Former Google security executives have launched AegisAI, a startup emerging from stealth with $13 million in seed funding to combat the rising tide of AI-powered email threats. Co-led by Accel and Foundation Capital, the company aims to neutralize phishing, malware, and business email compromise (BEC) attacks before they reach an employee’s inbox.
The Growing Threat of AI-Generated Phishing
The cybersecurity landscape has shifted dramatically as attackers leverage Large Language Models (LLMs) to craft sophisticated scams. According to a recent CrowdStrike report, phishing emails generated by LLMs achieved a 54% click-through rate in 2024, dwarfing the 12% rate associated with human-authored messages. Furthermore, data from the U.S. federal cybersecurity agency CISA indicates that over 90% of successful cyberattacks originate from a phishing email.
Autonomous AI Agents vs. Static Rules
Founded by Cy Khormaee and Ryan Luo—both veterans of Google’s Safe Browsing and reCAPTCHA divisions—AegisAI replaces traditional, rules-based security with an orchestrated network of autonomous AI agents. Unlike legacy platforms that require constant manual updates, these agents inspect, analyze, and neutralize threats in real time without relying on static rule sets.
Khormaee, who led Google’s security efforts for over five years, emphasizes that the system acts like a team of experts. “We have reasoning agents, each a custom-built LLM tuned to a specific threat,” he explains. When a potential threat is detected, an orchestrating agent calls upon “buddy” agents to analyze components like attachments, links, metadata, and QR codes. They reason with one another to deliver a final verdict.
Scalability and Future-Proof Security
AegisAI currently utilizes over 10 specialized agents, with plans to expand to 50 or 100 as adversarial techniques evolve. The platform is designed to self-tune against new variants of attacks, a critical capability as attackers inevitably attempt to bypass AI defenses. The company claims this approach reduces false positives by up to 90% compared to traditional security suites.
Rapid Deployment and Market Adoption
Integration is designed for speed, taking roughly five minutes to connect via API to Google Workspace or Microsoft 365. The system typically operates in a “read-only” mode for one week to baseline environment activity before activating full quarantine protocols.
Headquartered in San Francisco and New York, AegisAI is already working with pilot customers across the U.S. and Europe. Early adopters include companies such as Lokker and Mesh Connect. With the new capital, the startup intends to scale its technical infrastructure and expand its go-to-market strategy to meet the urgent demand for automated, intelligent email defense.