Geordie AI: RSAC 2026 Innovation Sandbox Profile
This profile was compiled in March 2026 using AI tooling guided by security product strategy guidance from Lenny Zeltser's MCP server. The analysis was performed by AI without direct human validation, to demonstrate the capabilities of AI agents guided by an expert framework. Outside this demo, a human analyst would conduct iterative conversations with the AI agent to arrive at more accurate conclusions.
Executive Summary
Geordie AI is a London-based seed-stage startup building a security and governance platform for autonomous AI agents. Founded in April 2025 by former Darktrace and Snyk leaders, the company raised $6.5M from cybersecurity-specialist investor Ten Eleven Ventures and General Catalyst. Geordie won the Black Hat Europe 2025 Startup Spotlight and was named a 2026 SC Awards finalist. Its platform provides agent discovery, behavioral observability, and real-time risk mitigation across enterprise agentic deployments.
Company Overview
| Field | Detail | Evidence |
|---|---|---|
| Founded | April 2025 | LinkedIn profiles of co-founders |
| Headquarters | London, UK (with New York office) | Company website |
| Funding | $6.5M seed, co-led by Ten Eleven Ventures and General Catalyst | BusinessWire press release, Sep 2025 |
| Stage | Seed | BusinessWire |
| Employees | ~29 | Geordie.ai/about (company claim) |
| Key Investors | Ten Eleven Ventures (cybersecurity-only VC, $1B+ AUM, portfolio includes Darktrace, KnowBe4, Twistlock, Cylance, Ping Identity); General Catalyst ($32B+ AUM, portfolio includes Airbnb, Stripe, Armis) | Ten Eleven website; General Catalyst portfolio |
| Board Members | Mark Crane (General Catalyst Partner); Dave Palmer (Ten Eleven GP, Darktrace co-founder/CPO) | Company website |
Problem Definition and Market Opportunity
Enterprises are deploying AI agents that behave differently from traditional software. Agents act continuously, adapt to context, and make non-deterministic decisions across systems without a clear perimeter. Legacy security tools assume deterministic, bounded software and cannot govern this behavior.
An EY survey found nearly 9 in 10 enterprise leaders identify roadblocks to agentic AI adoption (confirmed, third-party). Security teams lack visibility into where agents exist, what they access, and how they behave. This creates a gap between business demand for agent-driven productivity and security teams’ ability to govern it.
The broader AI governance market is projected to grow from ~$340M (2025) to $4.83B by 2034 at a 35-45% CAGR (CloudEagle.ai market analysis). The EU AI Act, with fines up to EUR 35M or 7% of global turnover and high-risk rules taking effect August 2026, adds regulatory urgency. However, these projections cover the broad AI governance market. The specific “agentic AI security” sub-segment Geordie targets is newer and harder to size independently.
Product Capabilities
Geordie’s platform operates across three vantage points: code repositories, cloud APIs, and employee endpoints. The company claims first agent visibility in as little as 10 minutes (company claim, unverifiable).
Agent Discovery and Inventory. The platform detects agents across pro-code, SaaS, endpoint, and low/no-code environments. It inventories agents regardless of framework and maps tool access, data permissions, and ownership. Integrations span GitHub, GitLab, OpenAI, Claude, Cursor, Windsurf, Agentforce, Gemini, Databricks, Azure, LangChain, CrewAI, Amazon Bedrock, Microsoft Copilot Studio, and more (confirmed, company claim, verifiable through product page).
Behavioral Observability. The platform provides end-to-end behavioral telemetry across agent workflows. It tracks tools invoked, data accessed, code generated, and decision patterns. It detects behavioral drift and misalignment through continuous monitoring.
Beam Risk Mitigation Engine. Geordie’s proprietary “Beam” engine provides what the company calls real-time contextual governance. Rather than blocking agents post-execution, Beam intervenes at the planning stage with context-aware guidance. The company positions this as operating at the behavioral layer rather than the protocol layer, distinguishing it from MCP gateways (company claim, unverifiable without independent testing).
Compliance Framework Mapping. The platform maps to EU AI Act, OWASP Agentic Top Ten, ISO 42001, NIST AI RMF, and OECD AI standards (geordie.ai/how-it-works).
Workflow Outputs. Findings integrate with Splunk, Jira, and Microsoft Teams.
Competitive Positioning
Geordie occupies a narrow niche: agent-native security purpose-built for autonomous AI systems. Its positioning differs from adjacent categories in several ways.
vs. AI Governance Platforms (Collibra, Alation, Atlan). These focus on data governance and cataloging. Geordie targets runtime agent behavior, not data lineage.
vs. AI Security Testing (Mindgard, Robust Intelligence). These platforms test AI models for adversarial robustness. Geordie monitors deployed agent behavior in production.
vs. API Gateways and MCP Proxies. Geordie claims to operate at the behavioral layer with full workflow context, not just at the protocol/transaction layer. This is the company’s core technical differentiation claim.
vs. Cloud Security Posture Management (CSPM). Traditional CSPM tools monitor cloud infrastructure configuration. Geordie monitors agent-specific risks: cascading failures, context manipulation, goal drift, and silent off-goal decisions.
The General Catalyst investment thesis validates this positioning: “Agentic systems demand similarly autonomous security systems, not traditional software” (General Catalyst blog).
Direct competitors in the “agentic AI security” category are few and mostly early-stage. A commonly listed competitor set (Bundesdruckerei, Menlo Security, F-Secure, Malwarebytes) appears auto-generated and not meaningful for this niche. The real competitive risk comes from incumbent security vendors adding agent monitoring features to existing platforms.
Go-to-Market and Traction
Customers. Andy Gamble, CITO of Currys (UK electronics retailer), provided a testimonial on the Geordie homepage, suggesting at least one enterprise design partner. Mehdi Ghissassi, former Head of Product at Google DeepMind, also endorsed the platform. No customer count, revenue figures, or ARR have been disclosed.
Channel and Partnerships. Geordie was selected for the 2026 CrowdStrike, AWS, and NVIDIA Cybersecurity Startup Accelerator (confirmed, third-party). This provides cloud credits, go-to-market support, and potential co-selling access.
Awards and Recognition.
- Black Hat Europe 2025 Startup Spotlight winner (Geordie LinkedIn, Dec 2025) (confirmed, third-party)
- RSAC 2026 Innovation Sandbox Top 10 Finalist (GlobeNewsWire, Feb 2026) (confirmed, third-party)
- 2026 SC Awards Finalist, Most Promising Early-Stage Startup (GlobeNewsWire, Mar 2026) (confirmed, third-party)
- Harmonic Hot 25 for Q1 2026 (Geordie LinkedIn) (confirmed, third-party reference)
Research Output. Geordie published a technical advisory on eight n8n CVEs in February 2026, identifying critical RCE vulnerabilities in the workflow automation platform. This demonstrates active vulnerability research capability relevant to agentic infrastructure. They also disclosed five RCE vulnerabilities in October 2025.
Speaking. Hanah-Marie Darley spoke at the KKR Euro CISO Summit (Paris, Oct 2025), Infosecurity Magazine Enterprise Security & Risk Management Summit (Nov 2025), and Black Hat Europe (Dec 2025).
Revenue and Pricing. Not publicly disclosed. No pricing page exists on the website.
Team and Credibility
Henry Comfort, Co-Founder and CEO. Joined Darktrace in 2019 as Sales Operations Manager. Rose to COO Americas (2023-2025), where he led the due diligence process for Darktrace’s $5.3B sale to Thoma Bravo. Previously SVP Business Operations overseeing global operations and analytics. Before Darktrace, he was COO of Cambridge United Football Club. MBA from Quantic School of Business, BSc Management (First Class) from University of Bristol. He brings operational scaling and M&A experience but has not previously founded a technology company.
Hanah-Marie Darley, Co-Founder and Chief AI Officer. Spent 9+ years as an intelligence analyst with the U.S. Federal Government (2012-2021), working across intelligence agencies. Joined Darktrace in 2021 as Cyber Security Analyst. Rose through Head of Threat Research to Director of Threat Research by early 2025. Holds certifications in forensic psychology from The Open University and a degree from Regent University. She brings intelligence community experience and threat research depth.
Benji Weber, Co-Founder and CTO. 19+ years in software engineering. Spent 4+ years at Snyk as Director then Senior Director of Engineering (2019-2023), a company valued at $4.7B. VP of Engineering at Mindgard (AI security startup, 2024-2025). Earlier career at Unruly (adtech, acquired by News Corp) as SVP Software Development. BSc Computer Science from University of Warwick. He brings scaled engineering leadership from a high-growth security company.
Josh Kriss, COO. Spent 7+ years at Darktrace (2018-2025), rising from Account Executive to SVP/Global Head of Customer Engagement and Renewals. Based in New York, he leads US operations and GTM.
Key Hires. The team of ~16 draws heavily from Darktrace (4 alumni) and Snyk (3 alumni). Notable hires include Giuseppe Trovato (Research Lead, ex-Veracode vulnerability research, 10+ years), Michael Aquilina (engineering, ex-Snyk 6+ years), and Toby Wood (Head of Solutions Engineering, ex-Darktrace Senior Technical Director managing 150 sales engineers across EMEA).
Advisors. Ben Dewar-Powell (security leader, recruited Dec 2025) and at least one other unnamed advisor.
Board. Mark Crane (General Catalyst Partner) and Dave Palmer (Ten Eleven Ventures GP). Palmer co-founded Darktrace and served as CPO through its IPO. He brings deep product and market credibility in cybersecurity.
Team Assessment. The founding team combines Darktrace’s enterprise security go-to-market playbook (Comfort, Kriss) with AI/threat research expertise (Darley) and engineering leadership from a developer security unicorn (Weber). This is a strong operator team for building and selling enterprise security software. The Darktrace pedigree cuts both ways: it signals execution ability and enterprise sales expertise, but Darktrace also faced scrutiny over its sales practices and short-selling controversies. None of the founders have previously built a company from scratch, though Comfort’s operational role in the Thoma Bravo acquisition and Weber’s scaling experience at Snyk partially offset this.
Trust Readiness
- SOC 2 Type 2 certified (geordie.ai) (company claim, verifiable)
- SOC 3 certified (geordie.ai/how-it-works)
- GDPR compliant (geordie.ai)
- AICPA SOC badge displayed on website
Achieving SOC 2 Type 2 within roughly 6 months of founding (stealth exit Sep 2025, badge displayed by early 2026) is notable for a seed-stage company. This suggests the team prioritized enterprise trust requirements early, consistent with their Darktrace enterprise sales background. Independent verification of certification status is not available from the audit firm.
RSAC Judging Criteria
RSAC does not publish an official judging rubric. The five criteria below are extrapolated from press descriptions of what judges evaluate: the problem a company addresses, the originality of its technology, its go-to-market strategy and team, market validation, and product demonstration.
| Criterion | Score (1-5) | Assessment |
|---|---|---|
| Problem/Market | 5 | Agentic AI governance is the defining enterprise security problem of 2026. Regulatory pressure (EU AI Act), analyst consensus, and enterprise demand all converge. Timing is strong. |
| IP Originality | 4 | The “Beam” context engine and three-vantage-point behavioral observability approach appear novel. Operating at the behavioral layer rather than protocol layer is a differentiated claim. Limited public technical depth makes full assessment difficult. |
| GTM/Team | 4 | Strong enterprise security sales DNA from Darktrace. Snyk engineering pedigree. CrowdStrike/AWS/NVIDIA accelerator provides channel. No prior founding experience is a gap, partially offset by operator depth. |
| Validation/Revenue | 2 | At least one enterprise design partner (Currys). Strong award pipeline (Black Hat, SC Awards, RSAC). No revenue, customer count, or pipeline metrics disclosed. Very early commercial traction. |
| Product/Demo | 3 | Platform is live with integrations across 25+ frameworks. SOC 2 Type 2 achieved. Claims 10-minute time-to-first-visibility. No independent product reviews or analyst evaluations available. |
Overall RSAC Fit: 18/25. Geordie AI enters with strong timing and credible team DNA from Darktrace and Snyk, but very early commercial traction and limited public technical validation limit the score.
Startup Readiness Assessment
This eight-dimension assessment appears in the comparison matrix on the main page. It evaluates broader startup readiness using dimensions from the security product analysis framework. Five dimensions overlap with the RSAC criteria above. Three are added: funding efficiency, category clarity, and incumbent defensibility.
| Dimension | Score (1-5) | Assessment |
|---|---|---|
| Problem Clarity | 5 | Autonomous AI agents behave non-deterministically, adapt across systems, and evade legacy security tools designed for bounded software. The EY survey finding that 9 in 10 enterprise leaders see agentic AI adoption roadblocks confirms demand. |
| Capability Depth | 3 | The “Beam” engine and three-vantage-point observability approach appear novel, but limited public technical depth makes it difficult to verify implementation substance beyond marketing claims. Blog content explains the concept without revealing architecture. |
| Market Timing | 5 | EU AI Act enforcement begins August 2026 with fines up to 7% of global turnover. Enterprise agentic AI adoption is accelerating. Analyst consensus and regulatory pressure converge to make this the defining security problem of 2026. |
| Team Credibility | 4 | Darktrace enterprise sales DNA (Comfort led the $5.3B Thoma Bravo process), Snyk engineering pedigree (Weber), and intelligence community threat research (Darley). No prior founding experience, but strong operator depth across the team. |
| GTM Proof | 2 | Only one named enterprise testimonial (Currys). No disclosed revenue, customer count, or pipeline metrics. Strong award pipeline (Black Hat, SC Awards, RSAC) and the CrowdStrike/AWS/NVIDIA accelerator signal market interest but not commercial validation. |
| Funding Efficiency | 3 | $6.5M seed for ~29 employees across UK and US offices. The team is lean but the scope is ambitious, spanning agent discovery across code, cloud, and endpoints for 25+ framework integrations. |
| Category Clarity | 3 | ”Agentic AI security” is a new category with no established analyst framework or buyer budget line. Potential customers may not know where this fits in their security stack, creating longer education-driven sales cycles. |
| Incumbent Defensibility | 3 | If CrowdStrike, Palo Alto Networks, or Microsoft add agent governance features to existing platforms, the standalone opportunity narrows significantly. Few direct competitors exist today, but the barrier to entry for incumbents is low. |
Overall: 28/40.
Key Risks
-
Pre-revenue stage. No disclosed customers beyond one testimonial. The company is less than 12 months old and has not demonstrated product-market fit through revenue metrics.
-
Category definition risk. “Agentic AI security” is a new market. If agent adoption stalls or incumbent security vendors (CrowdStrike, Palo Alto, Microsoft) add agent governance features, the standalone market opportunity narrows.
-
Small team, broad scope. 16 people covering agent discovery across code, cloud, and endpoints for dozens of frameworks is ambitious. Maintaining integration quality across 25+ platforms with a small engineering team is challenging.
-
Darktrace association. The heavy Darktrace DNA is a double-edged sword. Darktrace faced short-seller reports and sales practice scrutiny during its public tenure. While none of this directly applies to Geordie, enterprise buyers and investors aware of the history may scrutinize the team’s sales culture.
-
Technical claims not independently validated. The Beam engine’s real-time contextual intervention, behavioral-layer monitoring, and 10-minute deployment claims have not been tested by independent analysts or reviewers.
-
UK-headquartered with US ambitions. The team is split 9 UK / 5 US. Selling to US enterprise CISOs from London while competing against US-based incumbents adds GTM friction.
Sources
- BusinessWire: Geordie Exits Stealth with $6.5M in Seed Funding
- GlobeNewsWire: RSAC 2026 Innovation Sandbox Finalist
- GlobeNewsWire: 2026 SC Awards Finalist
- SiliconANGLE: Geordie launches with $6.5M
- General Catalyst: Seeding the Future with Geordie
- Ten Eleven Ventures: Portfolio
- Geordie AI Homepage
- Geordie AI Product Page
- Geordie AI About Page
- Geordie AI How It Works
- Geordie AI: Why We’re Building Geordie
- Geordie AI: n8n CVE Advisory
- RSAC Conference: Finalists Announced
- SecurityWeek: Geordie Emerges From Stealth
- Yahoo Finance: CrowdStrike/AWS/NVIDIA Accelerator
- PRNewsWire: Ten Eleven Ventures UK Office / Dave Palmer
- CloudEagle.ai: AI Governance Platforms 2026
- LinkedIn: Henry Comfort
- LinkedIn: Hanah-Marie Darley
- LinkedIn: Benji Weber
- LinkedIn: Josh Kriss