Humanix: RSAC 2026 Innovation Sandbox Profile
This profile was compiled in March 2026 using AI tooling guided by security product strategy guidance from Lenny Zeltser's MCP server. The analysis was performed by AI without direct human validation, to demonstrate the capabilities of AI agents guided by an expert framework. Outside this demo, a human analyst would conduct iterative conversations with the AI agent to arrive at more accurate conclusions.
Executive Summary
Humanix is building the first Human Threat Detection and Response (HTDR) platform, using conversational AI trained on human psychology to detect social engineering attacks in real time across voice, chat, email, and service channels. The company has raised $18M in combined Seed and Series A funding led by BoldStart Ventures and Acrew Capital. Founded in 2023-2024 by Keith Stewart, a 20-year security veteran who served as interim CEO of vArmour through its acquisition, Humanix occupies a genuinely novel category: real-time detection of manipulation during live human conversations, rather than after-the-fact training or phishing simulations.
Company Overview
| Field | Detail | Evidence |
|---|---|---|
| Founded | 2023 (initial work); formally incorporated ~2024-2025 | BoldStart first met Keith in 2023; founding member joined Mar 2024 per LinkedIn; PrivCo states founded 2025 |
| Headquarters | San Francisco, California | Company website; BusinessWire |
| Funding | $18M total (Seed + Series A) | BusinessWire, Nov 2025; SiliconANGLE |
| Stage | Series A | Company website |
| Employees | ~9-11 (LinkedIn badge says 11-50) | Company website; LinkedIn profiles |
| Presence | US (San Francisco), Canada, United Kingdom | Company website |
| Key Investors | Acrew Capital (Series A lead), BoldStart Ventures (Seed lead), Evolution Equity Partners (Seed participant) | BusinessWire; BoldStart blog |
Investor Cybersecurity Track Record
BoldStart Ventures (Ed Sim): Inception-stage investor with $1B+ AUM. Cybersecurity portfolio includes Snyk, BigID, SecurityScorecard, and Protect AI (sold to Palo Alto Networks for $700M). Ed Sim ranked Top 10 on the Forbes Midas Seed List three consecutive years. (BoldStart)
Acrew Capital (Asad Khaliq, Mark Kraynak): $1.7B AUM fund investing across AI, cybersecurity, and data infrastructure. Cybersecurity portfolio includes At-Bay ($1.3B valuation), Vanta, Ketch, Cato Networks, and Reclaim Security. Mark Kraynak is former SVP at Palo Alto Networks. (Acrew Capital; TechCrunch)
Evolution Equity Partners: $2B+ AUM, the largest dedicated cybersecurity fund globally ($1.1B Fund III closed April 2024). Portfolio includes Arctic Wolf, Snyk, SecurityScorecard, Aqua Security, Halcyon, CybSafe, and Pentera. (TechCrunch)
Problem Definition and Market Opportunity
Social engineering is the leading breach vector. The Verizon DBIR 2024 report found that 68% of breaches succeed by targeting humans, not systems. The FBI IC3 reported $16.6B in losses from social engineering in 2024. CrowdStrike documented a 442% increase in voice-based social engineering attacks in 2024.
The canonical example is the MGM Resorts breach. A single social engineering call to a help desk triggered a $100M loss. Scattered Spider attackers used impersonation and pressure tactics against help desk agents, bypassing every technical control the company had in place.
Current defenses are inadequate. Security awareness training is the dominant response, led by KnowBe4 (70,000 customers) and Proofpoint. Training teaches employees what to look for but cannot intervene during a live attack. BoldStart’s Ed Sim noted that training and scripts stop less than 2% of incidents. The gap is detection and response during the attack itself.
The Social Engineering Attack Defense Solution market was valued at $2.5B in 2023 and is projected to reach $9.8B by 2032 (CAGR 16.5%). North America holds the largest share.
Humanix CEO Keith Stewart summarized the thesis: “Virtually every major breach in the last few years was the direct result of interactive social engineering.” (PR Newswire)
Product Capabilities
Humanix delivers a Human Threat Detection and Response (HTDR) platform built on four pillars:
1. Assess. Maps the human attack surface by understanding user roles, behaviors, and risk exposure levels. Continuously monitors interactions against organizational policies and industry standards. (Company website)
2. Detect. Uses conversational AI trained on human psychology to analyze natural language across communication channels. Identifies linguistic and psychological indicators of manipulation: urgency and pressure tactics, authority claims and impersonation, deception and policy evasion, and behavioral anomalies. Detection runs in real time across voice, video, chat, email, and service tickets. (Company website; BoldStart blog)
3. Respond. Alerts security teams in real time through existing tools (SIEM, SOAR, ticketing systems) with full context and recommended actions. Can guide employees during a live attack with automated interventions and remediation steps such as identity verification or account disablement. (Company website)
4. Assure. Documents adherence to security protocols across first- and third-party services. Monitors human connections for policy alignment. Reduces compliance exposure and liability risk. (Company website)
Integrations
The platform integrates via API with existing communication and security infrastructure:
- Communication platforms: Microsoft Teams, Slack, Zoom, Microsoft 365
- Identity: Microsoft Entra ID
- Service management: ServiceNow
- Security tools: SIEM, SOAR, ticketing systems
The deployment model is API-based, designed to avoid rip-and-replace. (Company website; BoldStart blog)
Use Cases
- Help desk security: Prevent credential theft and account compromise via social engineering calls
- Financial fraud prevention: Detect identity and payment scams targeting finance teams
- Service desk assurance: Enforce policy and procedure compliance during interactions
- Executive protection: Detect impersonation and targeted attacks against executives
Competitive Positioning
Humanix occupies a distinct position in the market. It is not a security awareness training (SAT) platform. It does not compete directly with KnowBe4, Proofpoint, or Hoxhunt on phishing simulations and training content. Instead, it provides real-time detection and response during live conversations.
| Dimension | SAT Vendors (KnowBe4, Proofpoint, Hoxhunt) | Human Risk Mgmt (Doppel, Adaptive Security, SoSafe) | Humanix |
|---|---|---|---|
| Primary method | Simulated phishing + training | Simulations + behavioral nudges + some detection | Real-time conversational AI detection + response |
| When it acts | Before attacks (training) | Before and sometimes during | During live attacks |
| Channels covered | Primarily email | Email, SMS, some voice | Voice, video, chat, email, service tickets |
| Help desk protection | No | Limited | Core use case |
| Integration model | Standalone or email plugin | Varies | API into existing communication stack |
The closest competitors in the real-time social engineering detection space are:
- Doppel: Agentic AI platform for Social Engineering Defense and Human Risk Management. Focuses on phishing URL takedown and cross-channel simulation. Median response time 4.82 minutes. Different approach (detection + takedown vs. conversational AI).
- Adaptive Security: Backed by OpenAI. Next-gen SAT focused on deepfake, vishing, and smishing simulations. Behavior-first design with micro-lessons.
- CybSafe (Evolution Equity portfolio): Behavioral science-based human risk management. More analytics-focused than real-time detection.
Humanix’s differentiation is the focus on analyzing live conversations using psychology-trained AI models, rather than simulating attacks or training after the fact. The company’s tagline captures it: “Stop blaming humans. Start defending them.”
Go-to-Market and Traction
Customer verticals: Humanix reports it is “already securing leaders in finance, hospitality, and other industries.” (BoldStart blog, company claim, unverifiable. No customer names disclosed.)
Production status: BoldStart stated the product is “live in production environments today” as of November 2025. (BoldStart blog, company/investor claim)
Testimonials: The Humanix website includes testimonials from CISOs and security leaders at unnamed consumer technology, hospitality, and financial services companies. (Company website, company claim, unverifiable)
Revenue metrics: Not publicly disclosed.
Customer count: Not publicly disclosed.
Pricing model: Not publicly disclosed.
GTM motion: Appears to target enterprise security teams directly, with use cases centered on help desks, service desks, finance teams, and executive protection. The RSAC Innovation Sandbox selection provides significant visibility. Each finalist receives a $5M investment.
Team and Credibility
Keith Stewart, Founder and CEO
- 20+ years in cybersecurity and enterprise technology
- Stanford University, MSc Management Science (2003-2005)
- Cisco Systems (1999-2008): Network Consulting Engineer through Senior Manager, Product Management
- Brocade (2010-2012): Senior Director, Product Management
- Riverbed Technology (2012-2014): Senior Director, Product Management
- vArmour (2014-2023): VP Products, VP Sales & BD, SVP Product & Strategy, SVP Product & Engineering, Interim CEO. Led the company through its acquisition by Night Dragon, including term sheet negotiation and close
- Board Member at Templarbit (2021-2022)
- Founded Humanix ~2023 (LinkedIn)
Stewart’s profile is a strong fit for this product. He has deep product management experience across networking and security (Cisco, Brocade, Riverbed, vArmour), has run a company as CEO through an exit, and built the product thesis from analysis of real-world attacks like Scattered Spider.
Seyed Ahmadinejad, Founding Member, Engineering Leader, Architect
- PhD Computer Science, University of Calgary (security and privacy of social computing platforms)
- MSc Software Engineering, Tarbiat Modares University
- vArmour (2020-2024): Senior IAM Architect, Team Lead/Senior Software Architect, Engineering Manager
- Nulli (2015-2020): Senior IAM Solution Architect
- Joined Humanix March 2024 (LinkedIn)
Marc Woolward, Technology and Risk Adviser
- 38 years in technology, multi-time CTO and CISO
- Goldman Sachs (1998-2014): Network Engineer through CTO for Networking and Telecommunications, Technology Fellow
- vArmour (2014-2025): CTO and CISO. Primary inventor of the risk engine; contributed to ~20 patents; led SOC 2 Type II compliance
- Chair, Security Expert Group at Open Networking Foundation
- Joined Humanix as adviser August 2024 (LinkedIn)
Team composition: The company brings together AI engineers, data scientists, security practitioners, and cognitive psychologists. Multiple founding team members came from vArmour, giving the team shared working history. (Company website)
Hiring signals: LinkedIn activity shows the company is hiring for Senior DevOps Engineer, indicating infrastructure buildout.
Trust Readiness
- SOC 2: Not publicly disclosed. However, Marc Woolward achieved SOC 2 Type II at vArmour within 8 months, suggesting organizational awareness.
- Privacy policy and Terms of Use: Available on humanix.ai
- Data handling: API-based integration with user control over data ingestion. The platform analyzes conversations, which raises privacy considerations around monitoring employee communications.
- Compliance value proposition: The “Assure” pillar explicitly addresses compliance documentation and policy adherence monitoring, positioning the product as a compliance enabler rather than a privacy risk.
- Certifications: Not publicly disclosed.
Privacy and employee monitoring considerations will be a key question for enterprise buyers. The company will need to articulate its data handling, retention, and consent model clearly. This is not unique to Humanix; any real-time communication monitoring product faces this challenge.
RSAC Judging Criteria
RSAC does not publish an official judging rubric. The five criteria below are extrapolated from press descriptions of what judges evaluate: the problem a company addresses, the originality of its technology, its go-to-market strategy and team, market validation, and product demonstration.
| Criterion | Score (1-5) | Assessment |
|---|---|---|
| Problem/Market | 5 | Social engineering is the #1 breach vector. The FBI IC3 reported $16.6B in losses in 2024. CrowdStrike documented a 442% increase in voice-based attacks. The gap between training-based defenses and real-time detection is well-documented. |
| IP Originality | 4 | Conversational AI trained on human psychology for real-time social engineering detection is a novel approach. No direct competitor offers the same capability across voice, video, chat, and email. The combination of NLP, behavioral science, and real-time intervention is distinct. |
| GTM/Team | 4 | Keith Stewart has 20+ years in security with a CEO-through-exit track record at vArmour. Tier-1 cybersecurity investors (BoldStart, Acrew, Evolution Equity) all backed the company. The team has deep shared history from vArmour. |
| Validation/Revenue | 2 | Product is live in production with unnamed customers in finance and hospitality. No revenue metrics, customer counts, or named logos disclosed. Traction evidence is limited to investor and company claims. |
| Product/Demo | 5 | Product is in production covering multiple channels (voice, video, chat, email). A live demo showing real-time detection of a social engineering attempt would be compelling on stage. The three-minute pitch format favors a dramatic before/after demonstration. |
Overall RSAC Fit: 20/25. Humanix presents a clear, novel thesis backed by credible investors and a strong founding team. The problem is urgent, well-understood, and poorly addressed by existing solutions. The main risk is thin evidence of customer traction.
Startup Readiness Assessment
This eight-dimension assessment appears in the comparison matrix on the main page. It evaluates broader startup readiness using dimensions from the security product analysis framework. Five dimensions overlap with the RSAC criteria above. Three are added: funding efficiency, category clarity, and incumbent defensibility.
| Dimension | Score (1-5) | Assessment |
|---|---|---|
| Problem Clarity | 5 | Social engineering is the #1 breach vector with $16.6B in annual losses. Every enterprise faces this risk, and the gap between training-based defenses and real-time detection is well-understood by buyers. |
| Capability Depth | 4 | Conversational AI trained on human psychology for real-time detection is a novel approach. Multi-channel coverage (voice, video, chat, email) is ambitious. No direct competitor offers the same capability combination. |
| Market Timing | 5 | Social engineering losses are accelerating ($16.6B in 2024). AI-powered deepfakes and voice cloning amplify the problem. CrowdStrike’s 442% increase in voice attacks validates urgency. |
| Team Credibility | 4 | Stewart has CEO-through-exit experience at vArmour. Strong shared team history. BoldStart, Acrew, and Evolution Equity are all top-tier cybersecurity investors. First-time founder for this product category. |
| GTM Proof | 2 | No named customers or revenue metrics disclosed publicly. BoldStart’s investment thesis and Keith Stewart’s enterprise network from vArmour suggest customer conversations not yet announced. Score reflects a small upward adjustment for inferred traction. |
| Funding Efficiency | 4 | $18M for ~9-11 employees is well-capitalized for the stage. Three institutional cybersecurity investors provide value beyond capital. |
| Category Clarity | 3 | ”Human Threat Detection and Response” is a new category Humanix is creating. Buyers may not distinguish it from security awareness training, which has established budget lines. |
| Incumbent Defensibility | 3 | Proofpoint, Palo Alto, and CrowdStrike could add real-time social engineering detection. KnowBe4 and Adaptive Security are expanding into adjacent capabilities. The psychology-trained AI approach would take time to replicate. |
Overall: 30/40.
Key Risks
-
Thin traction evidence. No named customers, revenue metrics, or customer counts are public. Finance and hospitality references are unverifiable. Judges will press on adoption.
-
Small team for ambitious scope. With ~9-11 employees, covering real-time AI analysis across voice, video, chat, email, and service tickets is an engineering challenge. The multi-channel promise may outpace current capabilities.
-
Privacy and employee monitoring concerns. Real-time analysis of employee conversations raises legal (wiretapping laws, GDPR) and cultural (employee surveillance) questions. Enterprise procurement teams will require clear answers on consent, data retention, and access controls.
-
Category creation risk. “Human Threat Detection and Response” is a new category. Humanix must educate buyers on why this is distinct from security awareness training, which is a well-understood budget line. Category creation takes time and capital.
-
Competitive encroachment. Larger players (Proofpoint, Palo Alto Networks, CrowdStrike) could add real-time social engineering detection to existing platforms. KnowBe4 and Adaptive Security are expanding into adjacent capabilities.
-
False positive risk. Flagging legitimate conversations as social engineering attacks could disrupt operations and erode trust with end users. The accuracy threshold for production deployment in high-volume environments (help desks, service desks) is demanding.
Sources
- Humanix website
- Humanix product page
- Humanix about page
- Humanix RSAC 2026 blog post
- BusinessWire: Humanix Raises $18M (Nov 2025)
- SiliconANGLE: Humanix raises $18M (Nov 2025)
- PR Newswire: Humanix RSAC Innovation Sandbox Finalist
- BoldStart Ventures: Humanix investment announcement
- SecurityBrief: Humanix to pitch at RSAC 2026
- Axios: Humanix raises $18M (Nov 2025)
- RSAC Innovation Sandbox 2026 Finalists
- Keith Stewart LinkedIn
- Seyed Ahmadinejad LinkedIn
- Marc Woolward LinkedIn
- Acrew Capital
- Evolution Equity Partners