Artificial Intelligence Kevin Mandia’s Armadin Launches With $190 Million in Funding Armadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them. By Kevin Townsend | March 10, 2026 (9:21 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Kevin Mandia, who previously founded Mandiant and sold the incident response and threat intelligence firm to FireEye in a $1 billion deal in 2014 before its later $5.4 billion acquisition by Google, has launched a new cybersecurity startup. San Francisco based Armadin announced a massive Seed and Series A Funding round of $189.9M in what is effectively its public launch (the firm has simultaneously published a blog by Mandia titled Introducing Armadin ). Armadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them. Kevin Mandia previously founded incident response firm Mandiant, which was acquired by FireEye for $1 billion in 2014 and later by Google for $5.4 billion. The funding was led by Accel, with participation from Google Ventures, Kleiner Perkins, Menlo Ventures, In-Q-Tel, and follow-on investment from 8VC and Ballistic Ventures — and is claimed to be the largest seed and series A funding in cybersecurity history. The firm was first announced quietly in late 2025 with an initial seed of $24 million. Now, with the formal launch, Mandia’s co-founders have been named as Travis Lanham (CTO), Evan Peña (chief offensive security officer), and David Slater (chief architect). Mandia is CEO. Armadin can be described as a red team on steroids. The steroids are AI. “I believe within the next few years virtually all cyberattacks will be AI-based – swarming, tailored, and relentless,” writes Mandia in his blog. “They will be untethered to human limitations and capable to execute on a scale we have never witnessed before.” Armadin intends to fight fire with fire. “In a world of machine-speed attacks, defense must become autonomous. You cannot have a human in the loop for every defense decision and expect to win,” he adds in the ‘launch’ document . We are building the most formidable offense to give organizations the greatest defense. It’s important to national security.” Advertisement. Scroll to continue reading. The ‘formidable offense’ comes from a team of specialist red teamers and AI researchers and engineers. The intent is to provide a platform that can perform AI-directed offensive security as fast as attackers can attack – to close or at least reduce the traditional agility gap – with its own autonomous, agentic attacker swarm. “Before Armadin, you could not put a nation state level adversary inside every network 24/7,” said Lanham. “We’ve built the ultimate attacker – it doesn’t just follow a script, it reasons and learns as it swarms your defenses. We train our models and build agents to the standards of a world-class red team with safety at the foundation and unleash them to identify exploitable risk at machine speed.” Traditional red teaming cannot cope with the dawning age of AI-driven attacks. Armadin intends to solve this with AI red teaming. Related : Palo Alto Networks Founder Nir Zuk Unveils New Startup Cylake Related : AI Security Firm JetStream Launches With $34 Million in Seed Funding Related : Fig Security Launches With $38 Million to Bolster SecOps Resilience Related : Aisy Launches Out of Stealth to Transform Vulnerability Management Written By Kevin Townsend Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines. More from Kevin Townsend Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively How Pirated Software Turns Helpful Employees Into Malware Delivery Agents Quantum Decryption of RSA Is Much Closer Than Expected New ‘AirSnitch’ Attack Shows Wi-Fi Client Isolation Could Be a False Sense of Security AWS Expands Security Hub Into a Cross-Domain Security Platform The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO Latest News Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign Escape Raises $18 Million to Automate Pentesting Recent Ivanti Endpoint Manager Flaw Exploited in Attacks SIM Swaps Expose a Critical Flaw in Identity Security Cylake Raises $45 Million to Secure Organizations Barred From Cloud Cybersecurity M&A Roundup: 42 Deals Announced in February 2026 ClickFix Attack Uses Windows Terminal to Evade Detection Internet Infrastructure TLD .arpa Abused in Phishing Attacks Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move Ed Jennings has been appointed President and CEO at Darktrace. Ironscales has appointed Steven Malone as CSO and Amit Bluman as SVP of Research & Development. Synack has appointed Angela Heindl-Schober Chief Marketing Officer. More People On The Move Expert Insights SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Living off the AI: The Next Evolution of Attacker Tradecraft Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email