Artemis Raises $70M to Build AI-Native Cyber Defense

Artemis, a six-month-old cybersecurity startup, announced it has raised $70 million in combined seed and Series A funding and emerged from stealth to commercialize an AI-native detection and response platform. The company is led by CEO Shachar Hirshberg and CTO Dan Shiebler, and the round was led by Felicis. Artemis says it is already working with early enterprise customers in technology, finance, and banking.

Artemis builds a platform that continuously profiles an organization across cloud, identity, endpoint, and network telemetry and uses machine learning to identify deviations from learned "normal." The company emphasizes automated investigations and response capabilities that aim to reduce manual alert triage by creating unified attack narratives and, when warranted, executing automated mitigations such as locking compromised accounts.

Key architectural and product claims include:

• •continuous, cross-domain signal correlation across cloud, identity, endpoint, and network
• •automated investigation workflows that convert fragmented alerts into a single narrative
• •selective query-first data access rather than ingest-and-store-all, lowering storage costs and latency
• •natural-language querying and automated response playbooks to shorten mean time to detection and response

Artemis has not published open benchmarks, model architectures, or training-data provenance. The company frames its approach as fundamentally different from legacy rule-based systems, describing itself as built from the ground up for AI-era, automated attacks.

The raise and product positioning come amid rising concern that attackers will use advanced generative and agentic models to scale and speed up attacks. Industry signals include CrowdStrike reporting sharply shortened time-to-attack, and public disclosures from model developers such as Anthropic about Claude Mythos detecting large numbers of zero-day vulnerabilities. That creates an asymmetric pressure on defenders to move from human-paced, rules-based tooling to systems that operate at machine speed.

Artemis sits at the intersection of several trends practitioners care about: automation of the attack chain, the commoditization of sophisticated offensive tooling, and the operational limits of current SIEM and SOAR stacks. The startup's query-first architecture and automated narrative approach reflect a practical tradeoff: reduce data storage costs and analyst overhead at the cost of relying on high-fidelity, on-demand connectors and strong detection models.

Key technical unknowns include Artemis's model quality, false positive/false negative characteristics, ability to generalize across customer environments, and the security posture of any automation that can take autonomous mitigation actions. There is also an arms-race dynamic: as defenders adopt ML-driven automation, attackers will adapt ML techniques to evade or poison signals. Finally, regulatory and compliance requirements around automated remediations and evidence retention may constrain deployment in highly regulated sectors.

Look for Artemis to publish technical benchmarks or third-party validation, details on data connectors and retention policies, integration pathways with existing SIEM/SOAR and identity providers, and how they mitigate adversarial manipulation of their models. Monitor customer case studies for measured reductions in investigation time and SOC workload, and watch investor and partner signals for enterprise adoption momentum.

Artemis's raise signals investor urgency around defender tooling built specifically for AI-driven threats, but practical effectiveness will hinge on model transparency, operational safety, and measurable reductions in analyst time-to-resolution.