Email remains one of the biggest gateways for cyberattacks, and with the rise of AI-driven phishing schemes, the problem is only growing worse. Two former Google security leaders, Cy Khormaee and Ryan Luo, have decided to take the fight to hackers by launching AegisAI, a startup that uses autonomous AI agents to stop malicious emails before they land in an inbox. The company has just emerged from stealth with $13 million in seed funding, co-led by Accel and Foundation Capital.
The Growing Email Threat
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), over 90% of cyberattacks begin with phishing emails. A recent CrowdStrike study revealed that phishing attempts generated by large language models had a staggering 54% success rate, compared to just 12% for human-written emails. These numbers highlight why stronger defenses are urgently needed.
How AegisAI Works
Unlike traditional email security platforms that depend on static rules and filters, AegisAI takes a different approach. The platform is built on a network of autonomous AI agents that collaborate in real time to identify and neutralize threats. Each agent is designed to specialize in a specific area, whether that’s scanning links, analyzing attachments, or spotting suspicious metadata and QR codes.
When a potential threat is detected, the orchestrating agent calls on its “buddies”—other AI models trained to evaluate different components. They analyze the message, exchange insights, and return a collective verdict. This dynamic structure makes it possible to catch novel attacks that older, rules-based systems might miss, while also reducing false positives by up to 90%, according to the startup.
Experience Behind the Vision
Khormaee previously led Google’s Safe Browsing and reCAPTCHA teams, where he helped protect billions of users against phishing and malware. Luo also worked on Google’s Safe Browsing team for nearly a decade. Their combined experience gave them a clear view of the limitations of legacy security tools and the opportunity to build something more adaptive.
Market Rollout and Future Plans
AegisAI can be installed on Google Workspace or Microsoft 365 accounts in under five minutes using an API. Customers receive an initial environment report within days, and after a brief read-only phase, the system activates its quarantine function.
Currently operating with a small team of six between San Francisco and New York, AegisAI is already working with clients in the U.S. and Europe, including data privacy platform Lokker and crypto payments firm Mesh Connect. With fresh funding in hand, the company plans to expand both its technology and go-to-market strategy as it prepares to take on one of cybersecurity’s toughest challenges.
