As generative AI evolves, so do the threats it enables — from deepfake CEOs to realistic phishing scams. In response, OpenAI has made its first-ever investment in an AI cybersecurity startup. Joining a $43 million Series A round for Adaptive Security, a New York-based company helping businesses stay one step ahead of AI-driven social engineering attacks.
The funding round, announced Wednesday, was co-led by OpenAI’s Startup Fund and Andreessen Horowitz, two heavyweights in the tech investing world. It signals just how seriously OpenAI is taking the darker side of the AI boom.
Founded in 2023, Adaptive Security builds tools that simulate AI-generated hacks to train employees in spotting digital threats. The company’s software can mimic real-world attacks by generating fake emails, texts, and even voice calls. Complete with AI-generated clones of company executives — to test how staff respond. One scenario might involve a deepfake of your CTO calling to ask for a sensitive verification code. It sounds real, but it’s a controlled test by Adaptive.
These simulated attacks are designed to teach staff how to recognize and avoid falling for increasingly sophisticated scams. Adaptive then scores which departments or teams are most vulnerable and provides targeted training to improve their defenses.
The company’s core focus is on social engineering, a form of hacking that manipulates people into giving up information or access — often without realizing it. While the tactic isn’t new, generative AI has made these attacks far more convincing. Just look at the 2022 Axie Infinity breach, where a fake job offer email led to a $600 million loss.
“AI has made social engineering easier and more scalable,” said Adaptive Security CEO and co-founder Brian Long. “We’re seeing deepfake calls, realistic phishing emails, and other attacks that no traditional training can prepare you for.”
And Long knows the startup playbook well. He previously founded and sold TapCommerce to Twitter for a reported $100 million, and co-founded Attentive, an ad-tech company last valued at over $10 billion. His latest venture already serves over 100 customers, and strong feedback from early adopters is part of what drew OpenAI to the table.
The $43 million will help Adaptive expand its engineering team and continue building new tools to keep up with the rapidly shifting AI threat landscape. “We’re in an arms race,” Long told TechCrunch. “And companies need to prepare their teams for what’s coming next.”
Adaptive joins a fast-growing list of startups focused on AI-fueled cybersecurity. Cyberhaven recently raised $100 million to stop employees from leaking sensitive data into AI tools like ChatGPT. GetReal, a deepfake detection firm, brought in $17.5 million last month. And Snyk, known for securing code, says AI-generated vulnerabilities are part of what’s helped push its ARR beyond $300 million.
As for individual users? Long has one quick piece of advice for anyone worried about AI cloning their voice. “Delete your voicemail,” he says. “It’s low-hanging fruit for hackers training AI models.”
In a world where AI can convincingly mimic your boss, your co-workers, or even you, startups like Adaptive Security are racing to protect the human element — before it becomes the weakest link.
