Mass-scale email attacks led by AI are on the rise these days. More than 90% of successful cyberattacks begin with a phishing email, as per the US federal cybersecurity agency CISA. Another study found that phishing messages generated by LLMs (large language models) had a 54% click-through rate in 2024. This is apparently far higher than the 12% rate for human-written emails. To tackle this, former Google security leaders teamed up to build a new email security startup, AegisAI. The goal here is to stop phishing, malware, and business email compromise threats before they even reach your inboxes.
Aegis, a startup from former Google Security leads, aims to fight email threats
Former Google Safe Browsing and reCAPTCHA executive Cy Khormaee and Ryan Luo founded AegisAI. The security startup has now secured $13 million in seed funding co-led by Accel and Foundation Capital. AegisAI wishes to counter the growing threat of email phishing with its suite of autonomous AI agents. It offers an orchestrated network of real-time AI agents that inspect, analyze, and neutralize email threats autonomously, without “relying on any specific set of rules.”
This method challenges typical email security platforms that rely on static rules and usually require user training. “The sum of all evil is a PDF attachment in an email. That’s always where all the attacks started, and so I really wanted to solve this problem,” said Cy Khormaee with TechCrunch.
AegisAI currently has over 10 agents
AegisAI has built multiple agents, each of which is a custom LLM that’s tailored to various threats and specific industries. These also include those in venture capital and financial services. Once the reasoning agent recognizes a threat or a potential threat, it calls the other agents in the work, which are termed “buddies.” These run the analysis, reason, and respond to the orchestrating agent with a verdict. The agent performs a real-time analysis of message components, including attachments, metadata, links, QR codes, and behavioral patterns.
Currently, AegisAI has over 10 agents at work, but Khormaee says that there could be 50 to 100 agents over time as hackers become smarter and find a way to get into the system. The AegisAI agents, when they spot an attack, self-tune themselves for every possible variant of those attacks in real-time. Besides detecting threats, AegisAI agents will work in reducing false positives by up to 90% compared to traditional solutions.
It’s running a pilot with customers in the US and Europe
Khormaee notes that installing AegisAI’s system on a Google Workspace or Microsoft 365 email accounts via an API takes “no more than five minutes.” Once done, the email security startup will send a report with the details on what it found in the environment, including false positives and false negatives. It’ll then run in read-only mode for a week and then activate “quarantine.”
The startup has offices in San Francisco and New York. It is currently running a pilot with customers in the US and Europe. The startup has three paying customers already, including data privacy compliance software Lokker and crypto payment platform Mesh Connect. With the new investment, the company aims to expand its “technical expertise and build a robust go-to-market infrastructure.”