.
The Rising Threat of AI-Driven Phishing
Cybersecurity agencies have long warned about the dangers of phishing emails, which serve as the entry point for over 90% of successful cyberattacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The advent of large language models (LLMs) has exacerbated this issue. A 2024 study by CrowdStrike revealed that phishing messages generated by LLMs had a 54% click-through rate, significantly higher than the 12% rate for human-crafted emails.
AegisAI’s Innovative Approach
AegisAI aims to counteract these evolving threats by deploying a network of autonomous AI agents designed to inspect, analyze, and neutralize email threats in real-time. Unlike traditional email security platforms that rely on static rules and require extensive user training, AegisAI’s system operates dynamically without predefined rules.
The sum of all evil is a PDF attachment in an email. That’s always where all the attacks started, and so I really wanted to solve this problem, said Cy Khormaee in an exclusive interview with TechCrunch.
The Founders’ Background
Cy Khormaee and Ryan Luo bring a wealth of experience from their tenure at Google. Khormaee served as the head of product and director of product management, leading the security team responsible for protecting Google’s vast user base from phishing, malware, and fraud through products like Safe Browsing, reCAPTCHA, and Web Risk. Luo, with nearly a decade at Google, was part of the Safe Browsing team, focusing on detecting and mitigating web-based threats.
Before his time at Google, Khormaee founded Contastic, a sales intelligence platform acquired by SugarCRM in 2016. He later served as VP of product management at Attentive until November 2024, before co-founding AegisAI.
How AegisAI Works
AegisAI has developed a system of reasoning agents, each being a custom-built LLM fine-tuned to identify specific threats. When the orchestrating agent detects a potential threat, it engages other agents in the network, referred to as buddies. These agents collaboratively analyze the threat, reason among themselves, and provide a verdict to the orchestrating agent.
The agents perform real-time analysis of every component of an email, including links, attachments, metadata, QR codes, and behavioral patterns. This comprehensive approach ensures that threats are identified and neutralized before they reach the user’s inbox.
The Future of Email Security
With the increasing sophistication of cyber threats, particularly those leveraging AI, traditional email security measures are often insufficient. AegisAI’s innovative approach represents a significant advancement in the field, offering a proactive and dynamic solution to protect users from evolving email-based attacks.
As AegisAI continues to develop and refine its technology, the recent $13 million funding will be instrumental in scaling operations and enhancing the capabilities of its AI agents. The company’s mission is clear: to stay ahead of cybercriminals by leveraging cutting-edge AI to ensure that email threats are neutralized before they can cause harm.
