A’s $37 million raise shows how quickly offensive AI is moving from scary demo to enterprise budget line.
The old security rhythm is starting to look too slow. A company would hire outside testers, wait for a report, patch what looked urgent, then hope the environment had not changed too much by the time the next assessment came around. That worked when attackers moved at human speed. It looks weaker now that AI can help probe systems continuously.
That is the opening A is trying to take. The New York-based startup has emerged from stealth with $37 million in funding from Lightspeed Venture Partners, Cyberstarts and angel investors including Wiz CEO Assaf Rappaport and Cyera CEO Yotam Segev. Its pitch is direct: use AI to act like an attacker inside a customer-approved environment, find real paths to sensitive systems, then help close them before a breach turns into a board problem.
According to Fortune, A is led by CEO and cofounder Yossi Torati, with cofounders Omer Gull and Yuval Itzchakov, and the team comes out of the same Israeli cyber circles that have shaped much of the modern enterprise security market. Torati previously worked at Sygnia, the incident response firm known for handling major breach investigations. That background matters because this is not a dashboard company dressed up with AI language. The product is built around the attacker’s path, not just the defender’s checklist.
Rappaport’s name is doing real work in this round. Wiz was not simply another fast-growing security startup. Google completed its $32 billion acquisition of Wiz in March 2026, making it one of the clearest signals that cloud security had become core infrastructure for the largest technology companies. When the founder behind that outcome backs an offensive AI security startup, the market reads it as more than an angel check.
It suggests that the next budget shift may not be toward another scanner or compliance dashboard, but toward tools that prove whether defenses actually hold. Enterprises already have long lists of vulnerabilities. What they often lack is clarity on which weaknesses can be chained together into a real compromise. That distinction is important. A low-severity issue in isolation can become serious when it connects to exposed credentials, misconfigured cloud access or sensitive customer data.
A says its system runs the offensive lifecycle autonomously. In plain English, that means it is trying to do more than identify a possible weakness. It looks for the way in, follows the path, tests the blast radius and pushes the finding toward remediation. Fortune reported that in one early proof of concept, the system found 1.2 million sensitive customer records, including Social Security numbers, that had been exposed for seven years. The customer was not named, but the example explains the investor interest. Security buyers pay attention when a tool finds what existing processes missed.
Lightspeed partner Guru Chahal has framed the opportunity around speed. The window between discovery and exploitation is shrinking, and a manual test every six or twelve months cannot answer what is exposed today. That is where autonomous red teaming starts to sound less experimental and more practical. It gives security teams a way to test constantly without waiting for a calendar cycle.
The compliance pressure is also changing
The timing is not only technical. Public companies in the United States now operate under SEC cybersecurity disclosure rules that require disclosure of material cyber incidents within four business days after materiality is determined. That does not mean every bug becomes a filing. It does mean boards and executives need a stronger view of cyber risk before an incident happens, because the consequences of being surprised are higher.
This is where offensive AI can fit neatly into the governance conversation. A chief information security officer can tell the board that a vulnerability exists, or show that an attacker could move from a forgotten application to customer records in a few steps. The second version is harder to ignore. It also gives legal, finance and operations leaders a clearer basis for judging exposure before a real attacker forces the issue.
The category is already attracting capital. XBOW, another autonomous offensive security company, raised $120 million in March 2026 at a valuation of more than $1 billion. That does not guarantee A will win, but it confirms the market is forming quickly. Investors are betting that enterprises will need machines to test against machine-assisted attackers, just as cloud security tools grew once cloud infrastructure became too complex for manual controls.
There is still a trust problem to solve. Companies will not casually allow an AI system to break into production environments without strict controls, audit trails and clear rules of engagement. The startups that win here will need more than clever models. They will need reliability, explainability and the discipline to prove that autonomous testing reduces risk without creating new operational problems.
That is why this round is worth watching. A is not selling fear for its own sake. It is selling a response to a simple reality: attackers are getting faster, and periodic testing is losing relevance. The next phase of cybersecurity spending will likely favor tools that continuously show where the business can actually be breached. For enterprises, the practical takeaway is clear. If your defenses are only being tested on a schedule, your attackers may already be operating on a faster one.
Also read: Bending Spoons is testing Wall Street with a planned US IPO • SoftBank's AI selloff shows investors are testing the boom • Go prices Japan's biggest 2026 IPO at the top of its range
