Artemis Security emerged from stealth on April 15 with $70 million in seed and Series A financing to build AI agents that autonomously detect, investigate, and respond to cybersecurity threats. The Series A was led by Felicis Ventures, with returning investors First Round Capital and Brightmind, plus participation from Theory VC and a roster of cybersecurity industry leaders.
The company’s founding team brings operational experience from some of the largest automated security systems in production. CEO Shachar Hirshberg previously led Amazon GuardDuty, AWS’s continuous threat detection service. CTO Dan Shiebler was head of AI at Abnormal Security, the AI-native email security company, and before that led machine learning at Twitter. The investor list includes founders of Demisto (acquired by Palo Alto Networks for $560 million), founders of Abnormal AI, the former CEO and CTO of Splunk, and senior executives from CrowdStrike, Palo Alto Networks, Microsoft, and Okta, according to Fortune.
The SIEM Replacement Thesis
Artemis is positioning itself as a replacement for traditional Security Information and Event Management (SIEM) systems. Where SIEMs apply pre-written rules to log data and flood analysts with disconnected alerts, Artemis’s agents continuously observe logins, cloud activity, and application behavior to build a dynamic model of what normal looks like for each specific organization.
When deviations appear, the agents correlate disparate signals into a coherent threat narrative rather than isolated alerts. In time-critical scenarios, the agents can take autonomous action: locking compromised accounts and isolating affected systems before human review, as reported by GovInfoSecurity.
The company already has paying customers. Mercury, Wix, Lemonade, and Abnormal AI are confirmed clients. Artemis reports “a few seven-figure deals” closed and expects multimillion-dollar ARR before end of 2026, per Fortune.
Why the Timing Matters
Fortune’s reporting explicitly connects Artemis to the escalating AI threat landscape, citing Anthropic’s Mythos Preview as evidence that “AI can identify vulnerabilities at a pace that outstrips most organizations’ ability to patch them.” Artemis launched one day before Bloomberg published its investigative feature on Anthropic’s internal safety warnings about Mythos infrastructure hacking capabilities.
The $70 million total financing is substantial for a company founded roughly six months ago. The SIEM market, valued at over $5 billion annually, is one of the largest addressable markets in enterprise security, and multiple incumbents including Splunk (now Cisco), Microsoft Sentinel, and Elastic have faced persistent criticism over alert fatigue and detection gaps, per PYMNTS.
The Architecture Question for Agent Builders
Artemis’s approach, building per-organization behavioral models rather than relying on global threat signatures, is a design pattern with implications beyond cybersecurity. Any team deploying autonomous agents in enterprise environments faces the same fundamental problem: how do you distinguish between normal agent behavior and compromised agent behavior when the definition of “normal” varies by organization? Artemis is betting that the answer is continuous observation plus autonomous response, not static rules plus human review.