Security Startups funded by Y Combinator (YC) 2025

Kestrel is an AI-native cloud incident response platform that brings self-healing to cloud infrastructure. It monitors cloud and kubernetes infrastructure 24/7, finds root causes, and generates exact fixes - so incidents get resolved in seconds instead of hours.

Veria Labs is developing AI agents that hack better than the best human hackers. Founded by members of the #1 US competitive hacking team, we've already manually found critical bugs in AI tools, operating systems, fintech and billion dollar crypto exchanges. Now we're scaling that expertise through AI-native security tooling that operates faster than human researchers while finding deeper, more complex vulnerabilities that traditional tools miss.

The agentic era is here, but its foundation is dangerously insecure. A growing number of high-profile "AI agent gone rogue" security incidents make headlines each week. As enterprise adoption of agentic software has far outpaced the development of applicable cybersecurity solutions, CISOs have loudly voiced a growing need for verifiable, fine-grained security controls on complex multi-agent systems. That's why we built Multifactor. Multifactor offers best-in-class authentication, authorization, and auditing technologies for agentic systems, allowing users to securely and revocably share online accounts with agents while maintaining fine-grained permissions and a detailed event history. We are doing for AI security what Cloudflare did for web security, Okta did for identity security, and Wiz did for cloud security: defining the category. A world-class "account manager" that allows agents to securely use online accounts on your behalf is just the start—our early enterprise partners include companies using AI agents to manage $7.5+ billion manufacturing supply chains, where the consequences for lapses in security are severe. Our patented AI security technology seamlessly integrates with existing agentic software to thwart attacks like prompt injection, so CISOs and end users alike can breathe a sigh of relief, without slowing the pace of AI adoption.

GhostEye uses autonomous AI agents to test how attackers exploit human vulnerabilities to compromise organizations. Just as red teams simulate technical attacks against infrastructure, we simulate sophisticated social engineering campaigns and beyond against people. Our multi-agent platform validates complete attack paths from initial human compromise to data exfiltration, providing security teams with actionable intelligence about their true human attack surface exposure before attackers find it.

Alter is a zero-trust identity and access control platform purpose-built for AI agents. It wraps every tool call in strong authentication, fine-grained authorization, and real-time guardrails, so agents can move fast without breaking things. Each request is verified at the parameter level, authorized against granular policies, executed with least-privilege access, and fully audited in real time. Unsafe actions, whether it’s a rogue DROP TABLE or a payment above policy limits, are blocked before they touch production. Behind the scenes, Alter manages credentials, issuing ephemeral, scope-narrowed access for every interaction, then rotating or expiring it in seconds. The result: no long-lived secrets, no blind spots, and no surprises in audit. With Alter, teams can move fast on AI agent initiatives while staying fully compliant with SOC 2, HIPAA, GDPR, and internal security standards. A CISO-ready dashboard delivers real-time visibility, detailed audit logs, and compliance-ready controls, removing silos, eliminating excessive permissions, and providing complete oversight of every agent workflow.

Probo acts like your compliance team. You tell us how you work, and Probo does the rest: 1. Set the right requirements - not overkill 2. Handle docs, risks, controls, evidence 3. Run the audit 4. Keep everything up to date afterward Founders shouldn’t lose weeks to this stuff. Even one day is too much.

Casco helps companies confidently ship AI agents and apps by simulating attacks on their AI systems, identifying vulnerabilities, and providing guided remediation. Companies building on AI face a disproportionate amount of cybersecurity threats. 73% of enterprises experienced at least one AI-related security incident in the past 12 months, with the average incident cost amounting to $4.8m. It also takes 40% longer for these companies to identify and address these breaches vs. non-AI related incidents. Check if your AI system is secure at casco.com --- We already secure AI systems deployed in 60% of Fortune 500 companies and are default alive. [1] [1] http://www.paulgraham.com/aord.html

Theorem is training models that make program verification 10,000 times faster. Using verification as a feedback loop, developers have found zero-days in GPU accelerated code and cryptography implementations, and sped up code migration in legacy systems. If you have complicated code that needs to be correct and secure, sign up for our beta!

MindFort is building fully autonomous AI agents powered by their in-house models that can find, exploit, and patch complex vulnerabilities in web applications at massive scale. MindFort agents use the same principles as human penetration testers to understand their target and figure out the best ways to work together to exploit it. We can do fully autonomous AI web pentesting. While security teams were already behind with legacy tools and processes, AI coding is make the problem worse. AI generates code far faster than human teams can secure it; MindFort can match that speed and scale. Our agents will become critical as organizations scale up development with AI.

Cotool is an agentic security platform that eliminates manual and repetitive work for security teams. Today’s cybersecurity teams remain bogged down by alert fatigue, context switching, and documentation overhead. Security teams don't need more dashboards with "AI-powered insights" — they need their time back. Cotool empowers teams to build security their way. Our platform provides an AI co-pilot that automatically assembles context across tools, a no-code agent builder that transforms successful investigations into reusable automations, and automated report generation, providing comprehensive documentation in seconds. Unlike solutions that force teams to adapt to vendor workflows, Cotool puts the power of AI directly in practitioners' hands, letting them shape tools around their unique processes. Early users have already cut time spent on investigation and detection engineering by 70%.

Golf is the security gateway for enterprise MCP servers. We give organizations a single entry point to control, monitor, and secure their MCP infrastructure.

Better Auth is a comprehensive authentication framework for TypeScript that lets you implement everything from simple auth flows to enterprise-grade systems directly on your own database, embedded in your backend. It’s loved by developers all over the world and endorsed by leading voices in the ecosystem. On top of the framework, Better Auth also provides an infrastructure layer to help you scale with user management and analytics, bot and fraud detection, transactional email and SMS, global session storage and more.

Tinfoil makes it easy to make your AI workloads provably private, without changing your code. You get the privacy of on-prem deployments, while running on the cloud. We’ve built a full-stack platform on top of the latest NVIDIA GPUs offering confidential computing capabilities, meaning that you don’t have to tradeoff performance for privacy. Under the hood, we integrate a suite of recent advances in secure hardware technologies, in particular NVIDIA’s confidential compute mode available on Hopper and Blackwell. When combined with Tinfoil’s software stack, companies can prove their security claims rather than relying on unenforceable statements like "trust us, we don’t log your queries.” Tinfoil guarantees that all data always stays private and cannot be accessed by anyone other than the end user — not even by Tinfoil or the cloud provider it’s processed on. The founding team combines deep academic and industry experience in security and internet protocols. Tanya was previously a systems engineer at Cloudflare, where she built Internet security protocols used by billions, and contributed to the Workers AI platform. Jules and Sacha recently completed their PhDs at MIT where they worked on secure hardware and privacy-preserving technologies. Jules has also worked at NVIDIA on their confidential computing team. Nate has deep infrastructure experience, starting in high school when he built a mini-CDN that got him an internship at Cloudflare. Tinfoil was born from our personal frustration with the false choice between access to powerful AI and data privacy. As AI becomes tightly integrated into our lives and business workflows, it will touch an ever increasing amount of sensitive personal and proprietary data. Right now, the only solutions are DPAs, band-aids like PII redaction, or the nuclear option of running everything on-prem. These solutions are not scalable. By making it easy to deploy provable privacy, Tinfoil promises to unlock significantly deeper AI adoption and integrations, just as TLS on the Internet enabled e-commerce to flourish by securing credit cards on the network. If OpenAI is creating “God in a box”, we are putting God in a blackbox, so Satan can’t spy.

Communications channels are your company's most critical blindspots. While traditional monitoring focuses on files and network traffic, risks hide in everyday conversations. Haleum AI leverages the latest in LLMs to stop financial fraud, IP theft, compliance violations, and insider threats across your communication platforms

Conntour lets governments and corporations query their security cameras. Users can search past footage (“Find a man with a blue backpack”), set alerts (“Notify me if someone climbs over the wall”), and extract data (“How many vehicles entered yesterday?”). We just completed an $80K POC with the Singapore government, which was a great success, leading us toward a $2M/year contract. That’s only one of five huge customers we’re set to close in the next few months. Matan (CEO) worked with security cameras for years, leading video surveillance in the Israel Defense Forces. Tomer (CTO) is a second-time founder and former director of engineering. Our team also includes computer vision experts from Israel’s elite 8200 intelligence unit and former top officials from the Mossad. The problem with existing solutions is that they offer low customization, as they’re limited to pre-defined parameters (like shirt color or license plate number). This lack of flexibility causes missed critical events, too many false alarms, and countless hours wasted on manual footage review. Conntour solves this by offering unlimited customization through natural language queries - just ask anything.

SubImage builds maps of your infrastructure to give you visibility on what assets you have and how they relate to each other. This enables any security team to deeply understand their environments and reduce risk. SubImage is a managed offering built around the Cartography open-source project, and is founded by members of Cartography's original team.

We built Gecko for teams that want to build secure code quickly without wasting time on security tools that don’t deliver results, or relying on one-time human pentests that quickly become outdated. Gecko uses AI to understand how your application should work, simulates relevant attacks to find critical vulnerabilities, and then verifies these vulnerabilities by exploiting them. It also helps you understand the risk of these vulnerabilities and applies a working fix to keep your code secure.

Winfunc (winfunc.com) is an AI Hacker that autonomously finds, verifies, and patches security vulnerabilities in codebases, just like a human security engineer would. Winfunc can find business logic errors with context-aware scanning and automate the full auditing cycle to generate reports with zero false positives. Winfunc's agent has found vulnerabilities in Google, Supabase, Sentry, Cal, Gumroad, Bun, Hoppscotch, etc.

Clearly AI automates security and privacy reviews with AI. We performed hundreds of reviews at Amazon and Moveworks and now we're building the product we wish we had. Our users complete reviews in minutes instead of days. Emily and Joe are technical co-founders and senior engineers. We met in 2019 while working on an Alexa security review.

ZeroPath is a developer tool that autonomously detects, verifies, and submits fixes for vulnerabilities in your code. Engineers can use ZeroPath to find security problems that they might only otherwise catch in pentests or from bug bounty researchers.

Open-source software for detecting AI-generated images (diffusion, GAN, deepfakes).

Delve helps fast-growing teams get compliant with an AI-automated platform. Serving hundreds of companies on frameworks like SOC 2, HIPAA, ISO 27001, GDPR, PCI DSS, and more.

Shiboleth automates consumer lending compliance for financial institutions using AI. Banks and fintechs use us to save months of manual work by automating audits and drafting reports for the governments. LLMs allow whole categories of manual compliance processes to be automated in ways that weren’t possible until recently. We are excited to automate back-office operations and enhance consumer protection in one of the most litigious industries.

Superagent makes AI products safe and compliant. We provide defense models and adversarial tests that prevent safety and compliance failures in AI agents and give companies the proof they need for enterprise deals. Our small language models, Guard, Redact, and Verify, run inside agents to stop prompt injections, data leaks, and unsafe outputs. Our tests measure prompt resistance, data protection, and factual accuracy so teams know how their system behaves under pressure.

CompliantLLM detects every data leak into third-party GenAI tools used in your company by monitoring employee interactions. Security and tech leaders get visibiliity and control over the data flowing into various Gen AI apps used in their organizations.

Metalware develops advanced firmware security solutions for critical infrastructure, protecting industries like aerospace, defense, automotive, telecom, and healthcare from cyber threats. Our product is an automated, intelligent binary fuzzer that enables organizations to efficiently discover and remediate security weaknesses in hardware products before deployment.

Corgea helps engineers ship code and not vulnerabilities. It's an AI-powered SAST, unlike traditional SAST with tons of false positives, Corgea can find vulnerabilities like business logic flaws, API vulnerabilities, and broken authentication with little false positives (<5%). It also writes security fixes for engineers to approve.

Roundtable Proof of Human is an API that invisibly detects bots and verifies human identity. Founded by 2 Princeton cognitive scientists, Roundtable leverages world-class research with enterprise-grade accuracy and latency so websites can verify their human users friction-free.

Build safer platforms with Intrinsic. Get access to the best safety technologies from one unified API. Enable your Trust & Safety team to tell cohesive stories from policy to product, to enforcement. Michael and Karine first met two years ago at Apple’s Fraud Engineering, Algorithmic Risk team, which evolved to become Apple’s Trust & Safety function. We are both engineers and helped solve online abuse problems, including spam, botting, account security, and developer fraud for Apple’s customer base of over a billion users.

Escape fits right into your modern stack and helps teams secure modern applications— Document all your APIs & front-end applications in minutes and discover vulnerabilities even at a business logic level with our proprietary AI-powered algorithm.

Adri is built for enterprises that are buying AI. Our patented software monitors the AI vendor's infrastructure and detects any intentional or accidental misuse of your proprietary data. We help you buy AI that you can trust.

Infisical is the leading open-source platform to manage secrets, certificates, configs, and access across your team and infrastructure. Infisical stores your secrets and injects them back into your development workflow, CI/CD pipelines, and cloud infrastructure. It comes with secrets versioning, point-in-time recovery, audit logging, automatic secret rotation capabilities, and more.

90% of security breaches are caused by a simple employee mistake. Your employee clicks a bad link, and gives up their password. They download ransomware from an email and run it. They leak your intellectual property and sensitive customer data to ChatGPT. Repacket allows your employees to enjoy the internet without risk - instantly blocking threats like phishing and sensitive data leaks. This gives your employees the ability to make that mistake without impacting your company. Repacket is built for smaller companies, who may not have dedicated IT or security people to run the show. We install in 60 seconds and give your employee instant protection where they need it most. Founded by cybersecurity leaders from SpaceX, AWS, and Google - we're building the easy button for cybersecurity.

Matano is a modern SIEM, built for cloud-first security teams. It replaces traditional SIEM databases like Splunk or Elastic with a cybersecurity platform built on top of a cost-effective Security Data Lake.

Overwatch Data offers real-time, actionable intelligence tailored for your fraud, security, and strategic insights teams. Our platform provides a comprehensive and contextualized view of opportunities and risks, drawing on the surface, social, and deep web, thereby enabling faster, data-driven decision-making.

Oneleet helps companies become secure and compliant through an all-in-one solution that combines automated tools and human expertise. Oneleet has built the second generation of security compliance automation software, providing tools that go beyond what is classically provided for just compliance alone. Tools like a code security scanner, attack-surface management, access reviews and trust portal are all built in. As the most popular, highest rated and most frequently used platform in the YC community, Oneleet has quickly established itself as the preferred and superior alternative to other incumbents. The founder behind Oneleet has spent the past 10+ years helping companies become more secure by performing penetration tests.

Reality Defender’s deepfake detection platform empowers enterprises to flag fraudulent users and content (audio calls, videos, images, documents). Our API and web app provides real-time risk scoring, reporting, alerts, and forensics review. Our team spent 20+ years at Google, Goldman Sachs, and the Intelligence Community at the intersection of data science and cybersecurity. Customer Use Cases: • Voice Voice Fraud (Ie. Realtime detection of AI generated voices for banks and call centers) • Onboarding KYC (Ie. Anti-fraud to identify fraudulent users and materials) • Content Moderation (Ie. Social media, e-commerce, marketplaces, dating, streaming) • Disinformation Detection (Ie. News, defense, government) Website: www.realitydefender.com Contact: ask@realitydefender.com YC AMA: https://news.ycombinator.com/item?id=30766050

From content moderation to responsible AI, Cinder empowers businesses to orchestrate and automate digital safety at scale. Cinder was founded to help organizations foster safe online spaces for everyone. Our platform empowers companies from start-ups to enterprises with end-to-end capabilities to mitigate harm, investigate abuse, and produce trustworthy and reliable AI outcomes. Building your world-class company means keeping your users and community safe—Cinder unlocks faster growth by making safety easy. We work with customers in every industry from frontier AI labs to e-commerce and social media.

Bunkyr enables companies to protect their users’ data with a simple, hardware-secured API. When a user forgets their password, applications using Bunkyr can provide them a familiar, robust recovery method to restore access to encrypted data. Zero-Knowledge architectures and end-to-end encryption are the only true safeguards against data breaches, but come with large user-experience burdens and engineering overhead. Bunkyr eliminates these obstacles in a way that is friendly to both developers and users, cost-effective, and extremely fast. Users won’t even know Bunkyr exists, while their data stays protected against both breaches and lost passwords.

Firezone connects your workforce to the computing resources they need, wherever they are, securely. Unlike traditional VPNs, Firezone uses a least-privileged approach to access control known as Zero Trust Access. Connect your identity provider and define granular policies in minutes, then rejoice in the IT support requests you won't receive due to our lightweight, WireGuard-powered clients which work great on all platforms.

Strac is an agentless Data Discovery (aka DSPM - Data Security Posture Management), Data Classification & DLP (Data Leak Prevention) that automatically discovers, classifies and remediates sensitive data (alert, label, redact, mask, block, delete). Strac protects SaaS, Cloud, Gen AI, Browsers, On-Prem and Endpoints like O365, Slack, GDrive, AWS, Salesforce, ChatGPT, Jira, Mac, Zendesk, Azure, On-Prem (On-Prem, MS SQL SAP) and 40+ integrations. Strac protects enterprise companies like UiPath, Databricks, thredUP, B Capital, Crypto (dot) com!

Agency specializes in multi-party security and compliance scenarios; we are the Palantir of compliance. We serve the most innovative companies and their teams working on critical challenges and transformative technologies by helping them achieve standards like SOC2, ISO 27001, CMMC, NIST, HIPAA, and GDPR that meet the highest levels of scrutiny from third parties. Our patented platform, Verse, integrates with GRC software like Vanta, cloud infrastructure, and your endpoints to securely handle complex multi-layered configurations, such as remote contractor use, BYODs, and federated client-hosted application deployments. Our managed security and compliance team helps high-growth software companies meet rigorous standards as quickly as possible by doing it for them. Our ETDR program enables organizations to prevent threats directly targeting their employees' personal devices, data, and online accounts while respecting their privacy. We provide customized solutions to prevent insider threats, data loss prevention, and threat intelligence while safeguarding personal privacy.

There are three key roles among a community: The security Guard The resident The administrator When a visitor tries to access a designated community, the security guard must require an ID previously to allow entry. He proceeds to communicate with a specific resident through a intercom which is almost always broken or under repair, delaying the visitor’s entry to the compound WE come in, by interconnecting the security guard with the resident and the administrators through an app and a tablet we provide to make all the process of access pretty smooth and easy. When a visitor comes in, the security guard must only: Take a picture of its ID, using the tablet, Select the apartment, so the resident receives a pop up notification through which they can deny or approve the access. Last but not least, An even easier way has been developed by Munily which utilizes QR codes generated through Whatsapp. Which visitors just show and security guards scan to allow entry.

Palitronica builds and deploys cutting-edge solutions to defend critical physical infrastructure and its supply chain. By using side-channel information from endpoints, Palitronica provides a safe attack detection capability retrofittable to critical systems.

Optery is automated opt out software, and we serve individuals, families and businesses. With Optery, you can remove yourself from hundreds of data brokers that are posting and selling your home address, phone number, email and other private information on the internet. Optery received the “Editors’ Choice” award by PCMag as the most outstanding product in the personal data removal category in 2022, 2023, 2024, and 2025, the Cybersecurity Excellence Awards for Attack Surface Management, Digital Footprint Management, and Employee Privacy Protection in 2024 and 2025, Cyber Defense Magazine’s Top InfoSec Innovator and Best Attack Surface Management awards in 2024 and 2025, the 2025 Fortress Cybersecurity Award for Privacy Enhancing Technologies, and Fast Company’s Next Big Things in Tech award for security and privacy in 2023. In 2025, Optery was also listed by Business Insider as one of 30 early-stage startups most likely to become a unicorn. Optery prevents phishing and social engineering, identity theft and fraud, online stalking and harassment, ransomware, doxxing, and prevents people's private information from showing up in Google search results. Anyone can create a free account to receive a personalized Exposure Report with live screenshots summarizing where your information is being posted and sold online. Optery then provides free tools for self-service removals, or you can upgrade to a paid plan, and Optery will remove the profiles for you. Optery for Business serves enterprises removing personal information from the internet for their employees and executives, and offers an API enabling application developers to embed data broker scanning and removal technology into their applications.

Feroot (YC W21) is the leading compliance and security platform for b2b websites that helps you easily achieve and maintain compliance with PCI DSS 4.0.1, CCPA, CIPA, HIPAA and 50+ data privacy regulations.

Hyperbrowser.ai is the internet infrastructure for AI agents. We provide instant, scalable browser infra with built-in CAPTCHA solving, proxy management, and anti-bot detection. Developers use us to power their AI agents for data collection, testing, and web automation at scale. We're backed by YC, Accel, SV Angel, and others.