![](\"https:\/\/fortune.com\/img-assets\/wp-content\/uploads\/2026\/03\/3896a8d5-bed2-4c2f-8f1e-6ebe5f44781b-e1773785857771.jpg?w=2048\")
<\/p>\n<\/p>\n
RunSybil, an AI cybersecurity startup that uses AI agents to automatically hack company software to find security weaknesses, has secured $40 million in venture capital funding.<\/p>\n
The round was led by Khosla Ventures, with participation from S32, the Anthology Fund from Anthropic and Menlo Ventures, Conviction and Elad Gil, along with angel investors including Nikesh Arora, Amit Agarwal, Jeff Dean, and other founders and leaders from companies including OpenAI, Palo Alto Networks, Stripe and Google.\u00a0<\/p>\n
The company did not disclose the valuation it achieved in the new funding round.<\/p>\n
The company\u2019s AI agent, Sybil, conducts continuous autonomous penetration tests against live applications\u2014finding, exploiting and documenting real security vulnerabilities without humans in the loop. That\u2019s different from other security tools currently making headlines, such as Claude Code Security, which analyzes source code in applications for known vulnerabilities before it is deployed.<\/p>\n
RunSybil instead tests software that is already running, probing live systems the way a hacker would\u2014by exploring systems, chaining vulnerabilities together and testing authentication boundaries to find paths to sensitive data.<\/p>\n
Automating \u2018ethical hacking\u2019 <\/p>\n
Companies have long relied on a mix of penetration tests\u2014where outside security experts, or \u201cethical hackers,\u201d try to break into their systems; bug bounty programs that reward independent hackers for reporting flaws; and internal \u201cred teams\u201d that simulate real cyberattacks. RunSybil says its AI system can automate much of that work, continuously probing applications for vulnerabilities as new code is deployed.<\/p>\n
RunSybil argues this kind of automation is becoming necessary as AI reshapes how companies operate. Procurement, legal, finance, engineering and operations are all being rebuilt with AI\u2014including the growing use of AI agents. Yet security testing is still often treated as a discrete, scheduled event managed by a separate team on its own timeline. That mismatch can be especially challenging for highly regulated industries such as finance, insurance and health care, which face strict legal and audit requirements around cybersecurity.<\/p>\n
RunSybil was co-founded in 2023 by Ari Herbert-Voss, who joined OpenAI as its first security research hire in 2019, and Vlad Ionescu, who previously led offensive security red teams at Meta. Together, they say they represent a rare intersection: people who understand how to build frontier AI systems and how to hack into complex software.<\/p>\n
\u201cWe check every box that needs to be checked\u2014for auditors, regulators and compliance teams,\u201d Herbert-Voss said. But the real work, he said is transforming where, when and how customers discover and fix security issues: \u201cNot as a project, but as a permanent capability embedded in how they build.\u201d<\/p>\n
\u2018On the edge\u2019 of the AI security frontier<\/p>\n
Vinod Khosla, who made an early bet on OpenAI in 2019 and often invests in companies he considers to be on the technological frontier, told Fortune that \u201cwhat it takes to add security and penetration testing to the AI world is definitely frontier\u2014RunSybil is on the edge.\u201d There is currently little competition in this part of the offensive security market, he said, though security incumbents such as Palo Alto Networks may eventually move into the space.<\/p>\n
For now, \u201cnobody\u2019s really knowledgeable about it except individuals like [Herbert-Voss],\u201d he said, adding that he has long been concerned about AI\u2019s cyber capabilities falling into the hands of adversaries such as China. \u201cWe invest in founders who tackle large, unsolved problems with technically ambitious solutions,\u201d he added. \u201c[Herbert-Voss and Ionsecu] are building exactly the kind of platform security teams will need as software complexity and AI-driven development accelerate.\u201d<\/p>\n
Herbert-Voss has long been steeped in both hacking and AI. Growing up in a mostly Mormon community in Utah, he said he was drawn to the online hacker scene in middle and high school but pivoted away after friends \u201cstarted getting arrested.\u201d While pursuing a Ph.D. at Harvard University studying machine learning and ways to make algorithms more efficient, he first heard about OpenAI.<\/p>\n
He dropped out of Harvard, he said, after becoming convinced that the rapid scaling of AI models\u2014training larger systems with more data and computing power\u2014would unlock powerful new capabilities. <\/p>\n
Evolving cyber capabilities with LLMs<\/p>\n
\u201cOnce OpenAI dropped GPT-2, I said wow, this changes everything about the economics of what it would take to run a cyber campaign,\u201d he explained. He sent a couple of hacker demos to OpenAI CEO Sam Altman and Jack Clark, then-head of policy at OpenAI who went on to co-found Anthropic. Both of them expressed their concerns about the potential misuse of LLMs and asked Herbert-Voss to come on to do security research. <\/p>\n
But by 2022, Herbert-Voss said he also began to see how quickly offensive cyber capabilities could evolve once powerful language models became widely available, including to malicious actors. Those same advances, he said, could dramatically expand cyber threats. That led to Herbert-Voss\u2019s decision to leave OpenAI and start RunSybil as a research project.<\/p>\n
RunSybil currently works with startups including Cursor, Turbopuffer, Notion, Baseten, and Thinking Machines Lab, as well as what the company says are major financial institutions and Fortune 500 companies. (The company declined to name any of those Fortune 500 or financial customers.) Herbert-Voss said that customers have already reported finding critical vulnerabilities that had gone undetected using traditional methods.<\/p>\n
#Exclusive #cybersecurity #startup #RunSybil #raises #million #led #Khosla #Ventures<\/p>\n","protected":false},"excerpt":{"rendered":"
RunSybil, an AI cybersecurity startup that uses AI agents to automatically hack company software to…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[245],"tags":[3970,3973,1355,2399,3971,408,3972,3975,1408,1161,3974,2127,442,443,3976],"_links":{"self":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/1700"}],"collection":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1700"}],"version-history":[{"count":0,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/1700\/revisions"}],"wp:attachment":[{"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}