The age of manual cyber threats is over. AI has fundamentally shifted the power balance, driving a massive surge in the amount and sophistication of attacks. As generative AI and large language models are leveraged by threat actors to create hyper-realistic phishing and Business Email Compromise (BEC) campaigns at scale, human cybersecurity defenders are increasingly overwhelmed and drowning in the sheer volume and complexity of the new digital battlefield.
Asymmetric Security wants to flip the script. The company emerged from stealth this week, announcing a $4.2 million oversubscribed pre-seed round to build what it calls the first full-stack AI incident response platform.
The round was led by Susa Ventures, along with Halcyon Ventures, Overlook Ventures, and a “who’s who” list of angel investors including former Y Combinator president Geoff Ralston, Meta’s Charlie Songhurst, and Entrepreneur First’s Matt Clifford.
The 40-Hour Problem
The current state of digital forensics is a slog. When a major corporation suspects a breach, teams of high-priced consultants typically spend days, sometimes weeks, manually parsing through thousands of lines of logs, email headers, and cloud activity.
Asymmetric’s platform aims to shrink that window from days to hours, claiming a 10x reduction in both time and cost. By utilizing frontier AI models to ingest and analyze millions of data points across email, identity providers, and cloud apps, the platform can reconstruct an attack timeline in minutes.
Not Just Another Dashboard
While the cybersecurity industry is currently flooded with “AI-powered” tools, Asymmetric is positioning itself as an AI-native services firm. This means they aren’t just selling a software subscription; they are providing the actual investigation and response, backed by their own proprietary automation.
Key features of the platform include:
- Autonomous Evidence Collection: Rapidly pulling logs from fragmented environments like Microsoft 365, Okta, and AWS.
- Automated Timeline Reconstruction: Using LLMs to “read” and interpret the context of attacker movements.
- Human-in-the-loop Validation: Every AI finding is vetted by an elite human responder to ensure it meets the “gold standard” required for legal and insurance defensibility.
- Actionable Remediation: Generating defensive blueprints to ensure the same hole isn’t exploited twice.
The AGI Stakes
The timing for Asymmetric isn’t accidental. As AI labs like Anthropic and OpenAI push closer to AGI, the risk profile for enterprises is shifting. We are moving toward a world where autonomous agents are capable of executing multi-stage attacks without human intervention.
“Autonomous AI attacks are no longer hypothetical,” says Alexis Carlier, co-founder of Asymmetric Security. “AI model weight theft is now one of the most consequential security risks facing the West. We exist to make AI an overwhelming advantage for defenders.”
This “defensive AI” mission has helped Asymmetric recruit a heavy-hitting team from the likes of CrowdStrike, Palo Alto Networks, Stroz Friedberg, and academic powerhouses like Stanford, Oxford, and Cambridge.
What’s Next
The company has already cut its teeth on over 100 real-world investigations. With the new $4.2 million in the bank, Asymmetric plans to scale its engineering and incident response teams aggressively. While they are currently focused on BEC, the $55 billion “silent killer” of corporate espionage, they plan to expand into ransomware, insider threats, and nation-state level attacks in the coming year.
For investors like Chad Byers, General Partner at Susa Ventures, the bet is on the “full-stack” model. “Asymmetric is the best company in the cyber incident response market,” Byers noted, highlighting that the services business provides a “powerful distribution channel” into the broader enterprise market.