New York - Sep 10, 2025 (UTC) - AegisAI, a cybersecurity startup founded by former Google Safe Browsing and reCAPTCHA leaders Cy Khormaee and Ryan Luo, today announced its public launch and $13 million seed funding round with a radical approach to email security: autonomous AI agents that eliminate phishing, malware, and business email compromise (BEC) attacks before they reach user inboxes while reducing false positives by up to 90% compared to traditional solutions.
The seed funding round was co-led by Accel and Foundation Capital. The funding will accelerate product development, expand the engineering team, and support go-to-market efforts as the company scales its autonomous email security platform.
AI has created a new wave of threats that rule-based systems are not prepared for. Adversaries can rotate graphics, messaging, and fabricate supporting content to create lures that look more real than ever. A 2024 study showed LLM-generated phishing messages had a significantly higher click-through rate (54%) than human-written ones (12%), proving their effectiveness. More than 90% of successful cyberattacks begin with a phishing email, per U.S. federal cybersecurity agency CISA.
Modern attackers are also increasingly abusing trusted platforms like Salesforce, Zoom or Google to deliver malicious content, exploiting the inherent trust these services carry to bypass traditional reputation-based security filters and rules that would typically block suspicious domains or unknown senders.
Founded by former Google Safe Browsing and reCAPTCHA executives, AegisAI offers an orchestrated network of real-time AI agents that inspect, analyze, and neutralize email threats autonomously, without relying on any specific set of rules. This approach challenges typical email security platforms that rely on static rules and often require extensive user training.
Khormaee was head of product and director of product management at Google for over five years until July 2023, leading the security team responsible for protecting Google, its four billion users, and four million websites from phishing, malware, and fraud. Luo spent almost a decade at Google and was part of the Safe Browsing team. Before Google, Khormaee founded the sales intelligence platform Contastic, which was acquired by SugarCRM in 2016.
“We’ve spent almost a decade each protecting billions of users at Google, we’ve seen firsthand how enterprise email defenses are falling behind,” said Cy Khormaee, co-founder and CEO at AegisAI. “We’re seeing the sophistication of AI powered attacks increase rapidly while existing email security defences are standing still. This leaves security leaders without the tools they need to defend their organizations.”
“The sum of all evil is a PDF attachment in an email. That’s always where all the attacks started, and so I really wanted to solve this problem,” Khormaee said in an exclusive interview with TechCrunch.
“We don’t believe in creating more alerts – we believe in creating better security outcomes,” said Ryan Luo, CTO and Co-Founder of AegisAI. “Our mission is to protect organizations without adding operational burden and to give security teams the reliable intelligence they need to focus on what matters most.”
AegisAI has built reasoning agents, each of which is a custom-built LLM tuned to a specific threat. Once the orchestrating agent recognizes a threat or potential threat, it calls other agents in the network, which perform real-time analysis of every message component, including links, attachments, metadata, QR codes, and behavioral patterns. While AegisAI has currently built over 10 agents for this work, there could be 50 to 100 agents over time as adversaries become smarter.
The platform integrates seamlessly with Microsoft 365 and Google Workspace via API deployment, taking no more than five minutes for customers to install according to the company. Unlike traditional rule-based gateways, its AI agents continuously learn from real-world adversarial behavior and share threat intelligence across organizations.
“As a former security founder, I’ve seen the cat-and-mouse game play out for decades-especially in email security, where attackers constantly evolve to trick employees. Aegis is the first solution that truly changes the game,” commented Bam Azizi, CEO at Mesh Connect. “They came into Mesh and stopped attackers in their tracks. Our dashboard shows everything from fuzzing attempts to AI-generated spear phishing and BEC, and Aegis catches them all-without my team wasting time managing rules.”
“We immediately saw threats to our accounting, engineering, and executives teams in the dashboard. Aegis enabled us to see and stop these threats without our team manually hunting them down,” said Ian Cohen, CEO at Lokker.
“The AI era will inevitably drive disruption in email – the easiest attack vector. We were looking for a team that was AI-native – people who didn’t just whitewash with AI – people who had the DNA and career investments in the development of AI,” added Eric Wolford, Partner at Accel. “Cy and Ryan were that right team. They are both AI-native and have spent an enormous amount of time in email security at Google.”
The startup, with offices in San Francisco and New York, is currently running a pilot with customers in the U.S. and Europe and has already added three paying customers, including data privacy compliance software Lokker and crypto payment platform Mesh Connect. The company currently has a team of six members.
About AegisAI
AegisAI is pioneering the next generation of email security through autonomous AI agents that detect and respond to email threats without human intervention. Founded by former Google engineers and product leaders with deep expertise in large-scale threat detection, the company delivers radically simplified and more accurate protection against phishing, malware, and social engineering attacks. The platform offers autonomous threat detection with real-time analysis of every message component, intelligent false positive suppression reducing false positives by up to 90%, zero-configuration operation with autonomous response and policy enforcement, and security-first design with enterprise-grade encryption. AegisAI is backed by leading venture capital funds including Accel and Foundation Capital.
