Andesite AI Inc., a two-year-old cybersecurity startup, is positioning itself as a counterweight to what its leaders see as a fragmented and technology-focused industry.

The company was launched by longtime colleagues and former CIA officers Brian Carbaugh and William MacMillan, driven by their shared frustrations with the inefficiencies of the current security ecosystem and the toll it takes on human operators. Carbaugh, a 24-year veteran of the CIA who ran its Global Covert Action unit, said his cybersecurity experience revealed both the strengths and weaknesses of technology-first thinking.

“I saw how good the agency can be when teams all work together with access to the right type of information all the time,” he said in an interview with SiliconANGLE. “I also saw what happens when you don’t have that. Unfortunately, that’s still the reality in the cybersecurity domain.”

MacMillan, Andesite’s chief product officer, joined the company after two decades at the CIA and a brief stint as senior vice president of information security at Salesforce Inc. He said Silicon Valley has too often emphasized building “blinky boxes” while neglecting the people forced to operate them.

“The industry has always failed to look at the people we already have and build tech that makes their lives better,” he said. “Cyber operators should be the fighter pilots of the 21st century. Instead, they’re burned out and overwhelmed.”

The founders said the rise of generative artificial intelligence poses new challenges. Attackers are now using the same tools defenders rely on to process data at scale, identify vulnerabilities and generate custom exploits. “The weaponization of gen AI by bad actors is going to be gnarly,” MacMillan said. “They don’t have ethical or legal constraints. We’ve got to prep teams to be ready for that onslaught.”

Andesite’s approach is to place the human analyst at the center of its platform. Rather than replacing staff, the company is developing what it calls a “decision layer” that unifies workflows across the dozens of tools enterprises typically deploy. Its software connects to existing technology stacks, normalizes data on the fly and provides what MacMillan described as “evidentiary AI,” or a system that articulates its reasoning as it prioritizes alerts, correlates signals and recommends next steps. It offers flexible deployment models ranging from software-as-a-service to air-gapped, on-premises environments.

The approach, the founders say, reduces toil by eliminating the need for analysts to toggle between portals or write complex queries. “No [security operations center] analyst ever has to write another query if they adopt this tech well,” MacMillan said.

Instead, staff can ask plain-language questions and receive contextualized answers, freeing time for proactive threat hunting. In one test, Andesite claims to have shrunk a workflow estimated at 1,000 analyst-hours down to less than three minutes.

Andesite, which is named after a type of igneous rock, has raised $38 million, including a $23 million round in February. Its paying customers include both government agencies and private-sector firms. Backers include In-Q-Tel Inc., a not-for-profit investment platform that invests in technologies for U.S. intelligence and national security.

Andesite plans to expand beyond its core “AI for SOC” product into adjacent areas such as fraud detection and risk management. For now, Carbaugh emphasized that the priority is “delivering absolute white glove excellence to our first handful of customers.”

Image: SiliconANGLE/DALL-E