AI is reinventing every aspect of the modern workplace, and security is going to be no exception.

AI’s potential to change the way we defend against cyber attacks is undeniable. Most security problems are data problems, and AI thrives when analysing large, messy data sets.

AI’s potential to change the way attackers behave is just as undeniable. Cyber attacks take skill and resources to execute, and AI makes delivering complex attacks cheaper.

Despite the potential, most security teams remain underwhelmed by AI. The early AI features launched by big security vendors are borderline useless, and most security teams are still waiting to see what AI can do for them.

We believe it’s time for a new generation of security companies, built from the ground up to take full advantage of the power of modern AI.

Today we’re delighted to announce the launch of Maze and share that we’ve raised a $25m Series A round led by Theory Ventures and a previously unannounced $6m Seed round led by Cherry Ventures and Tapestry VC.

Maze was born out of frustration. Frustration with the fact that AI has yet to make life better for security teams. Frustration with the way security vendors tend to operate – the lack of craft they show when building products and the lack of respect they show when marketing and selling them. And, frustration with a problem we’d all experienced first hand.

All three of us founders led product and engineering teams at places like Elastic, Amazon, and Tessian. We’d been involved in endless debates with security over ever-growing vulnerability backlogs. Security wanted the vulnerabilities fixed faster, but the volume seemed so high. Something didn’t seem right.

After leaving our roles, we took the unusual step of not building our product straight away. Instead we organized call after call with security leaders and asked them one simple question – what’s your biggest problem right now? By a distance, the most common thing we’d see next would be a security leader sitting back in their chair, rolling their eyes, and murmuring something along the lines of “f’ing vulnerabilities”.

Then we looked at the data, and realised things were worse than we thought. The total number of known vulnerabilities (CVEs) is increasing exponentially, up 40% in 2024 alone. Attackers are also exploiting new vulnerabilities faster than ever, down from 32 days in 2022 to 5 days in 2023. Now, as attackers gain access to AI tools of their own, we could be about to see vulnerability exploitation happen at a scale and sophistication that dwarfs anything we’ve seen before.

We started Maze with a belief that AI could solve at least part of this problem. Wanting to avoid the fate of so many security products, where AI has become a superficial add-on, we made it our mantra to push AI to the limit to see how far it could go to solve the problem end-to-end. We were genuinely blown away by what we saw next.

We gave AI Agents access to cloud environments, vulnerability scans, and many other sources of context. Then, we showed them how to think and act like the world’s best security engineers. From here, we wrote no pre-defined logic, we simply asked them questions and let them think. We watched as AI Agents began to replicate the type of in-depth investigation that might take an expert security engineer hours or days, completely autonomously.

What we’d created was a way to run the most in-depth manual investigations into vulnerabilities autonomously and at scale. We’ve since onboarded more than ten enterprises to the product, including two of the Fortune 200. Out of the millions of vulnerabilities in their backlogs, our AI Agents have been able to prove that 80-90% of findings are false positives when investigated in context, and have then identified the few that are likely to cause a serious breach.

We’ve now seen first-hand what modern AI can do for security teams if used correctly. It’s clear to us that not only will AI revolutionize vulnerability management, but all corners of security over the coming years.

You can now get in touch to arrange a demo or trial of Maze. We can’t wait to see what you think.