Artemis, an AI-native protection platform that delivers real-time detection and automated response, emerged from stealth this week with $70 million in combined seed and Series A funding, six months after founding. The Series A was led by Felicis with First Round Capital and Brightmind returning to increase their stakes. The round was also joined by Theory VC; Two Sigma; Lockstep; cybersecurity industry leaders, including the founders of Demisto and Abnormal AI, the former CEO and CTO of Splunk; and senior executives from CrowdStrike, Palo Alto Networks, Microsoft, and Okta.
AI-driven attacks are now carried out within minutes, adapt in real time, and never execute the same way twice. Legacy, rule-based detection was built for human-speed attacks; rules that take a week to write become outdated before they ship. Security teams are left manually stitching together context across dozens of fragmented tools spanning cloud, identity, endpoint, and network systems–under pressure and often after damage has already been done. Attackers move faster than defenders can respond, and the gap keeps widening.
How Artemis works
Artemis was built for a world where AI is fighting AI on the cyber battlefield, giving defenders the same speed and adaptability that attackers now have. The company works closely with some of the most advanced frontier AI labs and models. At Artemis’s core is a proprietary dynamic data model built from each customer’s own telemetry, fusing behavioral log data across users, machines, cloud workloads, and applications with business context to understand whether an action makes sense for that specific organization.
From that foundation, Artemis generates detections tuned to each customer, autonomously investigates every signal, and surfaces coherent attack stories instead of flooding security teams with noise. For example, if a privilege escalation in Okta coincides with unusual API activity in AWS, Artemis contextualizes both signals and surfaces a single correlated narrative rather than two disconnected alerts, eliminating the need for manual investigation. When conditions demand it, Artemis allows customers to close the loop at machine speed with automated responses, such as isolating a compromised identity before an attacker can move laterally.
Artemis’ founding team
“We built Artemis as an AI-native defense system from the ground up,” said Shachar Hirshberg, co-founder and CEO of Artemis. “The question isn’t whether this model wins, but who builds it best. Some of the largest and fastest-growing companies in the world are among our first customers, and we’re able to deliver value to them on day one. That trust matters, and we intend to earn it every day.”
Prior to founding Artemis, Hirshberg built and scaled security operations platforms at Palo Alto Networks and Demisto, which created the SOAR category and was acquired in one of the largest pure-play security operations transactions, before earning his MBA from Harvard Business School and joining AWS to lead GuardDuty, a cloud attack detection product.
“At the core of Artemis is a data model I’ve been iterating on for years,” said co-founder and CTO Dan Shiebler. “The real breakthrough isn’t just using better AI models, but in giving those models deep, structured understanding of how an organization functions, making reliable detection and automated response possible.”
Shiebler spent the last decade building large scale AI systems and most recently led ML and AI at Abnormal AI, where he applied research from his PhD in machine learning at the University of Oxford to develop AI-powered detection systems powering one of the fastest-growing email security platforms in the market.
In less than six months since company formation, Artemis is deployed in production and processing billions of events per hour for enterprise customers and other leaders in technology, banking, and financial services.
Artemis works alongside existing security tools, complementing legacy SIEMs. Where traditional architectures require ingesting and storing all data upfront–a cost model that scales linearly with data volume and penalizes visibility–Artemis retrieves data on-demand from customers’ existing cloud storage and log sources using federated queries, providing full visibility at a fifth of the cost.
At a technology company with thousands of employees, Artemis’s first scan surfaced multimillion-dollar cloud spend savings and shadow activity invisible to existing tools: over-privileged accounts, undocumented integrations, and workflows calling APIs with elevated privileges–insights that could only emerge from fusing behavioral log data with deep business context.
Another early customer, a highly regulated company with tens of thousands of employees, is now completing investigations in under five minutes, a 96% reduction in time to resolution from their previous average. Using Artemis, these teams create custom detections within minutes and rapidly investigate their environments in natural language without needing to construct complex queries.
What investors are saying about Artemis
“Artemis has built a truly world-class team with rare depth at the intersection of AI and cybersecurity, solving a problem that’s becoming increasingly urgent as attacks grow in frequency and complexity,” said Jake Storm, general partner at Felicis. “Shachar’s track record in building enterprise-scale security products and Dan’s deep AI research background make them uniquely suited to tackle this problem together. Just six months after founding and while still in stealth, the team has seen enterprise inbound driven purely by word of mouth and early results. That level of demand at this stage is rare and signals the scale of the opportunity.”
“Having led the Humio acquisition at CrowdStrike that became the basis for their Next-Gen SIEM, I’ve seen exactly what it takes to disrupt large markets,” added Gur Talpaz, general partner at Brightmind. “I’ve heard the demand for a modern, highly complementary protection platform first-hand from the world’s largest enterprises, and have a clear view that this is where the market is heading.
“AI-powered attacks require a fundamentally new approach to defence with AI at the foundation, and Artemis is building exactly that. We co-led the seed and doubled down in the Series A because of our core belief that Artemis is building something that others simply can’t.”
The new funding will enable Artemis to expand its engineering, research, and go-to-market teams and deepen its platform as enterprise demand accelerates.