Mandia Launches Armadin With Record $189.9M Round

Kevin Mandia doesn't do small. The man who built Mandiant into the world's preeminent threat intelligence firm, sold it to Google for $5.4 billion in 2022, and effectively defined modern incident response is back — and he's betting nearly $190 million that the cybersecurity industry needs to be rebuilt from scratch for the AI era. He's probably right.

The Biggest Early-Stage Cyber Bet Ever Made

Armadin, Mandia's new AI-native cybersecurity startup, announced on March 10, 2026, that it closed a combined $189.9 million in seed and Series A funding — the largest early-stage cybersecurity raise in history. Let that number breathe for a second. Most cybersecurity startups are lucky to scrape together $20 million at this stage. Armadin pulled nearly ten times that before most people even knew it existed.

The round was led by Accel, with a murderer's row of co-investors: Google Ventures, Kleiner Perkins, Menlo Ventures, 8VC, Ballistic Ventures, and — notably — In-Q-Tel, the CIA's venture capital arm. When the intelligence community's investment vehicle writes a check before you've been public for six months, that tells you something about the threat landscape these people are seeing behind closed doors.

The Thesis: Human Defenders Can't Keep Up

Mandia's central argument is blunt and uncomfortable: humans are too slow. The cybersecurity industry has spent two decades building tools that ultimately rely on human analysts to triage alerts, investigate incidents, and make remediation decisions. That model worked when attackers were human too. It doesn't work when attackers are deploying AI.

"In the face of machine-speed attacks, defense must become autonomous. Human intervention is too slow."

That's Mandia's pitch, and it's hard to argue with. We've watched the threat landscape metastasize over the past 18 months. AI-generated phishing campaigns that are indistinguishable from legitimate communications. Automated vulnerability exploitation chains that move from initial access to lateral movement in minutes, not hours. What Armadin calls "hyperattacks" — AI-orchestrated offensive operations that outpace any human-led SOC.

The conventional response from the industry has been to bolt AI features onto existing platforms. A copilot here, a summarization tool there. Mandia clearly thinks that's insufficient. Armadin isn't augmenting the old model. It's replacing it.

Agentic Attacker Swarms: Offense as the Best Defense

Armadin's core platform takes a radically offensive approach. Instead of passively monitoring for threats, it deploys what the company calls an "agentic attacker swarm" — a fleet of specialized AI agents trained on expert red-teaming methodologies that continuously probe an organization's infrastructure.

Here's how it works:

• Autonomous reasoning: Each AI agent doesn't just run scripts. It reasons, plans, and adapts — simulating the behavior of advanced persistent threat (APT) actors in real time.
• Continuous operation: Unlike quarterly penetration tests, Armadin's agents run perpetually, discovering new attack surfaces as infrastructure changes.
• Decision-grade proof: The platform doesn't just flag vulnerabilities. It exploits them, providing organizations with concrete evidence of what's actually exploitable — not theoretical risk scores, but proven attack paths.
• Machine-speed remediation: Identification, proof, and remediation recommendations happen autonomously, collapsing what used to be weeks-long cycles into minutes.

This is a meaningful departure from the vulnerability management status quo. As TechCrunch noted, traditional vulnerability scanners generate mountains of alerts ranked by theoretical severity. Armadin's approach cuts through the noise by answering the only question that actually matters: can someone use this to get in?

The Team and the Traction

Mandia didn't build this alone. Armadin was co-founded with Travis Lanham (CTO), Evan Peña (Chief Offensive Security Officer), and David Slater (Chief Architect). The company was quietly founded in September 2025, and in less than six months it has already hired over 60 employees and begun working with Fortune 100 companies.

That traction timeline is staggering. Six months from founding to Fortune 100 engagements. That's what a $5.4 billion exit and two decades of relationships in the CISO community buy you. Every enterprise security leader on the planet knows Mandia's name. When he calls, they pick up.

Why This Matters Beyond the Dollar Signs

The size of this round isn't just a vanity metric. It's a signal. Here's what I think it tells us:

First, the AI-security arms race is real and accelerating. Investors don't write checks this large at this stage on a hunch. The investor syndicate here — spanning pure venture, strategic corporate (Google), and intelligence community (In-Q-Tel) capital — suggests broad consensus that the current generation of security tools is structurally inadequate for AI-era threats.

Second, we're entering the age of autonomous security infrastructure. Armadin isn't the only company pursuing AI-native security, but it's the most aggressively funded and the most credibly led. This raise will force every incumbent — from CrowdStrike to Palo Alto Networks to SentinelOne — to articulate their own autonomous security story, fast.

Third, offensive security is eating defensive security. The best way to understand your risk isn't to wait for an attacker to find your weaknesses. It's to find them first. Armadin's continuous, autonomous red-teaming approach represents a philosophical shift that the industry has been flirting with for years but never fully committed to at this scale.

The Google Connection

The GV participation is worth flagging. Mandia sold Mandiant to Google, and Mandiant's threat intelligence is now a cornerstone of Google Cloud's security offering. Google investing in Mandia's next venture suggests either a future acquisition pipeline, a deep strategic partnership, or — at minimum — a belief that Armadin's approach complements rather than competes with what Mandiant does inside Google. Probably all three.

The Bottom Line

Kevin Mandia has earned the rarest thing in cybersecurity: unconditional trust. He spent 18 years proving at Mandiant that he understood threats better than almost anyone alive. Now he's making a straightforward argument — that the threat has fundamentally changed, and the defense must change with it.

$189.9 million says the smartest money in tech and national security agrees. If Armadin delivers on the vision of truly autonomous, AI-native cyber defense, we'll look back at this round as the opening shot of an entirely new era in security. If it doesn't, the record will fall to someone else chasing the same inevitable future.

Either way, the age of human-speed cybersecurity is over. Mandia just put a price tag on it.