{"id":188508,"date":"2026-02-18T10:04:00","date_gmt":"2026-02-18T15:04:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/18\/exclusive-bain-and-greylock-bet-42-million-that-ai-agents-can-fix-cybersecuritys-worst-bottleneck\/"},"modified":"2026-02-18T10:10:11","modified_gmt":"2026-02-18T15:10:11","slug":"exclusive-bain-and-greylock-bet-42-million-that-ai-agents-can-fix-cybersecuritys-worst-bottleneck","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/18\/exclusive-bain-and-greylock-bet-42-million-that-ai-agents-can-fix-cybersecuritys-worst-bottleneck\/","title":{"rendered":"Exclusive: Bain and Greylock bet $42 million that AI agents can fix cybersecurity\u2019s worst bottleneck"},"content":{"rendered":"

Exclusive: Bain and Greylock bet $42 million that AI agents can fix cybersecurity\u2019s worst bottleneck<\/a><\/p>\n

https:\/\/fortune.com\/2026\/02\/18\/exclusive-bain-and-greylock-bet-42-million-that-ai-agents-can-finally-fix-cybersecuritys-messiest-bottleneck\/<\/a><\/p>\n

Publish Date: 2026-02-18 10:04:00<\/a><\/p>\n

Source Domain: fortune.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. Cogent Security has raised a $42 million Series A just six months after launch. Their bet? That AI agents can finally fix one of cybersecurity\u2019s most persistent bottlenecks: the grind between detecting software vulnerabilities and actually remediating them. The round, led by Bain Capital Ventures with Greylock and Definition participating, brings total funding to $53 million.\u200b<\/p>\n

For Bain partner and former Symantec CEO Enrique Salem who led the round, this is the culmination of a several-year courtship of founder and CEO Vineet Edupuganti. \u201cWe\u2019ve known him from pre\u2011founding the company,\u201d Salem told Fortune. \u201cThis wasn\u2019t necessarily his first starting idea, but they\u2019ve proven an ability to deliver against what we\u2019re working on.\u201d\u200b<\/p>\n

The problem is familiar\u2014and stubborn. In 2025, more than 48,000 new common vulnerabilities and exposures in software were reported, a 162% jump from five years prior, even as attackers increasingly use AI to probe fresh bugs within minutes of disclosure. \u201cThere are more vulnerabilities than you\u2019ll ever be able to remediate or imagine,\u201d Salem says. \u201cThe Holy Grail is, how do you figure out what to remediate because you\u2019ll never remediate everything.\u201d\u200b<\/p>\n

Greylock partner Saam Motamedi, who led Cogent\u2019s $11 million seed, says the company has since built \u201cone of the strongest AI teams in cybersecurity.\u201d Both Edupuganti and fellow co-founder Geng Sng came from Abnormal Security, where Edupuganti led product strategy and Sng built the ML fraud detection system that protects half the Fortune 500. Cogent\u2019s third co-founder, Thanos Baskous led infrastructure at Coinbase, where he was in charge of large-scale vulnerability remediation. The current Cogent team also\u00a0 includes hires from Google\u2019s Gemini\/DeepMind, Tesla, and Stripe, and already runs its platform in production \u201cacross large Fortune 500 enterprise environments.\u201d That traction, Motamedi argues, is \u201cincredibly rare\u201d for a company at this stage.<\/p>\n

Cogent doesn\u2019t replace existing security tools\u2014it sits on top of them. It connects to the scanners companies already use, to internal asset lists like those in ServiceNow, and to data from cloud and endpoint security tools.\u201cWe aggregate insights from all those signals, make sense of it, determine what to do, and then push action through the hands and the feet,\u201d Edupuganti told Fortune, referring to integrations with ticketing and patching systems.\u200b<\/p>\n

Finding these vulnerabilities isn\u2019t the hard part, according to Edupuganti. Instead the issue lies in assigning ownership of solutions. Security teams, Edupuganti adds, are \u201cdrowning in coordination work\u2014chasing down system owners, writing tickets, proving fixes happened. We built AI agents that handle that work end\u2011to\u2011end, so security teams can finally keep pace with attackers.\u201d\u200b<\/p>\n

Cogent says its customers are fixing their most serious security problems much faster\u2014reducing the time those high\u2011risk bugs stay active by about 97% on average. Many start cautiously, letting Cogent automate investigation, prioritization, and routing while humans retain the final remediation step: \u201cGiven all the context of my environment, tell me exactly who needs to do what by when, and let that person go do the work,\u201d Edupuganti says. Over time, some customers grant full autonomy in safer development environments, gradually expanding \u201cslices of autonomy.\u201d<\/p>\n

Motamedi argues Cogent isn\u2019t just slapping generic AI on security problems. Instead, it has built specialized AI that deeply understands one specific job\u2014sorting through and acting on software vulnerabilities.. Security teams arrive each day to \u201cthousands or millions of vulnerabilities\u201d and a queue of tickets requiring judgment and execution, he says. Cogent ingests sensor data, builds a prioritized view based on business context, then uses models from Anthropic and OpenAI to help write the code that actually remediates issues.\u200b<\/p>\n

That promise comes with a hard constraint: no black boxes. Cogent says it\u2019s designed for big, regulated companies that need tight controls. In practice, that means every AI action can be tracked and replayed, and it only runs within clear, customizable approval rules set by the customers. \u201cYou have to really make it clear for every decision that an agent is making, why is it making that decision, what\u2019s the impact,\u201d Edupuganti says, adding that the product surfaces explanations and confidence levels so customers can \u201cinspect it and then choose when they want to make the full plunge\u201d into autonomy.<\/p>\n

Motamedi describes the design target as a spectrum: in best\u2011case scenarios, Cogent \u201ccompletely obviates the need for the human\u201d on a specific vulnerability; in others, it makes a vulnerability engineer \u201c10 times as productive\u201d by pre\u2011triaging and doing the heavy lifting so they only handle the last 10 percent.\u200b<\/p>\n

Cogent\u2019s timing is keyed to moments like Log4j\u2014a massive security flaw discovered in late 2021 in a very common piece of software used all over the internet\u2014which Edupuganti calls a \u201cwatershed\u201d that exposed how hard it was for enterprises even to locate their exposure, let alone fix it. \u201cMost instances of Log4j are not remediated,\u201d he says. \u201cThe biggest challenge that people have is they just don\u2019t know where the thing was and who should fix it,\u201d a gap he expects to widen as zero\u2011days (when hackers release malware to exploit software vulnerabilities before a software developer has patched a flaw) increase.\u200b\u200b<\/p>\n

Since launching in July 2025, Cogent says it is already working with dozens of Fortune 1000 and Global 2000 enterprise customers, with a 10x increase targeted this year. With the new capital, the company plans to expand beyond vulnerability management to other security operations and IT automation workloads, while quadrupling its go\u2011to\u2011market team to push deeper into the enterprise.<\/p>\n

For Salem, who estimates he sees 400\u2013500 AI\u2011security decks a year, Cogent stood out because Edupuganti led with the problem, not the model. \u201cWhat Vineet did is he said, let me explain the problem. What am I solving? And why does it matter?\u201d he says. If the bet pays off, Salem already has his dream headline: \u201cSoftware is now secure.\u201d\u200b<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Exclusive: Bain and Greylock bet $42 million that AI agents can fix cybersecurity\u2019s worst bottleneck…<\/p>\n","protected":false},"author":1,"featured_media":188509,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/fortune.com\/img-assets\/wp-content\/uploads\/2026\/02\/2025689-Cogent-16-e1771376386835.jpg?resize=1200,600","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,32,27],"class_list":["post-188508","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188508"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=188508"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188508\/revisions"}],"predecessor-version":[{"id":188510,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188508\/revisions\/188510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/188509"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=188508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=188508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=188508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}