Breaking
SEED: Enkrypt AI raises $2.35M led by Boldcap RESEARCH: DeepSeek-R1 found 11x more likely to generate harmful content PRODUCT: Sentry unites red teaming, guardrails & compliance FREE: LLM Safety Leaderboard benchmarks 200+ models AGENTS: Purpose-built security launched for autonomous AI SEED: Enkrypt AI raises $2.35M led by Boldcap RESEARCH: DeepSeek-R1 found 11x more likely to generate harmful content PRODUCT: Sentry unites red teaming, guardrails & compliance FREE: LLM Safety Leaderboard benchmarks 200+ models AGENTS: Purpose-built security launched for autonomous AI
Boston, Massachusetts  •  AI Security & Compliance  •  Founded 2022

Enkrypt AI

The company whose job is to break the world's AI models - politely, on purpose, and before anyone with worse intentions gets there first.

Enkrypt AI - Secure Your AI, Everywhere: LLM Guard, Red Teaming, Guardrails and Compliance in one platform

The pitch fits on a whiteboard: put a locked door between your company and its language models. Enkrypt AI makes the door - and then spends its days trying to kick it in.

$2.35M
Seed Raised
200+
Models Benchmarked
2022
Founded
~22
Employees
01

The Business of Being the Attacker

There is a strange fact about the artificial-intelligence boom, which is that almost everyone building on top of large language models is, in a technical sense, deploying software they do not fully understand and cannot fully predict.

A bank wires up a chatbot. A hospital pilots a clinical assistant. An insurer automates a claims workflow. In each case the model works beautifully in the demo and then, at some unknowable future moment, a user types something clever and the model cheerfully explains how to do something it absolutely should not. This is not a bug you can grep for. It is a property of the thing.

Enkrypt AI's entire business is the observation that this gap - between "the model works" and "the model is safe" - is not a footnote. It is a category. Founded in 2022 by two Yale PhDs, Sahil Agarwal and Prashanth Harshangi, the Boston company sells enterprises a control layer that sits between their users and their models, watches what goes in and comes out, and enforces rules that the model itself will not enforce on its own.

The framing the founders like is a "control layer" for generative AI. The way to think about it, roughly, is that an LLM is an extremely capable employee with no security clearance, no compliance training, and a documented willingness to be talked into things. You would not let that employee answer customer emails unsupervised. Enkrypt AI is the supervision.

What makes the company genuinely interesting - as opposed to merely useful - is that it does not wait for attackers to show up. It plays the attacker itself. Its automated red-teaming engine runs thousands of adversarial prompts against a model, cataloguing every jailbreak, every prompt injection, every quiet slide into bias or toxicity or, in the more colorful test cases, instructions for things that ought to require a background check. Then it hands the enterprise a report and, crucially, a set of guardrails to close the holes.

The uncomfortable premise of AI security is that your model will do the wrong thing eventually. Enkrypt AI's premise is that you should find out on your own schedule, not an attacker's.

This is a somewhat unusual thing to sell, because you are selling the absence of a disaster that has not happened yet, which is the hardest product in the world to price. The AI-security pitch has always had this problem. It got a lot easier to make in January 2025.

That month, Enkrypt AI published a red-team analysis of DeepSeek-R1, the buzzy Chinese reasoning model, and the results were the kind of thing that makes a chief information security officer put down their coffee. The report found R1 roughly 11 times more likely than comparable models to generate harmful content, with 78% of cybersecurity tests successfully coaxing it into producing insecure or outright malicious code, and 83% of bias tests producing discriminatory output. The story was picked up by Axios, Infosecurity Magazine, TechRadar, and the Cloud Security Alliance, among others.

It was, in marketing terms, an extraordinarily effective way to explain what the company does. In research terms, it was also just the product running in public. The leaderboard, the reports, the free benchmarks - these are the same red-teaming machine the enterprise pays for, pointed at the whole industry and left switched on.

02

What the Red Team Found

DeepSeek-R1, Under the Hood

Enkrypt AI red-team analysis • January 2025 • % of tests that succeeded in eliciting harmful output
Cybersecurity: insecure / malicious code78%
Bias: discriminatory output produced83%
Harmful content generated overall45%
Toxic / extremist responses6.7%

Benchmarked against OWASP Top 10 for LLMs, MITRE ATLAS, and the NIST AI Risk Management Framework. The model ranked in the bottom 20th percentile for safety. Figures as reported by Enkrypt AI.

03

The Physicists Who Turned Pro

The core team is heavy on mathematicians and physicists, which turns out to be a reasonable background for a job that is mostly about finding the one input in a billion that makes a system misbehave.

Co-founder & CEO

Sahil Agarwal

A Yale PhD who leads the company and has become one of the more quoted voices on why enterprises keep hesitating to deploy AI - and why the hesitation is, mostly, rational. His answer is to make the risk measurable rather than mysterious.

Co-founder & CTO

Prashanth Harshangi

The other half of the founding pair, also a Yale PhD, steering the technical work behind Sentry - the red-teaming engine, the guardrails, and the research that keeps landing in the security press.

Both founders hold PhDs from Yale. Their company treats every model as a puzzle waiting to be solved - by them, before someone worse does.

04

The Sentry Suite

Everything lives under one platform called Sentry. The unifying idea is simple: test the model, wrap the model, and prove to the auditors that you did both.

Test

Agent Red Teaming

Automated, continuous adversarial testing that probes models and agents for prompt injection, jailbreaks, bias, and CBRN misuse - before and after deployment.

Protect

Agent Guardrails

Runtime protection at scale that redacts sensitive data, blocks harmful prompts, and enforces policy on live AI systems.

Govern

Agent Policy Engine

Define and enforce use-case-specific policy across an organization's fleet of AI agents.

Audit

AI Data Risk Audit

Inspects training data, fine-tunes, and embeddings for privacy and security exposure.

Connect

MCP Gateway

A single secured endpoint for connecting to Model Context Protocol servers - one door, every MCP.

Scan

MCP Scanner

Scans MCP servers for security risks and misconfigurations as the agentic ecosystem expands.

"Making the world safer by ensuring the responsible and secure use of AI technology."

Enkrypt AI - Company Mission
05

What You Can Actually Do With It

Strip away the frameworks and the platform does a handful of concrete things. If you are a team about to ship an LLM feature, you can run it through automated red teaming and get back a ranked list of the ways it fails - which is a far more useful artifact than a vague sense of unease.

If your model is already live, you can put guardrails in front of it that redact personal data, catch prompt-injection attempts, and refuse to pass along the outputs you have decided are off-limits, all in real time. If you operate in finance, healthcare, insurance, or life sciences, you can map that testing to frameworks like the EU AI Act and NIST AI RMF so that "we secured it" becomes an auditable claim rather than a hope.

And if you have not chosen a model yet, you can consult the free LLM Safety Leaderboard, which ranks more than 200 models on safety and hallucination risk - the rare piece of vendor marketing that is genuinely useful to people who never become customers.

The company's tagline compresses all of this into three verbs: Ship Fast, Ship Safe, Stay Ahead. Most AI companies treat those as a tradeoff. Enkrypt AI's whole argument is that they do not have to be.

06

Money & Backers

Seed Round - $2.35M - February 2024

  • BoldcapLead
  • Berkeley SkyDeckParticipant
  • Kubera VCParticipant
  • Arka VCParticipant
  • Veredas PartnersParticipant
  • Builders FundParticipant

Ecosystem backing also referenced from Microsoft for Startups and NVIDIA startup programs.

Fast Facts

  • Founded 2022 by two Yale PhDs.
  • Headquartered in Boston, Massachusetts.
  • Published the industry's first LLM Safety Leaderboard - free to everyone.
  • Its DeepSeek report noted the model would detail the biochemistry of mustard gas.
  • Referenced customers & case studies include AI21 Labs, NATO StratCom COE, and NetApp.
07

The Story So Far

Feb 2024

Seed Round

Raises $2.35M led by Boldcap to build a visibility and security layer for generative AI.

Jan 2025

The DeepSeek Report

Publishes red-team findings that R1 is 11x more likely than rivals to generate harmful content. The story travels widely across the security press.

Apr 2025

Securing the Agents

Launches a purpose-built security solution for autonomous AI agents - inputs, reasoning, tool calls, and real-world actions.

2026

Into the Coding Assistants

Extends Sentry to secure AI coding assistants as the agentic ecosystem keeps expanding.

08

Watch & Demos

09

Follow & Read More