Asymmetric Security Launches with $4.2M to Shrink Cyber Forensic Costs by 10x

Asymmetric Security is betting the next big cybersecurity shift won’t be a new firewall or endpoint agent, it’ll be a faster, AI-native way to investigate what already got through.

The San Francisco and London-based startup, which calls itself a “full stack AI incident response services company,” has raised a $4.2 million oversubscribed pre-seed round led by  Susa Ventures, along with Halcyon Ventures and Overlook Ventures,. The round also includes a lineup of well-known angel investors, including  Meta’s Charlie Songhurst and Entrepreneur First’s Matt Clifford, and Geoff Ralston, the former president of Y Combinator.

Asymmetric’s pitch is simple: cybersecurity investigations are still painfully manual, slow, and expensive, and the company claims it can make them 10x faster by combining frontier AI models with experienced incident responders.

The company says it has already helped organizations investigate and respond to 100+ attacks, reducing investigation timelines from days to hours, and plans to use the funding to hire across engineering and incident response.

The investigation bottleneck in modern security

Most security teams have gotten better at detection. What hasn’t improved nearly as quickly is what happens after the alert fires.

When a breach is detected, a long list of forensic investigation work begins: pulling logs from multiple systems, reconstructing timelines, validating what was accessed, identifying the blast radius, and documenting findings in a way that’s defensible to executives, auditors, or regulators.

That’s especially true for Business Email Compromise (BEC), one of the most common and costly categories of cybercrime. BEC investigations can sprawl across email inboxes, identity systems, endpoint logs, cloud tools, and file-sharing platforms. In many cases, the difference between “minor incident” and “major breach” comes down to whether the attacker gained access to additional accounts, created hidden inbox rules, exfiltrated sensitive files, or successfully initiated a fraudulent payment.

“The average BEC investigation takes 40+ hours of manually reading through thousands of emails and logs, a painstaking process prone to human errors,” said Zainab Ali Majid, a co-founder of Asymmetric. “Asymmetric leverages the latest AI models to shrink these processes from days to hours while still maintaining the gold standard of accuracy.”

Security teams often outsource this work to traditional incident response firms, but those engagements can be expensive, slow to schedule, and heavily dependent on human labor. Even when internal teams handle it, they’re usually stitching together evidence from a stack of tools that weren’t built for forensic speed.

Asymmetric’s bet is that the “response” side of security is overdue for an AI overhaul.

A full-stack AI incident response model

Asymmetric isn’t positioning itself as another dashboard, detection product, or SOC co-pilot. Instead, it’s building what it describes as an AI-native cyber forensics and response platform, paired with experts who validate results and make judgment calls in high-risk edge cases.

The company says its system can autonomously pull data from core business systems, analyze large volumes of activity quickly, and produce clear timelines that incident responders can use to contain threats and recommend fixes.

At a high level, Asymmetric’s platform focuses on:

• Rapid log pulls: Automatically collect evidence across email, identity, and cloud apps
• AI-powered investigations: Analyze millions of data points quickly to reconstruct the timeline and scope of an attack
• Human-in-the-loop validation: Experienced responders review findings, confirm conclusions, and handle gray areas
• Defensive recommendations: Actionable steps to prevent repeat incidents

In practice, this is the part many security leaders know is broken: evidence lives everywhere, log formats vary, access permissions are complicated, and investigations become an exhausting scavenger hunt.

Why BEC is getting worse in an AI era

BEC has always been effective because it’s psychological as much as technical: impersonate someone with authority, create urgency, and exploit normal business workflows.

But the new wave of AI-generated content makes those attacks more convincing and scalable. Instead of a slightly suspicious phishing email full of typos, attackers can generate polished messages, match writing tone, and iterate quickly. And the same underlying automation can support larger campaigns across more targets.

Asymmetric frames this as a near-term problem, not a distant fear.

As AI becomes more capable at mimicking human behavior at scale, defenders are left with the same constraints they’ve had for years: limited headcount, overloaded tooling, and investigations that require painstaking attention to detail.

That mismatch, scalable offense versus slow, manual defense, is what Asymmetric is trying to fix.

From incident response to “defense intelligence”

One of the more ambitious parts of Asymmetric’s roadmap is what it wants to do with the real-world cases it investigates.

The company says it uses attacks it responds to as the basis for building realistic evaluations and benchmarks, both for improving its own tooling and to advance broader cyberdefense capabilities, including at frontier AI labs.

That matters because a lot of AI-for-security claims fall apart in real incidents. Live investigations involve partial data, noisy logs, missing context, and messy human workflows. It’s not a clean benchmark problem. The fastest path to product truth is to be in the middle of real breaches.

Asymmetric is basically using a services-plus-software wedge: win trust during urgent moments, deliver outcomes faster than traditional firms, and use that experience to build better automation over time.

That’s also why investors are leaning in.

“We believe in the full-stack AI services thesis,” said Chad Byers, co-founder and general partner at Susa Ventures. “Asymmetric is the best company in the cyber incident response market, with a rare combination of incident response and AI expertise. Their cybersecurity services business is compelling on its own, but it also gives them a powerful distribution channel into the enterprise security market.”

Building for higher-stakes attacks

While Asymmetric is starting with incidents like BEC, it’s not planning to stop there. The company says it will expand into:

• Insider threat investigations
• Ransomware
• Nation-state attacks

Those categories tend to be more complex, higher stakes, and harder to automate, but they also represent the largest budgets in incident response and the most painful executive-level security events.

Asymmetric’s co-founders argue that the world is moving toward a security environment where attackers can automate more of the kill chain, and defenders will need automation that’s equally capable, but also more reliable.

“As AI progress accelerates toward AGI, the security stakes rise,” said Alexis Carlier, a co-founder of Asymmetric Security. “Autonomous AI attacks are no longer hypothetical, and AI model weight theft is now one of the most consequential security risks facing the West. We exist to accelerate AI cyberdefense and make AI an overwhelming advantage for defenders.”

A team built around investigations, not just models

The company says its team includes security and AI talent from CrowdStrike, Palo Alto Networks, RAND, Stroz Friedberg, Stanford, Oxford, and Cambridge, a mix that signals two things: deep incident response credibility, and the ability to build modern AI systems securely.

For incident response, confidence is everything. If an AI system incorrectly concludes that data wasn’t accessed, or misses a persistence mechanism, the results can be catastrophic. That’s why Asymmetric is emphasizing human validation and “defensible judgment calls,” rather than selling a fully autonomous response system.

The market: crowded detection, less mature response

Security is full of startups. But most of the hype in the last decade has been around detection: endpoint, cloud security posture, SIEM, SOAR, and more recently AI copilots for security analysts.

Response is different. The buyers are under stress. The outcomes are binary (you contained the breach or you didn’t). And the work is still driven by high-cost experts.

If Asymmetric can reliably deliver faster investigations at lower cost, while keeping quality high, it’s attacking a part of the market that’s both painful and budgeted.

What’s next

With its pre-seed funding, Asymmetric plans to hire across engineering and incident response, expand coverage into more incident types, and keep pushing the idea that “AI-native forensics” can become the new default way security teams operate under pressure.

For customers, the promise is straightforward: fewer sleepless nights, fewer weeks lost to forensic cleanup, and a faster path from “we saw something weird” to “here’s what happened, here’s what’s impacted, and here’s what to do next.”

Asymmetric says interested employees and customers can learn more at asymmetricsecurity.com.