Artemis Security is processing over one billion security events per hour, with more than a dozen production enterprise deployments, months after founding. The company was built by Shachar Hirshberg, who scaled Amazon GuardDuty to 80,000 customers, and Dan Shiebler, who led a 60-person AI/ML team at Abnormal Security. They raised a Series A alongside Felicis, Brightmind, and First Round to replace legacy SIEM architecture with a system that reasons about threats instead of just logging them.
The technical argument is worth reading in full. Traditional SIEMs treat logs as raw strings: they cannot connect 'jdoe' in Okta to 'john.doe' in AWS, and they rely on hand-written detection rules that break when log formats change. Artemis uses three layered capabilities: semantic understanding that builds a live model of users, assets, and relationships; agentic detection that runs multi-step reasoning before surfacing any alert; and closed-loop learning that converts findings from threat hunts into autonomous, self-maintained detections.
The compounding behavior of the third capability is what makes this worth watching. Legacy platforms degrade as data drifts away from static rules. Artemis is designed to get more accurate over time without human intervention. The full piece details why AI-generated phishing and deepfake scams are exposing the structural limits of existing tools, and why the founding team's specific backgrounds make this particular approach credible.
[READ ORIGINAL →]