AI-Based Phishing Simulation Firm Raises $43M to Boost Security Tools

Adaptive Security attracts $43M as phishing threats evolve

Cybersecurity startup Adaptive Security Inc. has raised $43 million in a Series A funding round co-led by Andreessen Horowitz and the OpenAI Startup Fund. The round also drew participation from more than half a dozen investors, including senior figures from Google LLC, Workday Inc., and other leading tech companies. The company plans to use the funds to expand its research and development efforts and further develop its simulation-driven approach to combating social engineering threats.

Founded to help organizations assess their resilience to modern cyberattacks, Adaptive Security has already onboarded more than 100 enterprises since its launch. The platform allows companies to simulate real-world phishing scenarios powered by large language models (LLMs). These AI-generated attacks test employee responses and help identify internal vulnerabilities, offering tailored cybersecurity education based on the outcomes.

Simulations mimic real-world attack vectors

Phishing campaigns have evolved with the integration of AI, and Adaptive Security uses this same technology to craft convincing bait. By generating emails that resemble legitimate business correspondence — such as a product inquiry from a supposed customer — the platform reproduces common social engineering tactics. Publicly available data is used to personalize these messages, increasing the realism of the exercise.

To streamline deployment, Adaptive Security developed a feature called Direct Email Injection, which allows the delivery of simulated phishing emails without requiring companies to alter their email security settings. This bypasses traditional email filtering systems, ensuring simulations reach employees exactly as intended.

Beyond email: multi-channel threat simulations

In addition to email-based attacks, the platform supports phishing simulations through other communication channels. For example, it can replicate a company executive’s voice and send fraudulent messages via SMS, which often receive higher engagement. Another layer of simulation includes impersonation of supplier support teams, increasing the complexity and realism of the threat landscape it imitates.

Administrators gain access to a centralized dashboard where they can monitor simulation performance in real time. The dashboard presents key analytics such as open rates, click-throughs, and employee responses, offering a clear picture of organizational risk exposure.

Training and response tools tailored to organizations

The employee experience extends beyond detection. Users can engage with interactive training modules that are gamified and adaptive to individual performance. Companies can also use AI to design content suited to their specific operational contexts, providing more meaningful learning outcomes.

In real incidents, employees can report suspicious emails directly through the platform. As Co-founder and Chief Executive Officer Brian Long stated, “When someone reports a suspicious message, our AI doesn’t just forward it to IT — it analyzes the message in real time, scores the risk, and helps security teams act fast.”

With its latest funding, Adaptive Security is positioning itself to strengthen enterprise defenses against AI-enhanced phishing and other human-targeted cyber threats.