Veria Labs, a startup spun out of the nation's top-ranked hacking team, has announced a $3.2 million seed funding round. The company aims to revolutionize application security by making cyberattacks a relic of the past.
The team, which previously spent years breaching complex systems for billion-dollar companies, identified a critical flaw in traditional penetration testing. Pentesters, despite their expertise, face limitations due to tight two-week windows and vast scopes, inevitably missing vulnerabilities.
The Limits of Traditional Pentesting
Companies invest heavily in security, often hiring expensive pentesting teams. However, these engagements are typically short-term and booked months in advance. The sheer volume of code and potential attack vectors means that even top talent must make difficult trade-offs, leading to missed issues.
Furthermore, the security landscape is constantly shifting. New features are deployed weekly, introducing new attack surfaces. Pentest reports quickly become outdated, offering only a fleeting snapshot of a company's security posture.
Veria's AI-Powered Offensive Security
Veria Labs is tackling this problem with an AI-driven platform designed for continuous offensive security testing. Unlike static checks or periodic pentests, Veria's AI actively explores applications, tests exploitability, and identifies full attack paths by chaining together weaknesses.
In one instance, the AI autonomously discovered six distinct methods to compromise user accounts on a major web application, providing suggested fixes for each. This capability showcases a significant advancement in AI offensive security, moving beyond manual limitations.
The platform automates the repeatable aspects of manual hacking workflows. It maps attack surfaces, generates hypotheses about potential vulnerabilities, and tests them systematically. The key differentiator is its continuous operation, allowing it to explore breadth and depth far beyond human capabilities.
Veria's AI delivers detailed reproduction steps and recommended fixes, mirroring the output of top-tier pentest firms but on a continuous basis. This approach is designed to be accessible to startups lacking dedicated security teams and to augment mature security programs in larger enterprises, complementing traditional pentests and addressing the gaps left by continuous pentesting efforts.
Continuous Security for All
The company emphasizes that robust security should not be a privilege limited by budget. Veria aims to provide enterprise-grade offensive testing capabilities to companies of all sizes.
Funding and Future Plans
The $3.2 million seed round, backed by investors including Y Combinator, Paul Graham, and Gokul Rajaram, will fuel further development. Veria Labs plans to maintain a lean, elite team and is actively seeking top offensive security engineers.
