Armadin Raises Record $190M for AI Cybersecurity

Kevin Mandia sold Mandiant to Google for $5.4 billion in 2022. Now he's back with Armadin, an AI-native cybersecurity startup that just raised a record-breaking $189.9 million in combined seed and Series A funding. That's not a typo. That's nearly $190 million before the company has even left stealth properly. When the guy who literally wrote the book on incident response says the threat landscape has fundamentally changed, investors open their checkbooks.

The Biggest Early-Stage Cyber Raise Ever

Let's put this number in context. A $189.9 million combined seed and Series A is the largest early-stage raise in cybersecurity history. The round was led by Accel, with a murderer's row of co-investors: Google Ventures, Kleiner Perkins, Menlo Ventures, 8VC, Ballistic Ventures, and — here's where it gets interesting — In-Q-Tel, the venture arm of the CIA.

When the intelligence community's investment arm is writing checks alongside tier-one Silicon Valley firms, it tells you something about the severity of the problem Armadin is trying to solve. This isn't speculative AI hype. This is national security money validating a thesis.

The Thesis: "Hyperattacks" Are Already Here

Mandia's core argument is blunt: AI-driven cyberattacks are accelerating beyond human capacity to defend against them. He calls them "hyperattacks" — machine-speed, AI-orchestrated assaults that traditional security operations centers simply cannot match. The SOC analyst staring at a SIEM dashboard at 2 AM? They're already outgunned.

"The AI shift is rapidly transforming cybersecurity. We need autonomous defense systems to counter machine-speed attacks."
— Kevin Mandia, CEO of Armadin

He's not wrong. We've watched the offensive AI toolkit explode over the past two years. Automated phishing campaigns that adapt in real-time. AI-generated polymorphic malware that rewrites itself to evade detection. Vulnerability discovery at scale that used to take red teams weeks, now compressed into hours. The defenders are playing catch-up, and Mandia is betting that only AI agents can close that gap.

The Product: An "Agentic Attacker Swarm"

Armadin's platform deploys what the company calls an "agentic attacker swarm" — specialized AI agents that continuously reason, plan, and adapt. Think of it as autonomous red teaming on steroids. These agents mimic advanced human threat actors, probing an organization's attack surface to identify and prove exploitable risks before real adversaries do.

This isn't another vulnerability scanner with an AI label slapped on. The key differentiator is the word "prove." Armadin's agents don't just flag theoretical vulnerabilities — they chain exploits together, demonstrate actual attack paths, and show defenders exactly how an adversary would compromise their environment. That's a fundamentally different value proposition than the noise-generating scanners that security teams already ignore.

The approach mirrors a broader industry shift toward autonomous offensive security. Companies like Horizon3.ai and Pentera have been pushing automated pentesting for years. But Armadin appears to be betting that agentic AI — agents that can reason and adapt dynamically rather than following scripted playbooks — represents a generational leap forward.

The Team: Google Cloud Security Alumni Reunited

Mandia didn't build this alone. His co-founding team reads like a carefully assembled strike team:

• Travis Lanham, CTO — Former Google Cloud Security principal engineer. He knows the infrastructure side cold.
• Evan Peña, Chief Offensive Security Officer — Former Mandiant executive. This is the offensive expertise that gives the AI agents their teeth.
• David Slater, Chief Architect — Former Google SecOps engineer. He's building the platform backbone.

Three out of four co-founders come from Google or Mandiant-turned-Google. That's not a coincidence — it's a team that's already built and scaled security products at planetary scope. And Google Ventures' participation in the round suggests the relationship remains warm, even as Mandia strikes out independently again.

Why This Matters Beyond the Headline Number

The $189.9 million figure is eye-catching, but the real signal is velocity. Armadin was founded in September 2025. By March 2026 — barely six months later — the company had hired over 60 employees, begun work with Fortune 100 companies, and closed the largest early-stage cybersecurity round on record. That's not a startup finding product-market fit. That's a startup that arrived with product-market fit already in hand, built on decades of Mandia's relationships and credibility.

Fortune 100 companies don't pilot security products from six-month-old startups unless the founder's name carries extraordinary weight. Mandia's does. He built Mandiant into the company that governments and Fortune 500s called when they got breached. That trust is now Armadin's moat before it even has a moat.

The Bigger Picture: AI Security's Arms Race

Armadin's launch is the latest — and loudest — signal that cybersecurity is entering a full-blown AI arms race. Offensive AI capabilities are proliferating faster than defensive ones. Nation-states and criminal groups are already weaponizing AI for reconnaissance, social engineering, and exploit development. The question isn't whether autonomous defense is necessary — it's whether companies like Armadin can deploy it fast enough.

The investor lineup reflects this urgency. Accel doesn't lead $190 million early-stage rounds on vibes. Kleiner Perkins doesn't follow. And In-Q-Tel doesn't participate unless the technology has direct national security implications. This consortium of investors is essentially saying: the threat is real, the team is proven, and the window to build autonomous cyber defense is now.

The Risk

Let's be honest about the challenge. Building AI agents that reliably reason about complex attack paths without generating catastrophic false positives — or accidentally causing real damage during autonomous testing — is extraordinarily hard. The "agentic attacker swarm" sounds powerful, but the gap between demo and production-grade autonomous security is vast. Armadin will need to prove that its agents can operate safely and effectively across diverse enterprise environments, not just in controlled scenarios.

There's also the competitive landscape. CrowdStrike, Palo Alto Networks, and Microsoft are all pouring billions into AI-augmented security. Armadin's advantage is focus and speed, but incumbents have distribution and data. Mandia knows this game — he outmaneuvered incumbents once before with Mandiant. Whether he can do it again in the age of AI is the $189.9 million question.

The Bottom Line

Kevin Mandia is the rare founder who has both the technical credibility and the industry relationships to launch a cybersecurity company at full sprint. Armadin's record-breaking raise isn't just about the money — it's a market signal that autonomous AI defense has moved from theoretical to essential. The era of hyperattacks is here. Armadin is betting it can build the shield faster than adversaries can sharpen the sword.

If anyone can pull it off, it's the guy who spent two decades cleaning up the world's worst breaches. He's seen every attack playbook. Now he's building agents that have, too.