Ex-Google Security Leaders Launch AegisAI to Battle AI-Powered Email Threats
AI Agents Take on Sophisticated Email Attacks: Meet AegisAI
Email security is evolving rapidly, and the stakes have never been higher. As artificial intelligence enables cybercriminals to scale and personalize email attacks, a new generation of defenses is emerging. AegisAI, a startup founded by former Google security leaders, is taking a novel approach: using autonomous AI agents to intercept threats before they ever reach the inbox.
Why Email Security Needs an Upgrade
Phishing, malware, and business email compromise remain the top entry points for cyberattacks. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), over 90% of successful attacks begin with a phishing email. The rise of large language models (LLMs) has only made things worse—recent research found that AI-generated phishing emails in 2024 had a staggering 54% click-through rate, compared to just 12% for messages written by humans.
Introducing AegisAI: Autonomous Defense Against Modern Threats
Founded by Cy Khormaee and Ryan Luo—veterans of Google’s Safe Browsing and reCAPTCHA teams—AegisAI aims to stay ahead of attackers. Backed by $13 million in seed funding from Accel and Foundation Capital, the company is leveraging a network of AI-powered agents designed to analyze, detect, and neutralize threats in real time.
AegisAI co-founders Ryan Luo (Left) and Cy Khormaee (Right)
How Does AegisAI Work?
- Agent Network: AegisAI has developed over 10 specialized AI agents (with plans for many more) that collaborate to scrutinize every aspect of incoming emails—links, attachments, QR codes, metadata, and behavioral patterns.
- Real-Time Reasoning: When an email is flagged as suspicious, the orchestrating agent assigns tasks to other "buddy" agents. They analyze the content, reason together, and deliver a verdict, all autonomously.
- No Static Rules: Unlike traditional email security solutions that rely on fixed rules and require ongoing user training, AegisAI’s agents adapt and self-tune to identify new variants of attacks as they emerge.
AegisAI dashboard: Tracking users and blocked threats in real time
From Google-Scale Experience to Startup Innovation
Khormaee’s background includes leading Google’s security teams in protecting billions of users and millions of websites with services like Safe Browsing and reCAPTCHA. Luo, his co-founder, spent nearly a decade at Google as part of the Safe Browsing team. This expertise has shaped AegisAI’s approach to threat detection and rapid product scaling.
The startup claims its AI agents can reduce false positives by up to 90% compared to conventional email security platforms. AegisAI is also industry-agnostic, with tailored models for sectors like venture capital and financial services.
Easy Integration and Pilot Success
Getting started with AegisAI is straightforward: installation on Google Workspace or Microsoft 365 takes less than five minutes via API. Customers receive a detailed report on initial findings, and after a brief evaluation period, the system can begin quarantining threats automatically.
Early adopters include data privacy firm Lokker and crypto payment platform Mesh Connect. AegisAI is currently running pilots in the US and Europe, with a small but growing team based in San Francisco and New York.
Looking Ahead
With fresh funding, AegisAI plans to expand its technical team and build a robust go-to-market strategy. The founders are clear-eyed about the ongoing arms race with attackers. As adversaries adapt, AegisAI’s network of AI agents will grow and evolve to stay a step ahead.
