XBOW Secures $35M to Replace Manual Penetration Testing with Autonomous AI Hackers

The XBOW autonomous hacking platform is fundamentally changing enterprise cybersecurity by replacing slow, manual penetration testing with relentless AI agents. Founded by Oege de Moor, the brilliant mind behind GitHub Copilot, the startup has just secured an additional $35 million to scale its proactive defense systems. This latest injection pushes the company's total funding to a staggering $155 million, cementing its status as a unicorn with a valuation exceeding $1 billion.

Despite its massive valuation, XBOW operates as a remote-first disruptor. While its official headquarters is humbly listed as a mailbox in Seattle's historic Pioneer Square, de Moor leads the company from the sunny Mediterranean coast of Malta. This location-agnostic approach allows the company to attract top-tier global talent, proving that modern tech foundations are built on code and culture rather than sprawling corporate real estate.

The recent $35 million funding round reads like a who's who of global technology and enterprise consulting. Heavyweight investors include NVIDIA through its NVentures arm, Accenture Ventures, Samsung, and SentinelOne via S Ventures. They are joined by Liberty Global Tech Ventures and DNX Ventures, adding both enterprise consulting chops and strategic connectivity expertise to the mix.

This new capital builds upon an earlier $120 million round led by DFJ Growth, Northzone, Sequoia Capital, and Altimeter. Interestingly, venture capital trackers like PitchBook still attribute these massive deals to Seattle's regional totals. This influx contributed significantly to a vibrant Q1 2026 for the city, which saw $1.5 billion distributed across 69 deals, even though XBOW's physical footprint in the Emerald City remains minimal.

At the core of XBOW's technology is a swarm of autonomous AI agents designed to mimic the cunning and adaptability of human hackers. Unlike traditional manual audits that often lag behind evolving threats, this system operates continuously at machine speed. It scans codebases 24/7, flagging vulnerabilities and potential breaches in real-time before malicious actors can exploit them.

To perfect this system, Chief Information Security Officer Nico Waisman - who previously defended rideshare giant Lyft - recruited a cadre of elite ethical hackers. These white-hat experts train the AI models using data from real-world attacks, teaching the system to simulate phishing schemes, injection attacks, and zero-day exploits. The platform is already trusted by over 100 global clients, including pharmaceutical innovator Moderna, which relies on XBOW to secure its sensitive genomic data and mRNA research.

For organizations looking to upgrade from traditional penetration testing, integrating an AI-driven defense system requires a strategic shift. XBOW's architecture is designed to amplify human security teams rather than replace them.

• Continuous Codebase Scanning: Deploy the AI agents to monitor repositories 24/7, ensuring that new code commits are instantly evaluated for vulnerabilities before reaching production.
• API and Dashboard Integration: Connect the platform directly to existing security workflows via APIs. This reduces incident response times from weeks to minutes by delivering actionable alerts straight to the security dashboard.
• Proactive Threat Simulation: Utilize the platform to safely simulate advanced zero-day exploits and supply chain attacks within a controlled environment, allowing teams to patch flaws proactively.

The most fascinating aspect of XBOW's latest funding round is the blurred line between investor and customer. Backers like Accenture and SentinelOne are not just providing capital; they are actively integrating XBOW's technology into their own client audits and defense ecosystems. This symbiotic funding model is becoming pervasive in the cybersecurity sector, where trust and proven efficacy are paramount.

As bad actors increasingly weaponize AI to orchestrate complex attacks, the demand for autonomous, machine-speed defense mechanisms will only accelerate. XBOW's success proves that highly specialized, AI-native security solutions can attract massive enterprise support, successfully challenging the dominance of legacy giants like CrowdStrike. By turning the lessons of global cyber operations into proactive shields, XBOW is democratizing fortress-grade security for the modern interconnected world.