The cybersecurity world just got a major wake-up call. Armadin, a brand-new AI-native security startup, has raised $189.9 million in combined seed and Series A funding — what the company claims is a record for any security startup at so early a stage. Behind it is Kevin Mandia, one of the most respected names in cybersecurity, who is back with a mission that feels urgent: build autonomous AI defenders before autonomous AI attackers take over.
 |
| Credit: Getty Images |
Who Is Kevin Mandia, and Why Does This Matter?
If you follow cybersecurity at all, you know Kevin Mandia's name. He founded the security firm Mandiant back in 2004, turning it into one of the most trusted names in threat intelligence and incident response. In 2022, Google acquired Mandiant for a staggering $5.4 billion — a deal that underscored just how valuable elite cybersecurity expertise had become in the corporate world.
After the acquisition, Mandia didn't quietly retreat into retirement. He moved into venture capital, joining Ballistic Ventures, a security-focused investment firm co-founded by prominent security investor Ted Schlein. There, he stayed close to the frontier of emerging threats and the startups trying to solve them. Now, with Armadin, he's back on the founding side — and the problem he's set out to solve is arguably bigger than anything Mandiant ever faced.
What Is Armadin, and What Does It Actually Do?
Armadin is built around a single, urgent idea: autonomous AI agents are coming to cybersecurity, and they'll be used by both sides. The startup's goal is to give defenders — the so-called "white hat" security professionals — their own agentic AI systems capable of detecting, learning from, and responding to threats without requiring a human to intervene at every step.
In other words, Armadin wants to fight fire with fire. As AI-powered attackers grow more capable, human-speed responses will simply no longer be enough. The company's platform is designed to close that gap by putting intelligent, automated agents in the hands of the defenders.
Mandia's co-founders bring serious credentials to the table. Travis Lanham, a former principal engineer on Google Cloud Security, joins alongside Evan Peña, a former executive at the original Mandiant, and David Slater, who previously worked as an engineer on Google's security operations team. It's a founding team that blends deep enterprise security experience with the technical horsepower needed to build AI systems at scale.
A Record-Breaking Funding Round at an Extraordinary Stage
The $189.9 million raise is turning heads not just because of its size, but because of when it happened. Combining seed and Series A funding, this is believed to be the largest combined raise for a security startup at such an early stage — ever.
The round was led by Accel and included participation from GV, Kleiner Perkins, Menlo Ventures, 8VC, and Ballistic Ventures. Perhaps the most eyebrow-raising name on the investor list is In-Q-Tel, the CIA's venture capital arm. Its involvement signals that U.S. intelligence agencies view AI-powered cyber threats as a genuine national security concern — not a distant hypothetical.
To put the scale of this raise in perspective: some of the biggest early-stage rounds in security history came from companies that had already been operating for years before raising comparable amounts. Armadin is doing this right out of the gate. The company has not disclosed its current valuation, but with that roster of investors and the credibility Mandia brings, expectations are clearly sky-high.
The AI Threat That Keeps Security Experts Up at Night
What makes Armadin's mission feel so pressing right now? In short: the threat landscape is shifting faster than traditional security tools can keep up with. Mandia has been publicly vocal about his fears regarding AI-powered cyberattacks, and his concerns are shared by researchers, defense agencies, and government bodies around the world.
The core worry is this: AI doesn't just automate attacks — it makes them smarter, faster, and more adaptive. Where a human attacker might need days to plan and execute a sophisticated breach, an autonomous AI system could complete the same operation in minutes. It can probe for weaknesses continuously, learn what works, and adjust its approach in real time. It doesn't sleep, doesn't make tired mistakes, and doesn't need to be paid.
Mandia put it bluntly in a recent interview: when you put AI on offense, you get technology that can think, learn, and adapt. The attacks that used to take days will happen in minutes. That's not science fiction — security researchers and government agencies say AI is already lowering the barrier to launching sophisticated attacks, putting capabilities that once required nation-state-level resources within reach of far less sophisticated actors.
Why Autonomous Defense Is the Only Real Answer
Traditional cybersecurity operates on a human timescale. Analysts review alerts, investigate anomalies, and respond to incidents — a process that can take hours or days. When the attacker on the other side is an autonomous AI operating in real time, that response window simply isn't fast enough.
That's the fundamental gap Armadin is trying to close. By deploying AI agents on the defensive side, the company aims to match the speed and adaptability of AI-driven attacks. These agents can monitor networks continuously, identify suspicious patterns, respond to emerging threats automatically, and learn from each encounter to improve over time.
This isn't just about speed, either. Autonomous agents can handle the sheer volume of alerts and data that modern enterprise security environments generate — volumes that have long overwhelmed human teams. The promise isn't to replace security professionals but to give them an agentic force multiplier that can act at machine speed while humans focus on strategy and high-level decision-making.
AI Is Reshaping the Entire Security Industry
Armadin isn't emerging in a vacuum. The cybersecurity industry is undergoing one of its most significant transformations in decades, driven entirely by the rise of artificial intelligence. Startups, established vendors, and government agencies alike are racing to understand how AI changes both the threat model and the defensive toolkit.
What sets Armadin apart — at least on paper — is pedigree and specificity. Rather than broadly applying AI to existing security workflows, the company is building from the ground up around the idea that future threats will be autonomous, and that autonomous defense is therefore the only coherent response. The founding team's combined experience at Mandiant and Google gives them an unusually clear view of how enterprise-scale threats actually unfold in the real world.
The CIA's involvement through In-Q-Tel adds another dimension entirely. Government intelligence agencies don't invest casually, and their presence here suggests that autonomous AI attacks are already being treated as a genuine national security risk at the highest levels.
What Comes Next for Armadin
Armadin is still in its earliest days, and the company has not yet publicly detailed its product roadmap or disclosed which enterprise clients, if any, it is already working with. What is clear is that the founding team has the resources, the relationships, and the motivation to build quickly.
Kevin Mandia has done this before. He built Mandiant from a small startup into one of the most consequential security companies in the world, attracting Google's attention and a multi-billion-dollar acquisition. His return to the founding role, at this particular moment, with this particular mission, is hard to dismiss as just another startup launch.
The race between AI attackers and AI defenders is already underway. Armadin just announced, loudly and expensively, which side it's on.
