Artemis Raises $70M to Fight AI-Powered Attacks With AI-Native Security Platform

Artemis raises $70M to help fight AI-powered attacks with AI | Fortune

Felicis led the Series A with returning investors First Round Capital and Brightmind. The round was also joined by Theory VC and prominent cybersecurity industry leaders, including founders of Demisto and Abnormal AI, the former CEO and CTO of Splunk, and senior executives from CrowdStrike, Palo Alto Networks, Microsoft, and Okta. The company did not disclose the valuation it achieved in the new funding round, but a spokesperson said "they have closed a few seven-figure deals and are expecting multi-million dollars in ARR before the end of 2026." Clients already include Mercury, Wix, Lemonade and Abnormal AI. Hackers are now using AI to carry out attacks at machine speed -- sometimes in minutes -- while traditional security tools struggle to keep up, said CEO Shachar Hirshberg, a former AWS product leader who founded the company six months ago with CTO Dan Shiebler, previously head of AI at Abnormal Security and earlier a machine learning leader at Twitter. Most companies still rely on rigid, rule-based systems and a patchwork of disconnected tools, leaving security teams to piece together what happened only after damage is done. That gap is already becoming visible. Anthropic's recent Mythos preview highlights how AI can identify vulnerabilities at a pace that outstrips most organizations' ability to patch them. Artemis' idea is to fight AI-powered attacks with AI -- by constantly watching everything happening across a company (logins, cloud activity, apps, etc.), learning what "normal" looks like for that specific organization, and then instantly spotting when something seems off. Instead of sending a flood of confusing alerts, it tries to connect the dots into a clear story of what's happening and can even automatically shut down an attack -- like locking a hacked account -- before it spreads. "It was clear to us that the traditional architectures and products weren't cut out to what companies need in the age of AI," said Hirshberg, who also pointed to a March report from CrowdStrike that said the time to attack had gone down dramatically. More fundamentally, he argues, the threat isn't hypothetical -- it's already here. "This isn't just about the future getting worse," he said. "The capabilities that exist today are already incredibly powerful, and attackers are leveraging them right now." In addition, once attackers get in, they can automate large parts of the attack chain, said Shiebler. "That reduces the time defenders have to respond -- and demands a completely different approach to security," he explained. Also, AI enables less sophisticated attackers to send out more sophisticated attacks. "That just raises the bar on what defenders need to do in general," he said. Felicis partner Jake Storm pointed to a long-standing cycle in cybersecurity: periods of "bundling" and "unbundling" tools. In his view, AI is pushing the industry back toward a centralized "brain" for security operations -- one system that ingests data, reasons across it, and acts in real time. This would be a major shift from today's fragmented landscape, dominated by security information and event management systems like Splunk, which was acquired by Cisco in 2024 for $28 billion. Storm said that Artemis is effectively positioning itself as a next-generation alternative to Splunk that is built for an AI-driven threat environment. Still, the company is entering a crowded and rapidly evolving space. Nearly every major security vendor is racing to integrate AI into its products, while startups are proliferating with similar claims about autonomous detection and response. But Storm insisted that Artemis is positioned to win because it is built for a fundamentally different threat landscape where attacks are cheap, constant, and automated, and where traditional, human-driven security workflows are no longer viable.

Artemis reels in $70M to make breach remediation more efficent with AI - SiliconANGLE

Artemis reels in $70M to make breach remediation more efficent with AI Six-month-old cybersecurity startup Artemis Global Technologies Inc. today disclosed that it has raised $70 million in funding. The capital arrived in two tranches. Felicis led the largest of the two transactions, a Series A round, with participation from First Round Capital and Brightmind, the firms that backed Artemis' seed raise. The company's investor roster also includes executives at Microsoft Corp., Okta Inc. and other major tech firms. Artemis sells an artificial intelligence platform that helps enterprises remediate cybersecurity issues. The company positions its software as an alternative to traditional SIEM, or security information and event management, platforms. Those are applications that find threats by analyzing telemetry from a large number of technology assets. Loading telemetry into a SIEM platform can incur significant data streaming costs. According to Artemis, its platform addresses the challenge with a feature called federated querying. The technology analyzes cybersecurity telemetry in the system where it's generated, which removes the need to load the data into Artemis. The platform can analyze telemetry from cloud environments, employee endpoints and a wide range of other systems. It scans the data for threats using detections. Those relatively simple pieces of code that each focus on spotting a specific type of malicious activity. Artemis uses AI to automatically generate detectors and modify them when the threat landscape changes. When the platform finds a breach, it generates a visual timeline of how the cyberattack unfolded. Artemis could, for example, determine that an attempt to download files from a sensitive database was preceded by a change to a company's firewall settings. The timeline is displayed alongside a natural language incident description that contains more technical details. Administrators can bring up additional data about a breach by entering questions into a chat box. A user could, for example, ask Artemis whether similar incidents occurred in the past. The platform also generates remediation suggestions for each breach that it analyzes. For example, Artemis might recommend that administrators block the IP address from which a cyberattack was launched and rotate the passwords of compromised employee accounts. "Agentic threat hunting proactively looks for suspicious activities," Artemis chief executive officer Shachar Hirshberg (pictured, left, with co-founder and chief technology officer Dan Shiebler) wrote in a blog post. "Every security signal triggers an autonomous investigation that understands your baseline. You get a full story: here's what happened, here's the context, here's the evidence, here's what can be contained, here's what needs your judgment."

Artemis Emerges from Stealth with $70M to Rebuild Security Operations for AI-Powered Attacks

New platform from former Abnormal AI, AWS, and Palo Alto Networks leaders replaces static detection with adaptive, AI-native defense to combat autonomous threats at enterprise scale. NEW YORK, April 15, 2026 (Newswire.com) - Artemis, an AI-native protection platform that delivers real-time detection and automated response for a threat landscape where AI-powered attacks move at machine speed, emerged from stealth today with $70 million in combined seed and Series A funding, six months after founding. The Series A was led by Felicis with continued participation from previous investors and prominent cybersecurity industry leaders. AI-driven attacks are now carried out within minutes, adapt in real time, and never execute the same way twice. Legacy, rule-based detection was built for human-speed attacks; rules that take a week to write become outdated before they ship. Security teams are left manually stitching together context across dozens of fragmented tools spanning cloud, identity, endpoint, and network systems-under pressure and often after damage has already been done. Attackers move faster than defenders can respond, and the gap keeps widening. Artemis was built for a world where AI is fighting AI on the cyber battlefield, giving defenders the same speed and adaptability that attackers now have. The company works closely with some of the most advanced frontier AI labs and models, ensuring it stays at the cutting edge of how both attackers and defenders operate. At Artemis's core is a proprietary dynamic data model built from each customer's own telemetry, fusing behavioral log data across users, machines, cloud workloads, and applications with business context to understand whether an action makes sense for that specific organization. From that foundation, Artemis generates detections tuned to each customer, autonomously investigates every signal, and surfaces coherent attack stories instead of flooding security teams with noise. For example, if a privilege escalation in Okta coincides with unusual API activity in AWS, Artemis contextualizes both signals and surfaces a single correlated narrative rather than two disconnected alerts, eliminating the need for manual investigation. When conditions demand it, Artemis allows customers to close the loop at machine speed with automated responses, such as isolating a compromised identity before an attacker can move laterally. "We built Artemis as an AI-native defense system from the ground up," said Shachar Hirshberg, co-founder and CEO of Artemis. "The question isn't whether this model wins, but who builds it best. Some of the largest and fastest-growing companies in the world are among our first customers, and we're able to deliver value to them on day one. That trust matters, and we intend to earn it every day." Prior to founding Artemis, Shachar built and scaled security operations platforms at Palo Alto Networks and Demisto, which created the SOAR category and was acquired in one of the largest pure-play security operations transactions, before earning his MBA from Harvard Business School and joining AWS to lead GuardDuty, the largest cloud attack detection product in the world. "At the core of Artemis is a data model I've been iterating on for years," said co-founder and CTO Dan Shiebler. "The real breakthrough isn't just using better AI models, but in giving those models deep, structured understanding of how an organization functions, making reliable detection and automated response possible." Dan spent the last decade building large-scale AI systems and most recently led ML and AI at Abnormal AI, where he applied research from his PhD in machine learning at the University of Oxford to develop AI-powered detection systems powering one of the fastest-growing email security platforms in the market. In less than six months since company formation, Artemis is deployed in production and processing billions of events per hour for enterprise customers and other leaders in technology, banking, and financial services. Artemis works alongside existing security tools, complementing legacy SIEMs. Where traditional architectures require ingesting and storing all data upfront-a cost model that scales linearly with data volume and penalizes visibility-Artemis retrieves data on-demand from customers' existing cloud storage and log sources using federated queries, providing full visibility at a fifth of the cost. At a technology company with thousands of employees, Artemis's first scan surfaced multimillion-dollar cloud spend savings and shadow activity invisible to existing tools: over-privileged accounts, undocumented integrations, and workflows calling APIs with elevated privileges-insights that could only emerge from fusing behavioral log data with deep business context. Another early customer, a highly regulated company with tens of thousands of employees, is now completing investigations in under five minutes, a 96% reduction in time to resolution from their previous average. Using Artemis, these teams create custom detections within minutes and rapidly investigate their environments in natural language without needing to construct complex queries. "Artemis has built a truly world-class team with rare depth at the intersection of AI and cybersecurity, solving a problem that's becoming increasingly urgent as attacks grow in frequency and complexity," said Jake Storm, General Partner at Felicis. "Shachar's track record in building enterprise-scale security products and Dan's deep AI research background make them uniquely suited to tackle this problem together. Just six months after founding and while still in stealth, the team has seen enterprise inbound driven purely by word of mouth and early results. That level of demand at this stage is rare and signals the scale of the opportunity." "Having led the Humio acquisition at CrowdStrike that became the basis for their Next-Gen SIEM, I've seen exactly what it takes to disrupt large markets. I've heard the demand for a modern, highly complementary protection platform first-hand from the world's largest enterprises, and have a clear view that this is where the market is heading," said Gur Talpaz, General Partner at Brightmind. "AI-powered attacks require a fundamentally new approach to defense with AI at the foundation, and Artemis is building exactly that. We co-led the seed and doubled down in the Series A because of our core belief that Artemis is building something that others simply can't." The new funding will enable Artemis to expand its engineering, research, and go-to-market teams and deepen its platform as enterprise demand accelerates. Artemis helps security leaders be ready for a near future in which attacks unfold in seconds and human-in-the-loop response is no longer viable. About Artemis Founded by cybersecurity and AI veterans, Artemis is building an AI-native security platform for a threat landscape in which AI battles AI and attacks unfold in seconds. It replaces alert-driven workflows with real-time understanding and automated response. By modeling how organizations actually operate, Artemis enables security teams to detect, prioritize, and stop machine-speed attacks. To see Artemis in action or learn how it works in your environment, visit https://artemissecurity.com

Artemis Raises $70 Million to Counter AI-Powered Cyberthreats With AI | PYMNTS.com

By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions. That's according to a Wednesday (April 15) report from Fortune, which described the company's mission as using artificial intelligence (AI) to combat AI-powered cyberattacks. According to the report, Artemis' vision of fighting AI with AI involves constantly monitoring everything happening at a company, learning what "normal" looks like for the organization, and then identifying when something seems amiss. Rather than issuing multiple alerts, it attempts to create a clear narrative of what's happening and can automatically shut down an attack -- by locking a hacked account, for example -- before it can spread. The six-month-old company was founded by CEO Shachar Hirshberg, a former AWS product leader, and technology chief Dan Shiebler, whose resume includes time as head of AI at Abnormal Security and a machine learning leader at Twitter. "It was clear to us that the traditional architectures and products weren't cut out to what companies need in the age of AI," said Hirshberg, who pointed to a March report from CrowdStrike saying that time to attack had dropped dramatically. "This isn't just about the future getting worse," he added. "The capabilities that exist today are already incredibly powerful, and attackers are leveraging them right now." And once attackers get inside, they can automate large parts of the attack chain, said Shiebler, who argued this "reduces the time defenders have to respond -- and demands a completely different approach to security." He added that AI allows less sophisticated cyber criminals to nonetheless launch sophisticated attacks, which "just raises the bar on what defenders need to do in general." In other cybersecurity news, PYMNTS wrote earlier this week about the growing need for effective negotiators to deal with the rise of ransomware. "Ransomware has become a structured, global industry," that report said. "Organized cybercriminal groups now operate with business-like efficiency." Attacks no longer involve just encrypting files; they now include attempts at "double extortion," in which attackers threaten to leak stolen data if payment is not forthcoming. Ransomware negotiation is more about human interaction than technical expertise, even though it takes place via encrypted chat portals and anonymous communication channels. "Negotiators must quickly assess the attacker's credibility, determine whether stolen data will actually be released and gauge how flexible the ransom demand might be," the report added.