RunSybil Raises $40M: OpenAI's First Security Hire Builds an AI Pentester
OpenAI's first security research hire left to build something OpenAI could not. Ari Herbert-Voss co-founded RunSybil with Vlad Ionescu, who led offensive security red teams at Meta, and together they have raised $40 million led by Khosla Ventures to build AI agents that autonomously hack live applications.
The investor list reads like a who's who of AI and security. Anthropic and Menlo Ventures contributed through the Anthology Fund. Conviction and Elad Gil joined. Angel investors include Nikesh Arora of Palo Alto Networks, Jeff Dean of Google, Amit Agarwal of Stripe, plus founders and leaders from OpenAI and other major companies.
RunSybil's AI agent, called Sybil, conducts continuous autonomous penetration tests against live applications. Not sandboxed simulations, not static analysis. It finds, exploits, and documents real security vulnerabilities without humans in the loop. The customer list already includes Cursor, Notion, Turbopuffer, Thinking Machines Lab, and several unnamed Fortune 500 companies and financial institutions.
What makes RunSybil different from XBOW, which also just raised $120M in the same space? XBOW comes from the CodeQL and GitHub security lineage, focused on code-level vulnerability analysis. RunSybil comes from the red team side, focused on live application testing. Both are needed. Code analysis catches bugs before deployment. Live pentesting catches what code analysis misses after deployment. In the agentic era, you need both.
The founding story says a lot. Herbert-Voss spent years at OpenAI understanding how AI models can be used offensively. Now he is turning that knowledge into a defensive tool. The best security comes from people who know how to break things.
https://runsybil.com
← Back to all articles
The investor list reads like a who's who of AI and security. Anthropic and Menlo Ventures contributed through the Anthology Fund. Conviction and Elad Gil joined. Angel investors include Nikesh Arora of Palo Alto Networks, Jeff Dean of Google, Amit Agarwal of Stripe, plus founders and leaders from OpenAI and other major companies.
RunSybil's AI agent, called Sybil, conducts continuous autonomous penetration tests against live applications. Not sandboxed simulations, not static analysis. It finds, exploits, and documents real security vulnerabilities without humans in the loop. The customer list already includes Cursor, Notion, Turbopuffer, Thinking Machines Lab, and several unnamed Fortune 500 companies and financial institutions.
What makes RunSybil different from XBOW, which also just raised $120M in the same space? XBOW comes from the CodeQL and GitHub security lineage, focused on code-level vulnerability analysis. RunSybil comes from the red team side, focused on live application testing. Both are needed. Code analysis catches bugs before deployment. Live pentesting catches what code analysis misses after deployment. In the agentic era, you need both.
The founding story says a lot. Herbert-Voss spent years at OpenAI understanding how AI models can be used offensively. Now he is turning that knowledge into a defensive tool. The best security comes from people who know how to break things.
https://runsybil.com
Comments