New York-based Adaptive Security has secured $43 million in a Series A round co-led by Andreessen Horowitz and the OpenAI Startup Fund – the latter making its first investment in the cybersecurity space. The company is betting on artificial intelligence not just to defend against attacks but to actively simulate them, training employees to recognize subtle signs of AI-powered social engineering.
Key Points:
- First cybersecurity investment for OpenAI's Startup Fund
- Adaptive Security simulates deepfake attacks to train employees
- Company has grown to over 100 enterprise customers since January launch
- Funding will expand R&D team to stay ahead in AI security "arms race"
The investment comes as AI-powered social engineering attacks pose an increasingly sophisticated threat to organizations. Adaptive Security's platform simulates these attacks—including deepfake voice calls, spoofed emails, and text messages—to train employees to recognize and respond to these next-generation threats.
"AI is reshaping the cybersecurity threat landscape faster than most organizations can respond," said Ian Hathaway, partner at the OpenAI Startup Fund. "Adaptive is building exactly what the industry needs — an AI-native defense platform that evolves as fast as the attackers."
The cybersecurity startup has moved quickly since its public launch in January, already securing over 100 enterprise customers including First State Bank, Podium, the Dallas Mavericks, and BMC. The new funding will primarily go toward expanding its research and development team.
What makes Adaptive Security's approach different is its focus on the human element of cybersecurity. Rather than just offering software that detects malicious code, the company creates realistic attack simulations that test how employees respond to sophisticated social engineering attempts.
In one scenario, an employee might receive what appears to be a call from their CTO asking for verification codes. When they fall for these simulated attacks, the platform delivers immediate training. The system also analyzes reported suspicious messages in real-time, scores risk levels, and helps security teams prioritize responses.
The timing of this investment reflects growing concern about deepfake technologies. According to reports cited by Adaptive, a deepfake attack attempt occurred approximately every five minutes in the U.S. in 2024, suggesting more than 100,000 incidents throughout the year.
"The rise of AI-powered social engineering represents one of the most urgent cybersecurity threats of our time," said Brian Long, CEO and co-founder of Adaptive Security. "Attackers can now create AI personas of anyone, turning routine communications into sophisticated fraud attempts."
Long is no newcomer to the startup world. His track record includes founding mobile ad startup TapCommerce (sold to Twitter in 2014) and ad-tech firm Attentive, which was valued at over $10 billion in 2021. This experience likely helped attract the impressive roster of investors, which beyond the co-leads includes Abstract Ventures, Eniac Ventures, CrossBeam Ventures, K5, and executives from Google, Workday, Shopify, Plaid, and Paxos.
For organizations concerned about these emerging threats, Adaptive's approach offers a practical solution: use AI to fight AI. By simulating attacks before they happen, companies can prepare their employees for the real thing—turning their workforce from a potential vulnerability into a more robust line of defense.