Breaking
SERIES A RAD Security raises $14M to scale agentic AI cloud defense REBRAND KSOC becomes RAD Security, 2024 RADBOTS VulnBot · CloudBot · GRCBot · Ask RADBot AWARD Black Hat 2024 Startup Spotlight winner RUNTIME eBPF behavioral fingerprinting at the kernel SERIES A RAD Security raises $14M to scale agentic AI cloud defense REBRAND KSOC becomes RAD Security, 2024 RADBOTS VulnBot · CloudBot · GRCBot · Ask RADBot AWARD Black Hat 2024 Startup Spotlight winner RUNTIME eBPF behavioral fingerprinting at the kernel
Company Profile · Cloud-Native Security San Francisco · Est. 2021
Agentic AI SecOps

RAD Security

The company that wants to stop you from managing alerts - and start letting AI run the security operations center.

RAD Security company logo

The RAD Security wordmark, mono lowercase with an aurora gradient - the kind of logo that looks less like a security vendor and more like a synth label. Fitting for a company that named its robots.

$20M
Total Raised
Seed + Series A
2021
Founded
as KSOC
~$7M
Reported ARR
100% retention
4
RADBots
and counting
The Story

A security company that named its robots

Here is a problem that sounds boring until it ruins your quarter: security teams get too many alerts. A modern cloud environment - containers spinning up and down, Kubernetes rescheduling workloads, identities assuming roles - generates an enormous volume of signals, most of which mean nothing. The industry's response, for about fifteen years, was to build better dashboards. Bigger screens, more colors, prettier ways to look at the pile of things you cannot possibly read.

RAD Security's bet is that the dashboard was never the answer. The company, founded in San Francisco in 2021, thinks the fix is to put an AI in front of the pile - one that reads each alert, decides whether it matters, and, within guardrails, does something about it. They call these workers RADBots. They have names and job titles. There is VulnBot, which handles posture. CloudBot does detection and response. GRCBot writes the compliance reports nobody wants to write. And Ask RADBot answers the follow-up questions, which is to say it is the one you actually talk to.

This is a slightly absurd framing, and RAD Security seems to know it, which is part of the appeal. But underneath the naming convention is a real technical argument. RAD does not start from a list of known-bad signatures - the digital fingerprints of attacks somebody has already seen and catalogued. It starts from behavior. Using eBPF, a Linux kernel technology that lets you observe what a workload actually does at runtime, RAD builds a fingerprint of normal - the processes a container spawns, the connections it makes, the way an identity typically behaves - and then watches for deviation. The pitch is that you catch the attack nobody has named yet, because you are not looking for the attack. You are looking for weird.

"Stop Managing Alerts. Start Running Security."

The company was not always called RAD. It started life as KSOC - Kubernetes Security Operations Center - a name that told you exactly what it did and exactly how narrow it was. In March 2024 it rebranded to RAD Security, and the rename was a strategy rather than a logo refresh. KSOC's Kubernetes posture product stuck around, but the company had expanded into identity threat detection, zero-day detection in the software supply chain, and behavioral response across the whole cloud footprint. When your scope outgrows your name, you either rename yourself for where the threat surface is going or you spend the next three years explaining that you do more than the name says. RAD chose the former.

The people behind it are a useful pairing. Brooke Motta, the CEO, spent her career on the revenue side of security companies - Rapid7, Bugcrowd, Wallarm, Sonatype - including a stint as chief revenue officer. Jimmy Mesta, the CTO, is a security engineer who has secured some of the largest containerized environments in the world and done the unglamorous work of building cloud security programs from scratch. Go-to-market plus deep technical is a common thing to claim and a rare thing to actually have. The market seemed to notice: in 2024 RAD was the only company to reach the finals of both the RSA Conference Innovation Sandbox and the Black Hat Startup Spotlight, winning the latter's audience award. Judges do not hand that out twice by accident.

"We're not just enhancing cloud security - we're addressing the future of AI security in real time."
Brooke Motta · Co-Founder & CEO
The Platform

Meet the RADBots

RAD Security's platform bundles three layers - agentic AI that reasons and acts, runtime intelligence that watches what's really happening, and SecOps automation that ties it into the tools teams already use. The most legible expression of that is the RADBot roster, each a named worker with a defined job. Structured output from each lands in a shared Inbox where analysts review, prioritize, and act.

Posture

VulnBot

Handles security posture and vulnerability context - what's exposed, what's exploitable, and what actually deserves attention across cloud and Kubernetes.

Detection & Response

CloudBot

Runs cloud detection and response on runtime telemetry, catching anomalous behavior like data exfiltration or unauthorized access using behavioral baselines.

Compliance

GRCBot

Generates compliance evidence and reporting from live runtime reality - turning the audit trail into a byproduct of the system rather than a second job.

Investigation

Ask RADBot

The conversational one. Answers investigation follow-ups, explains risk in plain language, and chases the thread across the stack so analysts don't have to.

Under the Hood

What you can actually do with it

  • Establish behavioral baselines for cloud and Kubernetes workloads using eBPF-driven fingerprinting
  • Detect deviations that signal malicious activity, insider threats, or novel zero-day behavior
  • Let large language models triage detections - separating the malicious from the benign before a human looks
  • Run identity threat detection and response (ITDR) against attackers abusing valid credentials
  • Maintain real-time Kubernetes security posture (the original KSOC capability)
  • Auto-generate compliance evidence and map controls to regulatory frameworks
  • Automate ticketing and response across integrated security tools
Fun Facts
  • KSOC stood for Kubernetes Security Operations Center.
  • The RADBots have personal names and job titles.
  • Only 2024 startup to make both RSA and Black Hat finals.
  • CEO Brooke Motta scaled Rapid7, Bugcrowd & Sonatype.
  • The platform reads the Linux kernel itself via eBPF.
Follow The Money

$20M, two rounds, one thesis

RoundAmountDateLead
Seed$6MFeb 2022.406 Ventures
Series A$14MFeb 2025Cheyenne Ventures

The Series A brought in Forgepoint Capital, Lytical Ventures, and Akamai as new investors, with existing backers .406 Ventures, Vertex Ventures, and Gula Tech Adventures following on. The stated use of funds: expand the platform and accelerate AI-driven cloud defense - including securing AI workloads themselves.

$6M
Seed '22
$14M
Series A '25
$20M
Total

Cumulative disclosed funding · Seed 2022 → Series A 2025

The Record

How RAD got here

2021

KSOC is founded

Brooke Motta and Jimmy Mesta launch Kubernetes Security Operations Center in San Francisco.

2022

$6M seed round

.406 Ventures, Vertex Ventures, and Gula Tech Adventures fund the Kubernetes posture product.

2024 · Mar

Rebrand to RAD Security

KSOC renames to RAD Security, expanding into behavioral cloud detection and response.

2024 · Apr

Dual competition finalist

Reaches the finals of both the RSA Innovation Sandbox and Black Hat Startup Spotlight, winning the latter's audience award.

2024 · Aug

AI-powered investigation

Launches LLM-driven incident investigation that sorts malicious behavioral detections from benign noise.

2025 · Feb

$14M Series A

Raises a round led by Cheyenne Ventures with Forgepoint, Akamai, and others to scale the agentic AI platform.

2025

RADBots expand

Rolls out new features for its agentic AI digital workers across posture, detection, compliance, and investigation.

The Case For It

Why people are watching

Recognition

Two-finals startup

The only company in 2024 to reach both the RSA Innovation Sandbox and Black Hat Startup Spotlight - and it won the Spotlight's audience award.

Traction

100% retention

Reported 3x ARR growth and full customer retention in the year before the rebrand, with logos in insurance, banking, and media.

Approach

Runtime-first

Betting on behavioral baselines over signatures - watching what workloads actually do rather than matching known-bad patterns.

Who Uses It

The buyer

RAD Security sells to enterprise security, SOC, and compliance teams - with reported traction among highly regulated, digitally mature organizations in insurance, banking, and media. It's a B2B SaaS subscription aimed at teams running serious Kubernetes and cloud footprints who feel the alert-fatigue problem acutely.

The Field

The alternatives

RAD competes in a crowded cloud-native security market against the likes of Wiz, Sysdig, Aqua Security, Upwind, Uptycs, Orca Security, and Palo Alto Networks' Prisma Cloud. Its differentiator is the runtime-plus-agentic-AI framing rather than posture scanning alone.

Watch

Interviews & demos

The Basics

Frequently asked

What does RAD Security do?
It's a cloud-native security company that uses runtime telemetry and agentic AI to detect, investigate, and respond to threats across Kubernetes and cloud environments, plus automate compliance evidence.
Was RAD Security called something else before?
Yes. It launched in 2021 as KSOC (Kubernetes Security Operations Center) and rebranded to RAD Security in March 2024 to reflect its broader detection and response scope.
Who founded RAD Security?
Co-founders Brooke Motta (CEO) and Jimmy Mesta (CTO), bringing go-to-market and cloud-native security engineering backgrounds respectively.
How much funding has it raised?
About $20M total - a $6M seed in 2022 and a $14M Series A in February 2025 led by Cheyenne Ventures.
What are RADBots?
Named, autonomous AI security workers - VulnBot, CloudBot, GRCBot, and Ask RADBot - that automate posture, detection and response, compliance reporting, and investigation.