Israeli-founded cybersecurity startup Artemis has officially emerged from stealth with $70 mn in seed and Series A funding as it positions itself to fundamentally rethink the security information and event management (SIEM) market around AI-native threat detection and autonomous security operations.
The company was founded by Shachar Hirshberg, former product leader for AWS GuardDuty, alongside AI and machine learning specialist Dan Ring.
Artemis says the platform is designed to solve what it describes as the growing gap between “knowing” and “understanding” in enterprise security operations.
The funding includes a $55 mn Series A round led by Felicis and a $15 mn seed round co-led by First Round Capital and Brightmind. Additional participation came from Theory VC, Lockstep, and prominent cybersecurity operators, including founders of Abnormal AI and Demisto, former executives from Splunk, and leaders from CrowdStrike, Palo Alto Networks, Microsoft, and Okta.
The startup enters a cybersecurity market increasingly overwhelmed by fragmented infrastructure, rising attack complexity, and an explosion of security telemetry.
According to Artemis, security teams now possess more data than ever before but remain unable to effectively use it because traditional tools generate disconnected signals without meaningful operational context.
Modern enterprise environments produce enormous volumes of telemetry across cloud infrastructure, endpoints, applications, identity systems, and networks. Traditional SIEM platforms aggregate logs and alerts but frequently leave analysts manually correlating information across disconnected systems.
Artemis argues that this architecture reflects an outdated security model built around “watchtowers” that observe activity but cannot truly interpret whether behavior is legitimate or malicious.
“The industry has gotten very good at generating signals, but it is still surprisingly bad at understanding them,” the company said in its launch announcement.
The startup believes cybersecurity is entering a third major era. The first focused on perimeter defense through firewalls and VPNs. The second introduced detection pipelines and SIEM systems. The next era, according to Artemis, will require systems capable of reasoning autonomously across entire enterprise environments as attackers increasingly leverage frontier AI capabilities.
The company warns that modern attackers can now probe targets continuously, move laterally across environments, and perform thousands of seemingly harmless actions that evade traditional rule-based detection systems when viewed individually.
To address this challenge, Artemis uses AI to continuously model each customer’s environment, including users, AI agents, machines, cloud workloads, applications, behavioral patterns, and business context across integrated log sources.
This contextual understanding allows the platform to evaluate whether sequences of activity make operational sense rather than merely flagging anomalies.
The company describes this approach as “agentic defense,” drawing comparisons to biological immune systems that continuously learn, adapt, and recognize abnormal behavior in real time.
Instead of forcing analysts to manually investigate disconnected alerts, Artemis automatically generates environment-specific detections, conducts autonomous investigations, proactively hunts for suspicious activity, and assembles contextual threat narratives.
Analysts receive structured outputs that explain what happened, why it matters, what evidence exists, what containment actions are possible, and where human judgment is still required.
“The analyst’s job transforms from data assembly to decision-making,” Artemis explained.
A major differentiator for the company is its focus on autonomous reasoning rather than traditional anomaly detection. According to the founders, AI reasoning becomes significantly more reliable when it operates on top of structured environmental models.
The platform fuses telemetry from identity systems, cloud infrastructure, endpoints, networks, and applications into a unified operational graph that reflects how an organization actually behaves.
Once that model exists, Artemis says AI can reason about activity in ways traditional tooling cannot. Rather than scanning logs for isolated anomalies, the system evaluates whether a sequence of actions aligns with normal operational behavior.
This architecture enables what Artemis calls “agentic detection and response operations.”
The company says early enterprise customers have already achieved a 94% reduction in mean time to detect and respond to important security incidents.
Artemis is reportedly already deployed in production environments at major financial services, technology, and insurance organizations.
The platform currently analyzes more than 15,000 terabytes of telemetry daily and processes billions of events every hour.
The founders’ prior experience strongly shaped the company’s technical direction.
Hirshberg spent the last decade building enterprise security operations platforms at Demisto, Palo Alto Networks, and AWS GuardDuty, where he worked on one of the world’s largest cloud threat detection systems serving millions of AWS accounts.
Ring previously worked on large-scale behavioral modeling systems at Twitter before leading AI and machine learning initiatives at Abnormal AI, where behavioral analysis became central to detecting anomalous communication patterns inside organizations.
Those experiences led to Artemis’ core thesis: AI-powered cybersecurity systems become dramatically more effective when they understand operational context rather than simply processing isolated signals.
The launch comes amid a broader wave of AI-driven transformation across cybersecurity markets. Enterprises increasingly face staffing shortages, alert fatigue, fragmented tooling, and rapidly evolving threats that overwhelm traditional human-led workflows.
Legacy SIEM platforms have long struggled with operational complexity, excessive false positives, and expensive infrastructure requirements. Artemis is positioning itself as an AI-native alternative built specifically for modern cloud-scale environments and autonomous operations.
The company’s emergence also reflects intensifying competition across AI-powered security operations, where vendors are racing to build systems capable of automated reasoning, orchestration, and response rather than basic log aggregation.
Looking ahead, Artemis says its long-term goal is to move enterprise security away from reactive alert chasing toward continuously adaptive protection systems capable of learning and evolving alongside emerging threats.
“The next generation of security platforms will need to understand systems, not just observe them,” the company said.
