Google picks 33 cybersecurity startups for Gemini AI forum
Key Takeaways
- Google selected 33 startups for its first Gemini Startup Forum focused on cybersecurity
- Startups span six areas: AI agent security, application security, cloud infrastructure, and more
- Participants get direct access to Google DeepMind, Google Cloud, and Wiz specialists
Google announced 33 cybersecurity startups joining the Gemini Startup Forum, the company's first AI-focused accelerator cohort dedicated entirely to security. The startups span six specialized areas, from protecting autonomous AI agents to building post-quantum cryptography systems. Each company will work directly with specialists from Google DeepMind, Google Cloud, and Wiz to refine their product roadmaps.
"Startups are at the forefront of tackling some of the world's most complex challenges, especially in cybersecurity, where new ideas and adaptability are always needed," said Sandra Joyce, VP of Google Threat Intelligence, in the announcement.
What problems are these startups solving?
The cohort divides into six focus areas. The largest cluster tackles AI agent security and governance. Seven startups in this group are building tools to monitor, restrict, and audit what autonomous AI agents do inside enterprise environments.
Capsule Security, based in Israel, offers runtime protection that tracks agent API calls and tool usage in real time. Evoke Security built an EDR platform specifically for AI agents, deploying sensors to scan for risky configurations and block unauthorized actions. Manifold Security takes an agentless approach, using graph analysis and open telemetry to map agent behavior without installing local software.
Mirror Security from Ireland stands out for its use of fully homomorphic encryption. The startup lets enterprises run model inference and database queries on encrypted data without ever decrypting it. That solves a core problem for regulated industries that want AI capabilities but cannot expose sensitive data during processing.
Refractal, based in the UK, focuses on governance and compliance. Its platform intercepts agent actions, evaluates them against organizational policies and European regulations, and generates cryptographic audit logs. For engineering teams building agentic systems in the EU, that compliance layer becomes table stakes.
Application security gets an AI overhaul
Four startups in the cohort target application security and vulnerability management. Alt Security from Israel built an agentic penetration testing platform where autonomous AI agents run reconnaissance, chain vulnerability findings, and validate exploits in sandboxed environments. The system automates work that typically requires expensive manual pentests.
Pixee addresses the remediation bottleneck. Most security teams drown in scanner alerts but lack time to fix them. Pixee converts scanner results into verified pull requests using a context graph and deterministic harness. The fixes are designed to pass CI pipelines, cutting the friction between finding a vulnerability and shipping the patch.
Arcjet takes a different approach by embedding security directly into developer codebases via an SDK. Bot detection, rate limiting, and prompt injection protection run natively in the application, keeping decision latency low.
Cloud and infrastructure protection
CloudFence monitors cloud network traffic to establish baselines of normal communication patterns. When a system starts talking to an unfamiliar destination, the platform alerts immediately. CyberSeQ scans code and digital pipelines for vulnerabilities, though the full details of its approach were not disclosed.
The infrastructure security category matters particularly for teams running multi-cloud or hybrid environments. Traditional perimeter security does not translate well when workloads shift between providers or when AI agents make autonomous API calls across services.
Why Google is betting on AI-native security
The timing reflects two converging trends. First, AI agents are moving from demos to production. Companies like Vercel are actively acquiring identity infrastructure for agentic systems. As agents proliferate, so do the attack surfaces they create.
Disclosure
Some links in this post are affiliate links — Logicity earns a commission if you sign up, at no extra cost to you. We only link products we have used or actively recommend.
Second, offensive AI capabilities are advancing faster than defensive ones. Attackers already use generative AI for phishing, code analysis, and vulnerability discovery. Defenders need AI-native tools to keep pace. Google's bet is that startups, unburdened by legacy architectures, will build those tools faster than established vendors.
The accelerator gives participating startups more than advice. They get direct access to Google's AI infrastructure and the Gemini model family. For early-stage companies, that technical leverage can compress years of development into months.
Logicity's Take
The concentration of startups in AI agent security signals where the industry expects the next major breach category. Seven of 33 companies focus specifically on governing what autonomous agents can do. For engineering leaders, this cohort is a preview of the tooling you will evaluate in 12 to 18 months. Watch Capsule Security and Onyx Security for runtime monitoring, Refractal if EU compliance matters, and Pixee if your team's vulnerability backlog keeps growing. The absence of major incumbents from this list is telling. CrowdStrike, Palo Alto, and Wiz are not building these tools in-house yet. The acquisition targets are forming.
What startups get from the program
Google did not disclose specific dollar amounts for cloud credits or equity terms. The Gemini Startup Forum provides access to specialists from Google DeepMind, Google Cloud, and Wiz. Wiz's involvement is notable. Google attempted to acquire Wiz in 2024 for a reported $23 billion. Their partnership here suggests ongoing strategic alignment even after the failed acquisition.
The forum structure emphasizes dialogue over pitch competitions. Startups work on their roadmaps alongside Google engineers rather than competing for a prize. That design favors companies at the product-market fit stage rather than pre-product teams.
The areas Google did not select for
The six focus areas exclude some traditional security categories. No startups specialize in email security, phishing detection, or identity and access management. The omission suggests Google views those markets as mature or already well-served by existing vendors.
Post-quantum cryptography made the list, though the source did not detail which startups address it. That inclusion reflects growing enterprise concern about harvest-now-decrypt-later attacks, where adversaries collect encrypted data today expecting to decrypt it once quantum computers become viable.
Related coverage on how companies are building identity infrastructure for AI agents
Frequently Asked Questions
What is the Gemini Startup Forum?
The Gemini Startup Forum is Google's flagship accelerator program for AI-native startups. The cybersecurity cohort is its first dedicated to security companies building on AI.
How many startups are in the first cybersecurity cohort?
Google selected 33 startups across six focus areas including AI agent security, application security, cloud infrastructure, and post-quantum cryptography.
What do selected startups receive?
Startups get direct access to specialists from Google DeepMind, Google Cloud, and Wiz to work on their product roadmaps. Specific cloud credit amounts were not disclosed.
Which startups focus on AI agent security?
Seven startups address AI agent security: Capsule Security, Evoke Security, Manifold Security, Mirror Security, Onyx Security, Refractal, and Unbound Security.
Is Google investing in these startups?
Google did not disclose equity terms. The program focuses on technical mentorship and access to Google's AI infrastructure rather than traditional venture investment.
Need Help Implementing This?
If you are building agentic systems and need to evaluate security tooling, reach out to our team for vendor comparisons and implementation guidance.
Source: Cloud Blog
Huma Shazia
Senior AI & Tech Writer
Produced with AI assistance and reviewed by the Logicity editorial team. Learn more in our Editorial Policy.






