Exaforce Raises $75 Million to Help Security Teams Keep Up With Alerts

Cybersecurity startup Exaforce has secured $75 million in Series A funding to expand its AI-powered platform designed to handle the overwhelming flood of security alerts that plague enterprise security teams. The Wall Street Journal reported the funding on April 17, 2025, with venture firms Khosla Ventures and Mayfield Fund leading the round. Thomvest Ventures also participated significantly. The company did not disclose what the funding valued the company at.

Founded two years ago, Exaforce entered a growing market for AI-assisted platforms that help organize, automate, and respond to security threats — often shortened to SOAR. The company's main innovation is what it calls "Exabots" — AI agents that can read through security alerts, figure out which ones matter, and respond to genuine threats with little or no human involvement.

The Alert Problem Security Teams Face

Every second, enterprise security systems detect thousands of potential threats and suspicious activities. The catch: most of them are false alarms. Security teams today spend enormous effort manually sorting through this noise, trying to identify the handful of alerts that represent real attacks. It's exhausting work, and it's called alert fatigue.

Exaforce's technology tackles this directly. Its AI models learn to distinguish real threats from harmless activity that just happened to trigger an alarm. When an alert comes in, Exabots can dig deeper on their own — pulling in information from network logs, endpoint data, and threat intelligence — and either escalate the alert to human analysts if it looks genuine or dismiss it if it's just noise.

Traditional security automation relies on fixed rules: if condition X, then do Y. Exaforce's approach is different. Its AI agents can make judgment calls based on context, adapting their investigation tactics depending on what they find and what threats are currently active.

Early Market Recognition

The company has already picked up significant industry validation. It was named a leader in GigaOm's 2025 review of security operations platforms, won Intellyx's 2025 Digital Innovator Award, and appeared on The Software Report's list of the top 50 software companies. Exaforce also participated in AWS's accelerator program for startups building generative AI tools, suggesting the company is building technology that works well with cloud infrastructure.

Having watched enterprise security tools evolve over the past three decades, I've seen this story unfold before. When security teams became buried under log files in the 2000s, vendors built SIEM platforms — systems that ingested all those logs and made them searchable. When detection systems grew smarter but still produced too many alarms in the 2010s, the industry shifted to behavioral analytics that could learn what normal activity looked like. Exaforce fits that same pattern: it's the next step, applying AI language models and autonomous agents to decisions that security analysts used to make by hand.

How the Platform Works

Exaforce sits on top of a company's existing security tools — it doesn't replace them. It pulls in alerts and data from detection systems, firewalls, endpoint tools, and everything else a security team runs. The Exabots read the alert descriptions, connect related events over time, and use threat intelligence feeds to estimate how serious each alert is.

Because the AI agents can adapt their approach based on what they learn about a specific organization — its networks, past incidents, and current threat landscape — they can handle more complex investigations than traditional automation rules allow. Instead of following a preset checklist, the agents can adjust their strategy as they go.

This helps solve a real constraint in security operations centers: the number of human analysts can't grow fast enough to keep pace with the alerts their tools produce. By automating the routine triage and investigation work, Exaforce aims to free up security professionals to spend time on harder problems, like hunting for threats that haven't triggered any alarms yet or improving the organization's overall security strategy.

The Funding and What Comes Next

A $75 million Series A is substantial funding for a two-year-old cybersecurity company. Khosla Ventures' involvement signals investor confidence in AI-driven security tools. Mayfield Fund brings experience scaling enterprise software companies. Thomvest Ventures' participation suggests the investors expect rapid growth and expansion.

The money will likely go toward hiring sales teams to reach more enterprises, engineering teams to build out the platform further, and partnerships with major security vendors so Exaforce's agents can work smoothly with the tools companies already use.

The company's choice not to disclose its valuation reflects a broader trend among AI startups: in today's volatile market, many prefer to keep their valuation private rather than set a public benchmark. But the funding size itself suggests strong investor conviction.

Competition and Market Fit

Exaforce enters a field with well-funded competitors. Phantom (owned by Splunk) and Demisto (owned by Palo Alto Networks) are established players in security automation. Newer startups are also applying generative AI to security workflows. But Exaforce's timing aligns with a broader enterprise shift toward AI agents — companies are now testing autonomous AI in customer service, DevOps, and other domains, so security operations is a natural next frontier.

The broader context here is that enterprises are trying to orchestrate their existing security tools rather than rip-and-replace them with new platforms. Exaforce's approach of plugging into existing systems via APIs fits that preference for flexibility and interoperability.

What This Means for the Industry

This funding round reflects investor optimism about applying large language models to security workflows, especially to automate decisions that have historically required a human analyst to make the call. As companies expand their infrastructure through cloud adoption and distributed work, the volume of alerts keeps growing while the supply of skilled security analysts does not.

Exaforce represents a shift in how automation happens in security. Traditional automation is deterministic — if A happens, do B, full stop. Agentic AI automation is probabilistic — the AI weighs evidence and makes a judgment call. That enables more nuanced threat assessment but also introduces questions worth considering: Can you always explain why an AI agent made a particular decision, and who is accountable if it makes a mistake?

The investment validates what the market seems to want: security platforms that can show real improvements in how many false alarms analysts have to wade through and how much productive work each analyst can handle. Those are the metrics that actually matter in a security operations center, where time and headcount are always constrained.