Meet the 33 cybersecurity startups joining the Gemini Startup Forum Google announced the first 33 startups selected for its Gemini Startup Forum: Cybersecurity program, which focuses on AI-native cybersecurity solutions. The cohort includes companies like Capsule Security, Evoke Security, and Manifold Security, working on areas from autonomous agent protection to post-quantum cryptography. Startups are at the forefront of tackling some of the world’s most complex challenges, especially in cybersecurity, where new ideas and adaptability are always needed. These companies are embracing AI as a powerful tool, enabling them to scale their impact. Google believes that enabling the next generation of AI-native cybersecurity startups will have a positive impact across the globe. Today, we are thrilled to announce that our flagship Google for Startups program, Gemini Startup Forum: Cybersecurity https://startup.google.com/programs/gemini-startup-forum/cyber-security/ , has selected its first 33 trailblazing startups. This exclusive forum is designed to address critical domains and foster deep dialogue on AI integration in cybersecurity. Every startup will be able to work on their roadmap alongside AI and cybersecurity specialists from Google DeepMind, Google Cloud, and Wiz. This year’s cohort is organized into six specialized focus areas, from autonomous agent protection to post-quantum cryptography. Capsule Security Israel : Delivers runtime protection and behavioral monitoring for autonomous AI agents. The platform tracks agent activities, API calls, and tool usage in real-time to prevent unauthorized actions and data exfiltration across software-as-a-service SaaS and endpoint agents. Evoke Security United States : Functions as an endpoint detection and response EDR platform designed for AI agents. It deploys an endpoint sensor to scan for risky agent configurations, monitor runtime behavior, and block unauthorized skill executions. Manifold Security United States : Provides agentless detection and response for AI agents using graph analysis and runtime monitoring. By tapping into open telemetry and API hooks, the platform maps agent behavior and connections to identify anomalies without installing software on local machines. Mirror Security Ireland : Specializes in data-in-use protection for AI workloads using fully homomorphic encryption. The platform enables enterprises to perform model inference, database searches, and agent communications directly on encrypted data without decrypting it. Onyx Security Israel : Offers an AI control plane to discover, govern, and monitor autonomous AI agents across enterprise environments. The platform analyzes agent posture, tracks session token streams, and uses a model mesh to enforce context-aware compliance policies. Refractal United Kingdom : Builds runtime security and governance, risk, and compliance GRC infrastructure to monitor and govern enterprise AI agents. It intercepts agent actions, evaluates them against organizational policies and European regulations, and generates cryptographic audit logs. Unbound Security United States : Acts as an agent access security broker AASB that provides visibility and governance for developer-focused coding agents. It deploys endpoint hooks to monitor terminal commands and restricts agent actions based on user identity and group permissions. XOR United States : Produces reinforcement learning training data and environments to help AI models autonomously find and fix their own security flaws. The company provides verified task trajectories and benchmarks that developers use to train secure coding agents. Aisy United Kingdom : Models enterprise environments from an attacker's perspective to prioritize vulnerability remediation. The platform maps external attack surfaces, groups related assets into business-centered threat models, and identifies critical exploit chains. Alt Security Israel : Develops an agentic penetration testing platform that uses autonomous AI agents to perform security testing. The system automates reconnaissance, chains vulnerability findings to identify critical business risks, and validates exploits in sandboxed environments. Arcjet United States : Provides application security that executes natively inside developer codebases via an SDK. The platform handles bot detection, rate limiting, and prompt injection directly in the codebase, maintaining a low-latency decision loop. Pixee United States : Automates vulnerability triage and code remediation by converting scanner results into verified pull requests. The platform uses a context graph and a deterministic harness to generate codebase-compatible fixes that pass developer continuous integration CI pipelines. CloudFence United States : Monitors a company's cloud network like an invisible overhead drone. It studies the normal patterns of how systems talk to each other and immediately alerts managers if a system starts talking to an unfamiliar location. CyberSeQ United Kingdom : Scans software code and digital pipelines to check if their encryption is outdated. It helps organizations plan their transition to modern, quantum-proof security keys. Huskeys Israel : Works as a smart tuner for a company's digital firewall. It automatically optimizes and adapts traffic filters in real-time, reducing false alarms so legitimate customers can visit websites without being blocked. Native Israel : Serves as a multicloud security control plane that manages built-in native provider controls across Google Cloud, AWS, Azure, and Oracle. The platform uses a simulation engine to preview the operational impact of security policy changes before deployment. Prowler United States : Automates cloud security posture management and compliance checks across multicloud environments. The open-source platform uses a database of community-driven security controls to identify and remediate misconfigurations. QIZ Security Israel : Manages enterprise cryptographic assets and compliance posture through a centralized dashboard. The platform maps certificates, databases, and source code into a knowledge graph to help organizations transition to post-quantum cryptography. Tracebit United Kingdom : Uses cloud-native decoys, or canaries, to detect infrastructure intrusions and unauthorized access. The platform deploys these decoy resources at scale via infrastructure-as-code to trigger alerts the moment an attacker moves. Bold Security United States : Provides a user-space endpoint security agent that protects enterprise devices from data exfiltration and insider threats. The agent runs local classification models on-device, allowing for policy enforcement and data loss prevention without cloud latency. Glow Israel : Unifies endpoint, software, and AI agent monitoring into a single workspace protection layer. By using a team of collaborative AI agents, the platform maps organization-wide software footprints and blocks unauthorized browser extensions and plugins. Jazz United States : Modernizes data loss prevention DLP by analyzing user intent and business context rather than relying on static pattern rules. It uses a lightweight endpoint agent and an intelligent investigator to automatically triage and resolve data-flow alerts. ORION Security United States : Deploys an indicator-driven data loss prevention platform that tracks data lineage across endpoints, browsers, and SaaS tools. By mapping file movements in a graph database, the platform identifies exfiltration risks without requiring manual policies. MokN France : Combats credential theft through a proactive identity recovery platform. Its proprietary technology turns the tables on attackers by using ultra-realistic decoy access points to trick them into revealing the credentials they have stolen. This can help neutralize threats before the compromised credentials can be exploited. COGNNA Saudi Arabia : Operates an agentic security operations center SOC platform that analyzes security alerts and automates threat response workflows. The platform ingests telemetry from existing endpoint and security information and event management SIEM tools, using AI agents to investigate incidents and reduce alert noise. Latent Defense United States : Builds foundational world models for cybersecurity to represent complex system architectures as dense, multi-dimensional graphs. The platform uses these graph representations to identify exploitable attack paths and test them with automated red-teaming agents. Mate Security Israel : Investigates security alerts at scale using an AI-native security operations platform. It integrates with existing SIEM and security orchestration, automation, and response SOAR tools to map asset relationships, automatically triage incoming alerts, and minimize false-positive rates. Nrdsnipe Sweden : Builds an AI-driven security testing platform, Hedgehog, that automates internal network penetration testing. Deployed directly in customer networks, it uses planner and terminal agents to map assets and construct exposure-based knowledge graphs. RIFFSEC Poland : Delivers an early-warning threat intelligence and attack surface management platform tailored for the central European market. It monitors the dark web, Telegram channels, and code repositories to identify leaks, exposed credentials, and phishing campaigns. TandemTrace Spain : Augments security operations teams with autonomous AI agents that analyze raw telemetry to investigate alerts and hunt threats. The platform connects directly to existing data lakes and SIEM APIs to build human-readable context around security incidents. Netsec France : Manages the entire IT and cybersecurity lifecycle for mid-sized organizations through an all-in-one platform delivered directly inside collaboration channels. It automates user onboarding, device management, and SaaS posture remediation from a single control plane. Revelum United States : Detects and dismantles deepfake-driven fraud and impersonation campaigns at scale. The platform uses vision models and classification engines to analyze social media advertisements, verify biometric identities, and automate domain takedowns. Synqly United States : Provides a unified connectivity platform and API management control plane that simplifies integrations between IT and cybersecurity tools. It normalizes data schemas and acts as a deterministic middleware layer to facilitate bidirectional data sharing. By collaborating with global specialists, these startups are well-positioned to build a safer, more resilient digital infrastructure. The Gemini Startup Forum is a benefit of the Google for Startups Gemini Kit, packed with APIs, tools, training and technical resources to help startups scale with AI. You can learn more about the kit here https://startup.google.com/gemini/ . The threat landscape is always evolving. To meet this challenge, we will continue our commitment to Google for Startups. Over the past four years, we’ve supported more than 50 cybersecurity founders, including Authologic https://authologic.com/ , BforeAI http://www.bfore.ai , Build38 https://www.build38.com/ , Cerby http://cerby.com , Crowdsec https://www.crowdsec.net/ , and Risk Ledger http://www.riskledger.com/ . This year's cohort reflects the industry's transition from perimeter defense to autonomous AI agent security — emphasizing enterprise governance and the safe deployment of self-governing AI. Looking ahead, the integration of these technologies will help define the next generation of proactive digital defense.