The phone rings. It is your CEO's voice, asking for a wire transfer. Except it isn't. Jericho Security builds the training that teaches your people to hang up - by fighting AI with AI.
ABOVE: The brand built for the deepfake era. A company named after the most famous wall in history - which is, of course, remembered mainly for the moment it fell.
Jericho Security is a New York cybersecurity company with a peculiar daily routine: it builds AI attackers for a living, then turns them loose on its own customers.
The attackers are simulations - hyper-realistic phishing emails, cloned voices, deepfake requests - generated by the same kind of model a real criminal would use. The targets are employees. The point is to let people meet the convincing fake in a safe room, so they recognize it in the wild. Around 39 people run this operation, backed by $20 million and a customer list that includes the U.S. Department of Defense. Two years in, the company has a tidy thesis and an awkward truth to sell against.
For twenty years, the advice was simple: watch for bad grammar, weird links, and a Nigerian prince. Generative AI quietly retired all of it. Attacks are now fluent, personalized, and produced at volume. Jericho cites that the linguistic complexity of attacks has climbed measurably, and that phishing still sits behind roughly 90% of data breaches. The bait got better; the humans did not.
Then it got worse than email. A few seconds of audio is enough to clone a voice. A short clip is enough to fake a face on a video call. In 2025, by Jericho's count, deepfake fraud cost businesses around $200 million. The old security stack - firewalls, filters, endpoint agents - guards the doors and windows. None of it answers the phone.
This is the central tension Jericho lives inside: the cheapest, fastest-improving weapon in the attacker's kit is aimed squarely at the one part of the org chart no patch can fix. You cannot install an update on a person. You can, apparently, give them a fire drill.
Jericho was founded in 2023 by Sage Wohns, Tim Hwang, and Dan Chyan - a combination of AI builder, company builder, and security practitioner. Wohns, the CEO, previously ran the NLP company Agolo. Hwang founded the government-data platform FiscalNote. Chyan brought the cybersecurity consulting background. Their wager was almost stubbornly literal: the only thing fast enough to keep pace with AI-generated attacks is AI-generated defense.
So they built two of them. An AI red team that invents fresh attacks, and an AI blue team that hardens the response - sparring partners that improve by trying to beat each other. It is an adversarial setup borrowed from how modern AI is trained, pointed at a problem most awareness vendors still treat as a once-a-year compliance video.
An AI that generates novel, personalized attacks - email, voice, deepfake, multi-channel - so the simulation never goes stale.
An AI that learns from each exposure and tunes training to the gaps a specific person or team keeps falling for.
The thing both teams are really fighting over - and the only firewall that can be taught to say "let me call you back."
Sage Wohns, Tim Hwang, and Dan Chyan launch Jericho to defend the human layer against generative-AI attacks.
Led by Era Fund, with Lux Capital, FoundersX, MetaLabs, Alcove, Textbook, Alumni Ventures and Thorntree joining.
Through AFWERX, the Air Force's innovation arm - protecting military personnel from sophisticated phishing, executed over five months.
Led again by Era Fund's Jasper Lau, with Lux Capital, Dash Fund, Gaingels, Distique Ventures and Plug & Play. Total raised hits $20M.
Jericho unveils a self-service AI-powered phishing defense experience so teams can stand up training without a long rollout.
What a customer actually buys is a loop. The simulator launches individualized phishing and social-engineering campaigns. When someone clicks - and someone always clicks - the platform doesn't just log it; it serves training tuned to that exact mistake. Managers watch the whole thing from a dashboard of analytics and KPIs, so "human risk" stops being a hand-wave and starts being a number that moves.
The 2025 self-service release lowered the barrier further: stand up AI-powered phishing defense without a months-long deployment. It sells to enterprises and SMBs across retail, e-commerce, finance, healthcare, manufacturing, energy, higher education, and government - which is a long way of saying "anyone with an inbox and a payroll."
Hyper-realistic, AI-generated campaigns across channels - the bait, minus the consequences.
Red-team scenarios covering voice clones, deepfakes, and multi-channel social engineering.
Adaptive modules delivered to the person who just fell for it, about the thing they fell for.
Performance analytics and security KPIs that turn "are we safe?" into a trend line.
Skepticism is the correct setting for any "AI vs. AI" pitch, so here are the load-bearing facts. Jericho has raised $20 million across two rounds, both led by Era Fund - the kind of repeat conviction that matters more than a single headline. It is SOC 2 Type I and Type II certified. And it cleared the highest-friction customer there is: it won and executed a $1.8M Department of Defense contract through AFWERX, aimed at the Air Force's own phishing problem.
The market backdrop helps the argument. Security awareness training is worth roughly $5 billion a year and is projected to roughly double by 2027. Jericho's claim is not that this category is new - it's that the category was built for an era of bad grammar and broken links, and that era is over.
Chart bars are scaled for comparison; figures are company-cited estimates, not audited results.
Jericho's stated mission is plain: equip people with the knowledge and skills to identify, prevent, and respond to cyber threats - especially the AI-powered kind. Underneath that is a quieter ambition. The "human layer" has been the security industry's punchline for decades, the weakest link in every report. Jericho's vision is to make that layer as adaptive as the attacks aimed at it.
It's a competitive lane - KnowBe4, Proofpoint, Hoxhunt, Cofense and others got here first. Jericho's argument for existing is timing: it was built AI-native, for a threat model that arrived after the incumbents shipped. Whether that's a durable moat or a head start is the open question every challenger faces. Repeat-led funding and a DoD logo suggest the bet is, at minimum, being taken seriously.
Every trend line here points the wrong way for defenders. Voice cloning gets cheaper. Deepfakes get easier. The volume of personalized, fluent attacks goes up, not down. In that world, training that runs once a year against last year's tricks is theater. Training that regenerates itself as fast as the threat does is closer to a real defense - which is the entire wager Jericho is built on.
So return to the phone call. It rings, and it's your CEO's voice, urgent, asking for a transfer right now. The version of this story that ends in a wire to a stranger is the default. The version where someone pauses, recognizes the shape of a trick they've seen in a drill, and says "let me call you back" - that's the outcome Jericho is selling. The wall of Jericho is famous for falling. This company would rather be famous for the people who didn't.