Exaforce builds software that helps security teams detect, investigate, and respond to cyber threats with AI agents instead of bouncing between a stack of separate tools. The Bay Area startup has now raised $125 million in fresh funding to push deeper into agentic security operations, a category getting crowded fast as enterprises look for faster answers to AI-assisted attacks. The pitch is simple: defenders can't keep up when alerts pile up and zero-days spread quickly. Analysts still spend too much time reconstructing context by hand. Exaforce was founded in 2023 by Ankur Singla, Ariful Huq, Jakub Pavlik, and Devesh Mittal.
What does Exaforce’s agentic security operations platform do?
Exaforce is building an AI-native SOC platform that collects cloud and SaaS telemetry into a real-time security knowledge graph. The platform uses AI agents for threat detection, triage, investigation, and response through tools like Exabot Detect, Exabot Triage, Exabot Investigate, and Exabot Respond. It's meant to handle detection and triage. Investigation and response happen inside one operating layer.
What makes that interesting is the order of operations. Many AI security tools still rebuild context during investigations by checking logs, APIs, and tickets one step at a time. Exaforce does the harder work upfront by connecting identities, permissions, configurations, files, code, and cloud activity as data arrives. That lets its agents retrieve context instead of rebuilding it on demand. In the company's words, that cuts typical investigations from many minutes to under a minute.
The tooling looks a lot more like an analyst workspace than a chatbot wrapper. Exaforce's platform supports natural-language queries and a conversational, visual data explorer. The platform also includes built-in workflows and a data pipeline that organizes and connects large volumes of telemetry data efficiently. This helps security teams avoid switching between SQL queries, scripts, APIs, and multiple dashboards during investigations.
There's also a technical bet underneath all of this. Exaforce says its multi-model AI engine combines semantic, behavioral, and knowledge models rather than leaning on an LLM alone. The idea is to reduce hallucinations and improve consistency. It also makes the output more auditable for security teams that can't afford fuzzy answers. The startup has also introduced “vibe hunting,” a natural-language approach to threat hunting that replaces rigid query-based searches.
Who founded Exaforce and how is it positioned in agentic security operations?
How Exaforce started
Exaforce came out of a pretty specific frustration. The founding team had experience securing large cloud environments and saw SOC teams struggling to stay ahead of threats. Other team members had worked on large language models and believed security teams needed specialized AI systems instead of generic models. They started Exaforce to speed up complex security tasks with specialized AI agents and better data infrastructure.
Why this team fits the problem
Ankur Singla gives the startup real founder-market fit. Before Exaforce, he founded Contrail Systems, which Juniper Networks acquired, and later founded Volterra, which F5 acquired. That history matters because Exaforce isn't selling a lightweight AI add-on. Exaforce is building a deep infrastructure platform for enterprise security teams, and Singla has experience building and selling enterprise software companies.
The broader team adds credibility too. Some early Exaforce team members came from F5 and Palo Alto Networks, while others had worked on LLMs at Google. Co-founder Jakub Pavlik previously co-founded tcp cloud, later acquired by Mirantis, and held engineering leadership roles at Volterra and F5. The team brings experience across cloud infrastructure, security operations, and AI engineering.
Traction, fundraising, and competition
The startup is no longer in pure demo mode. Exaforce brought its product to market in the fourth quarter of 2025 after roughly 2 years of work with design partners. Since launch, it has added 20 customers, including Replit and Guardant Health, and expects to reach 40 to 50 customers by the end of 2026. Mayfield also said the company has grown to more than 130 employees and processed millions of investigations.
On the money side, Exaforce has raised a $125 million Series B after a $75 million Series A last year, bringing total funding to $200 million. The new round included HarbourVest, Peak XV, Mayfield, Khosla Ventures, Seligman Ventures, and AICONIC. TechCrunch reported the Series B valued the company at $725 million. Exaforce says the money will go into its core platform, especially the multi-model AI stack and the real-time knowledge graph. It also plans expansion in Japan and Europe, along with more spending on customer success, research, MDR oversight, and support.
Competition is already intense. Startups such as 7AI, Dropzone AI, and Prophet Security are chasing the same AI-for-SOC budget, while bigger platforms from Palo Alto Networks and CrowdStrike still own a lot of buyer attention. Exaforce's clearest point of separation is architectural: it argues that legacy SIEMs and many AI SOC tools still reconstruct context mid-investigation, while its system keeps live context ready at ingest. That's the bet investors are backing — not just more automation, but a faster and cheaper way to reason about security events at enterprise scale.
Ankur Singla put that positioning plainly: “We built Exaforce to be the platform defenders actually work in, not just an AI layer on top of existing tools.” Vinod Khosla framed the investor case just as directly: “When the cost of defence drops by an order of magnitude, the entire calculus of security changes.”
Why did Exaforce raise $125M now?
This round matters because Exaforce is trying to cross a hard boundary: from impressive early product to global security platform. That jump gets expensive fast. Selling into enterprise security teams means long deployments, high support expectations, constant product tuning, and a real services layer around the software. Exaforce isn't just hiring researchers. It's putting money into MDR oversight, customer success, and support.
The timing also says something about investor appetite. A year after the Series A, the company came back with a much larger round and one of the bigger financings in the emerging AI SOC segment. That usually means two things: the product is landing with customers, and investors think the window to establish category leadership is open right now, not 3 years from now. Mayfield's note about production deployments, millions of investigations, and a tripled valuation backs that up.
For customers, the practical implication is simple. Exaforce now has the cash to expand product breadth and geographic reach without slowing down. If the company executes, buyers should expect a more mature platform and tighter workflows across detection and response. They should also expect stronger local coverage in markets beyond the US.
How big is the market for agentic security operations?
The market Exaforce is chasing is large enough to attract a lot of capital and messy enough to create room for new platforms. Frost & Sullivan estimates the global modern SIEM market will grow from $7.13 billion in 2024 to $13.55 billion by 2029, with cloud SIEM revenue growing at a 17.5% CAGR over that period. That's a useful proxy because modern SIEM platforms are steadily absorbing analytics, automation, and AI-assisted investigation features that used to sit in separate tools.
The services side is moving too. Grand View Research estimated the managed detection and response market at $3.5 billion in 2023 and projects it will reach $15.31 billion by 2030. That lines up with what buyers are actually asking for now: fewer point tools and faster triage. They also want a mix of software plus expert oversight when in-house teams are stretched thin.
And that's why Exaforce's timing doesn't feel random. AI-driven attacks are pushing enterprises to modernize security operations, but the real pressure is operational. Security teams need automation that's explainable, fast, and cheap enough to run continuously across cloud-heavy environments. The winners probably won't be the noisiest AI vendors. They'll be the ones that can fit into day-to-day SOC work without making analysts trust magic.
What should customers watch next from Exaforce?
Exaforce has enough money now to stop being judged like an intriguing startup and start being judged like a platform company.
That changes the standard.
The next thing to watch is whether its agentic security operations story holds up under broader deployment. Can it expand beyond early believers, keep false positives low, and make the human-plus-agent workflow feel reliable enough for real incident response? If it can, this round will look smart. If it can't, it'll be another reminder that AI security products sound a lot better in pitch decks than they do at 3 a.m. in a live SOC.
Read how Nivasa Finance raised ₹25 Cr in seed funding from Prime Venture Partners, Blume Ventures, and Whiteboard Capital to simplify affordable home-loan access for rural and semi-urban borrowers across India.
FAQ
– What is Exaforce’s latest funding round?
Exaforce raised a $125 million Series B in May 2026. The round followed a $75 million Series A a year earlier and pushed total funding to $200 million, with investors including HarbourVest, Peak XV, Mayfield, Khosla Ventures, Seligman Ventures, and AICONIC.
– How does Exaforce work for security teams?
Exaforce gives SOC teams a single platform that unifies telemetry, builds a real-time knowledge graph, and then uses AI agents to detect, triage, investigate, and respond to threats. The product includes Exabot Detect, Triage, Investigate, and Respond, plus natural-language search and visual investigation tools that reduce the need for manual queries and scripting.
– Who founded Exaforce?
Exaforce was founded in 2023 by Ankur Singla, Ariful Huq, Jakub Pavlik, and Devesh Mittal. Singla previously built Contrail Systems and Volterra, while Pavlik had already co-founded tcp cloud and later led engineering work at Volterra and F5, which gives the team a strong mix of cloud, infrastructure, and security depth.
– Is Exaforce a SIEM company or an MDR company?
It sits somewhere in between, which is part of the appeal. Exaforce is pitching an AI-native security operations platform that overlaps with modern SIEM, SOC automation, and MDR by combining data ingestion, investigation, response workflows, and optional managed oversight in one system.
