Security gets a new brain

Every CISO our team spoke with at RSA this year echoed the same refrain: AI will change security more than the cloud did, and right now, none of them feel ready.

AI-powered attacks execute in minutes, morph as they go, and look different every single time. By the time security teams develop detection playbooks to respond, they’re stale. But the sophistication of the threat is only half the problem. The other half is internal.

Enterprises today are sprawling, interconnected webs of identities, services, cloud infrastructure, AI agents, APIs, and machines, all in constant motion. The security tools that monitor them each provide a limited view, each generating more data than ever, but none adds up to a complete picture that can help security teams respond more quickly. The result isn't better security; it's more noise, higher costs, and slower response times.

At the center of this problem is the SIEM, the "brain" of security operations, responsible for real-time detection and retrospective triage. Pricing for existing SIEMs scales linearly with data volume, meaning bigger companies often spend millions a year on products like Splunk. They're complex, and often require their own proprietary query language. And they're slow, requiring manual rules, sluggish querying, and hours or days to triage a single incident. We've spoken with more than 60 CISOs in the past 12 months that listed SIEM as a top 3 priority category to leverage AI + displace incumbent technology.

This is why we’re so excited to announce that we’ve led Artemis (opens in new tab)’s Series A. The team has built the AI-native protection platform that the industry has been waiting for, and we believe they’ll be foundational to helping security teams adapt to the biggest platform shift of their careers.

A New Architecture for Threat Detection

Artemis takes a fundamentally different approach than legacy SIEM. Legacy tools force organizations to ingest and warehouse all their data upfront, a model where costs balloon in lockstep with data volume, and where teams are financially punished for wanting better visibility. Artemis lets teams choose what works best for them: it can query data within customers' existing storage and log sources on demand, providing comprehensive coverage at a dramatically lower price point, or ingest and own the full protection experience. And instead of learning a proprietary query language to investigate an incident, analysts can simply describe what they're looking for in plain language and let the system handle the rest. That’s led to dramatically faster response times: early deployments have cut mean time to detect and respond to critical security events by 94%.

Artemis also provides the complete view that security organizations have been missing. It stitches together behavioral signals from users, machines, cloud workloads, and applications alongside the business context that gives those signals meaning to create a living model of each organization. At one customer organization, Artemis immediately uncovered shadow activity existing tools had missed and diagnosed multi-million dollar savings in cloud spend.

The overall effect on the analyst workflow is transformative. Security teams stop spending their time hunting down logs, correlating events across five dashboards, and assembling timelines by hand. Instead, they focus on what they were hired to do: make judgment calls on real threats.

A Team Built for This

Artemis’s product feels like an intuitive answer to security teams’ needs because its founders deeply understand the problem they’re solving. Shachar Hirshberg (opens in new tab), Artemis's CEO and co-founder, built AWS GuardDuty and previously was a leader at Demisto through its acquisition by Palo Alto Networks. He's lived the SIEM problem from the inside as both a builder and an operator at the highest level of the security industry. Dan Shiebler (opens in new tab), Artemis's CTO and co-founder, led AI and ML at Abnormal Security, one of the breakout AI security companies of the last generation. He brings deep expertise in applying modern machine learning to security at scale. Together, they combine the rare intersection of domain depth in security operations and frontier AI capability. This is the team to build an AI-native SIEM.

Today, we’re thrilled to welcome them out of stealth. We believe that this team and this product are a match for the challenge AI poses to security teams.