OpenAI just made its first cybersecurity investment 

Generative AI has vastly expanded the toolkit available to hackers and other bad actors. It’s now possible to do everything from deepfaking a CEO to creating fake receipts.

OpenAI, the biggest generative AI startup of them all, knows this better than anyone. And it has just invested in another AI startup that helps companies defend against these kinds of attacks.

New York-based Adaptive Security has raised a $43 million Series A co-led by OpenAI’s startup fund and Andreessen Horowitz, it announced Wednesday. This marks OpenAI’s first investment in a cybersecurity startup, OpenAI confirmed to TechCrunch. 

Adaptive Security simulates AI-generated “hacks” to train employees to spot these threats. You might pick up the phone to listen to the voice of your CTO asking for a verification code. That wouldn’t be your actual CTO, but a spoof generated by Adaptive Security. 

Adaptive Security’s platform doesn’t just spoof phone calls: It also covers texts and emails, while scoring which parts of a company might be most vulnerable and training staff to spot the risks.

The startup focuses on hacks that require a human employee to do something they’re not supposed to, like click on a bad link. These kinds of “social engineering” hacks, while basic, have led to huge losses — think of Axie Infinity, which lost over $600 million due to a fake job offer for one of its developers in 2022.

AI tools have made social engineering hacks easier than ever, co-founder and CEO Brian Long told TechCrunch. Launched in 2023, Adaptive now has over 100 customers, with Long saying positive feedback from them helped attract OpenAI to the cap table. 

It doesn’t hurt that Long is a veteran entrepreneur with two previous successes: mobile ad startup TapCommerce, which he sold to Twitter in 2014 (reportedly for over $100 million) and ad-tech firm Attentive, which was last valued at over $10 billion in 2021 according to one of its investors.

Long told TechCrunch that Adaptive Security will use its latest funding mostly on hiring engineers to build out its product and keep up in the AI “arms race” against bad actors. 

Adaptive Security joins a long list of other cyber startups working on the boom in AI threats. Cyberhaven just raised $100 million at a $1 billion valuation to help stop staff from putting sensitive info in tools like ChatGPT, Forbes reported. There’s also Snyk, which partly credits the rise of insecure AI-generated code for helping push its ARR north of $300 million. And deepfake detection startup GetReal just raised $17.5 million last month. 

As AI threats become more sophisticated, Long has one simple tip for company employees worried about getting their voice cloned by hackers. “Delete your voicemail,” he recommends.