RunSybil Raises $40M to Build the AI-Native Platform for Offensive Security
FOR IMMEDIATE RELEASE
Funding led by Khosla Ventures, with participation from S32, Anthology Fund, Conviction, and Elad Gil
SAN FRANCISCO, March 18, 2026 — RunSybil today announced $40M in total funding to accelerate customer development for its AI-native offensive security platform. The round was led by Khosla Ventures, with participation from S32, the Anthology Fund from Anthropic and Menlo Ventures, Conviction, and Elad Gil, along with angel investors including Nikesh Arora, Amit Agarwal, Jeff Dean, and other founders and leaders from OpenAI, Palo Alto Networks, Stripe, Google, and more.
The Offensive Security Visibility Gap
Most security tools today focus on static code analysis, scanning applications for known vulnerability patterns. But this approach misses how attackers actually operate: dynamically exploring systems, chaining vulnerabilities together, and probing authentication boundaries to find paths to sensitive data. The result is that organizations often discover critical security gaps only after they've been exploited.
Traditional penetration testing addresses this gap but remains a manual, expensive process that most organizations can only afford annually or quarterly. Bug bounty programs provide ongoing testing but with unpredictable costs and inconsistent coverage, as researchers focus on easy-to-find vulnerabilities rather than comprehensive security assessment.
AI-Native Offensive Security
RunSybil's platform is the first black-box approach whose AI agents conduct comprehensive security testing without requiring source code access. The platform dynamically explores systems the way expert attackers do: discovering forgotten endpoints, exploring authentication boundaries, and chaining vulnerabilities together using only external interfaces.
"Traditional security testing only looks at what you tell them to test. Bug bounty hunters cherry-pick obvious targets. Both approaches miss huge chunks of your actual attack surface," said Ari Herbert-Voss, CEO and cofounder of RunSybil. "We're the first to provide comprehensive black-box testing using AI to reason like a security researcher and find critical vulnerabilities without ever seeing a line of code."
Unlike code review tools like Claude Code or OpenAI Codex, Sybil reasons like an attacker: interacting with systems dynamically, exploring authentication boundaries, finding and validating vulnerabilities, and surfacing real data exposure. RunSybil built the category that legacy scanners and LLM-based code reviewers can’t touch: autonomous offensive security testing that mirrors attacker intuition. The world’s most security-conscious enterprises use Sybil to find the vulnerabilities that actually matter, before someone else does.
Sybil is the only security platform that runs live exploitation using AI agents that learn about the target, getting better and more efficient with experience. Traditional tools either scan code without testing it live, or test blindly without understanding the underlying system.
When testing a major financial platform, Sybil discovered and exploited a lower severity vulnerability, then used that knowledge to systematically probe hidden endpoints, leading to a second vulnerability that allowed anyone to access all customers with a single unauthenticated request—a critical flaw that traditional black-box tools missed entirely.
“This style of meticulous persistent attacker behavior is what companies value from security teams. It is a skillset that is notoriously difficult to find,” said Vlad Ionescu, CTO and cofounder of RunSybil. “We built Sybil with the experience of the best red teamers in the industry, now everyone who runs Sybil has that power.”
Customer Validation
RunSybil already works with high-growth startups like Cursor, Turbopuffer, Notion, Baseten, and Thinking Machines Lab, as well as major financial institutions and Fortune 500 companies. Early customers report finding critical vulnerabilities that had gone undetected through traditional bug bounty programs and security assessments, while reducing false positives by over 90% compared to conventional scanning tools.
“RunSybil’s approach to security testing represents a fundamental shift in how organizations will defend modern software,” said Vinod Khosla, founder of Khosla Ventures. “We invest in founders who tackle large, unsolved problems with technically ambitious solutions. Ari and Vlad are building exactly the kind of platform security teams will need as software complexity and AI-driven development accelerate.”
The funding will deepen RunSybil’s engineering investment, expand its security research capabilities, and accelerate go-to-market. The company is actively hiring engineers, researchers, and customer-facing talent to meet growing enterprise demand.
About RunSybil
RunSybil is building the AI-native platform for offensive security. The Sybil platform dynamically understands your infrastructure and applications to find exploitable vulnerabilities the way attackers do, going beyond code analysis to uncover authentication flows, data exposure, and chained vulnerability paths. RunSybil is backed by Khosla Ventures, S32, Anthology Fund, Conviction, and Elad Gil. For more information, visit runsybil.com.