Navigating Cyber + AI: Early Signals from 85+ Startups

The intersection of cybersecurity and AI is rapidly reshaping enterprise risk — and creating powerful new opportunities for technical founders.

Over the past several months, we’ve mapped over 85 early-stage startups operating at the frontier of Cyber + AI innovation. These companies are tackling some of the most urgent challenges and emerging needs we’re seeing inside enterprises: securing AI systems and usage, transforming security operations with intelligent automation, and reshaping user and application security.

In this Operator Insights post, we take a closer look at where innovation is happening, how early customer needs are forming, and where founders have the chance to define entirely new categories. Rather than treating "Cybersecurity + AI" as a monolith, we believe two distinct but interconnected waves are emerging:

• AI for Security: Applying AI to improve core cybersecurity workflows and defenses.

• Security for AI: Protecting the use, deployment, and operation of AI technologies.

Both sides of this frontier are still early. Both are moving faster than traditional security markets have moved in decades. Founders who understand the nuances — and where early traction is forming — will have a real advantage.

Here’s a closer look.

AI for Security

AI for Identity

Identity management remains deeply tied to complex workflows — and complexity breeds risk. AI is starting to automate identity governance, entitlement management, and privilege escalation handling. New approaches are also surfacing in emerging subfields like Identity Security Posture Management and Identity Attack Surface Management, where continuous, intelligent assessment is critical.

AI for Data Security

Securing data is no longer just about classification — it’s about understanding data within business context. AI is enhancing security by dynamically classifying data, assessing operational risk, and explaining vulnerabilities in terms business and compliance teams can act upon.

AI for Application Security

The explosion of AI-generated code is creating both opportunity and risk. New tools are automating code scanning, prioritizing fixes based on business impact, and helping security teams keep pace with rapidly expanding application footprints — all while addressing the reality that AI-driven development can introduce new, subtle vulnerabilities.

AI for User Security Automation

Engaging end users meaningfully has always been a cybersecurity challenge. AI is now enabling security teams to personalize messaging, nudge behavior, and drive real-time risk mitigation at the user level—moving beyond awareness into active security behavior shaping.

AI for Deepfake Detection

Synthetic media threats are growing rapidly, impacting industries from finance to critical infrastructure. New systems are using AI itself to detect deepfakes and authenticate digital assets, providing early defenses against impersonation, misinformation, and trust erosion.

AI for Security Awareness Training

Traditional security awareness models are being reimagined. AI-driven training systems can adapt content dynamically based on real-world behavior and risk signals, helping organizations move from one-size-fits-all annual training to continuous, personalized security coaching.

AI for Red Teaming

Offensive security is being augmented by AI-driven simulation platforms that continuously model attacker behaviors, stress-test defenses, and identify exposures earlier and at greater scale than manual exercises alone.

AI for Security Operations, Response, and Threat Hunting

Security operations centers are evolving from alert-driven triage to outcome-driven operations. AI systems are correlating telemetry across environments, autonomously investigating incidents, and proactively hunting for threats — freeing human analysts to focus on strategic analysis and complex escalation scenarios.

Security for AI

Security for Employee Use of AI

As generative AI tools proliferate across the enterprise, securing how employees interact with AI systems has become a new front in cybersecurity. Solutions are emerging to monitor prompt activity, assess data sensitivity in AI interactions, and enforce policies around the use of external AI services. Protecting proprietary information and ensuring regulatory compliance in AI-assisted workflows is quickly moving from theoretical risk to operational priority.

Security for AI Applications, Models, and Data

Organizations face growing challenges in protecting the AI systems they build and operate. This includes safeguarding training datasets, securing model outputs, defending against prompt injection attacks, and validating the trustworthiness of AI-driven decisions. A new layer of security visibility and enforcement is emerging specifically for AI systems — laying the foundation for AI application security as a first-class discipline.

Foundations Matter:
Building Cyber + AI for the Long Term

AI is quickly becoming the next foundational shift in cybersecurity — not as a bolt-on feature, but as a core architectural advantage. Startups that weave AI into the fabric of their products, operations, and customer workflows will have a fundamental edge, just as cloud-native companies outpaced those who treated the cloud as an afterthought.

Today, the Cyber + AI frontier is opening on two fronts: applying AI to security operations, and securing AI itself as it permeates enterprise environments. The opportunity is real and urgent. AI has the potential to make security faster, smarter, more resilient — and to free teams from the endless slog of manual investigation and fragmented tooling. Founders who move early and architect for these shifts will define the next era of cybersecurity.