.png?dpl=dpl_7uBwUqq3TNDk57U655CnKDoQisaB)
At Cotool, we're building the agent operating system for cybersecurity teams to detect and respond to modern threats. Today, we're excited to announce our $7.4M Seed round, led by Andreessen Horowitz with participation from WndrCo and an exceptional group of angel investors.
Offense that scales with tokens
About six months ago, Anthropic published findings on a state-sponsored group using Claude to help conduct coordinated cyber-intrusion operations: reconnaissance, scripting, and operational planning. The same agentic patterns developer tooling had been celebrating for productivity were now being wielded by nation-states and pointed at real targets.
Offense is now just-in-time software. An attacker commits intent to a model, the model forks across variations, probes, reports back, and iterates. What used to require a coordinated team of skilled operators can be run by a small group with the right harness. Offensive campaigns now scale with tokens, not headcount. Sophistication improves as models improve. The cost of mounting any given attack trends toward zero.
The Anthropic report described what offense was becoming. Our practitioner friends contrasted this with what defense still was. Advances in AI have given both engineers and threat actors a same step-change in capabilities. So far, all security operations teams have gotten is a chatbot. Advances in offensive technology mean defense teams simply cannot keep up.
The Factory Floor
To date, the defensive security industry's answer to the AI revolution has been to bolt LLMs onto the existing SOC model. Chat interfaces on SIEMs, triage automation without organizational context, the same human tier structure with a model at each level. They achieve marginally faster throughput, but the shape of the product is identical to what came before.
There's a well-known lesson from industrial history that applies here.
When factories first electrified, most of them replaced the central steam engine with an electric motor and kept the same floor layout. One motor, same centralized shaft, same belt-and-pulley arrangement at every station. Productivity gains were negligible; disruption came later, when factories distributed individual motors to each machine and reorganized their floors around that distribution. The central motor, however powerful, couldn't reach the parts of the floor it didn't touch.
Dropping an AI layer into an existing SOC org chart is the same mistake.
How Cotool Works
We at Cotool are building the "distributed factory." We’re building agents across the full detection and response lifecycle that share context, surface anomalies continuously, and close the loop between detection and response. Security teams use our platform to orchestrate agents that work together letting them operate at scales orders of magnitude larger than before.
A DLP alert fires because an employee shared a sensitive spreadsheet externally. An analyst without Cotool spends forty-five minutes checking sharing history, endpoint activity, and HR status, usually to confirm its routine communication from finance to a board member. One time in a hundred, it's the start of an exfiltration story. A Cotool Response Agent runs the same investigation in seconds. Define the objective and tools once, in plain language; the agent runs that logic across every alert, every time, returning a full evidence trail and surfacing the one case that warrants attention.
Detection coverage at most organizations is sized to alert budget, not threat surface.
An API key dormant for eight months starts enumerating S3 bucket contents at 2am from an unrecognized IP. No file is downloaded. No threshold is crossed. The access is technically authorized: nobody ever wrote a rule for "dormant key, suddenly active, unfamiliar origin." The intent is legible to anyone who has worked cloud incidents. No alert fires.
A Cotool Detection Agent catches it. Detection Agents sit directly on your live log stream with a natural-language intent: "unusual data access patterns in S3," "credential stuffing against the identity provider," "lateral movement in the corporate network." They run continuously in a secure code sandbox, evaluating real data against the stated intent with dynamically written code. Static rules encode what you knew about attacker behavior at the moment you wrote them. Detection Agents encode what you're actually worried about, keep looking, and adapt over time.
Because both sides live in one system, the feedback loop runs continuously. False positives identified during response refine upstream detections. A detection generating low-signal alerts gets corrected at the source.
In Production
We're in production with teams at Ramp, Elise AI, and other world-class security teams. Our agents have completed over 50,000 runs across detection, triage, investigation, and response.
Antoinette Stevens, Head of Detection and Response at Ramp, put the operational result directly: "[Cotool] enabled us to comfortably onboard new log sources and write rules around them without worrying that we're going to cause alert fatigue for the human detection engineers and analysts on the team."
On Model Benchmarks
Scaling defender judgment across 50,000 agent runs only works if the underlying models are actually strong at defensive security tasks. Existing benchmarks skew heavily toward offense, so we built our own and published everything at research.cotool.ai. Which model should power your triage agent? What architectures hold up on complex investigations? We think those answers should be public.
Tilting the scales
We raised a seed round to tilt the scales back towards defenders. We're backed by 16z, YCombinator, WndrCo, Homebrew, and angels from Okta, Ramp, Cloudflare, Amplitude, and SumoLogic.
The next few years will move fast, and will not be kind to folks who don't move equally fast. Models improve weekly, agentic tooling proliferates exponentially, and the costs (both people and dollars) of running sophisticated attacks get smaller every day. Security teams attempting to defend against machine-speed attackers at human speeds are already in a position that compounds against them over time.
The same dynamics which are strengthening threat actors can strengthen defense as well, but only if the infrastructure is built for it. Cotool is the infrastructure which will power this generation of defenders.
Best job in the world, back to work.