Decibel Partners

Phishing is STILL one of the number one attack vectors for bad actors. The numbers don't lie: → Over 90% of cyberattacks begin with phishing AI is making that even worse. Over 82% of phishing emails detected in a recent 6-month window used AI (a 53% year-on-year jump). And since ChatGPT launched, phishing email volume has risen by over 1,265%. Phishing emails can be indistinguishable from real ones. How are users supposed to know what to trust? Sublime Security is changing that. Instead of static filters that bad actors have learned to bypass, their platform deploys AI agents that detect, adapt, and respond to new threats within in hours. The result? → AI agents that stop attacks before they reach users → Threats detected and responded to in hours → Full transparency into every decision AI is being used to attack. It should also be used to defend. If you want to learn more, check out: 🔗 https://lnkd.in/g4kBEREj P.S. have you ever been phished? 🎣 #ad #DecibelPartner Decibel Partners Sublime Security

At this point, every software company should be asking itself if it actually deserves to exist in the AI era. Another way of thinking about it is: Is the software you're building above or below the "Token Threshold"? The Token Threshold is the point at which the cost to build a capability from scratch exceeds the cost to buy it, measured in inference tokens. Every software product sits either above or below this line. Below it, agents build. Above it, agents buy. If you play the current trajectory forward-and more enterprises complete their agentic transformation (we’re all running Cowork on our desktops now, aren’t we?) - the real influencer of a purchasing decision might eventually not be a human. Therefore, what it means to be a software vendor in the AI era might also change. In our current model, humans evaluate software tools, sit through demos, navigate procurement, and ultimately decide whether to buy software or build it themselves. Everything in software - pricing, content, sales cycles, product strategy all the way down to fancy steak dinners - exists to push that decision toward buying. And it worked because building software used to be expensive and time-consuming. Most teams didn’t want to take on that burden unless they absolutely had to. But what happens if the buyer eventually is just an agent? Build vs. buy might just run through a code sandbox (shout-out E2B!) and a cost benefit analysis of burning tokens or spending $ from a budget. So far the strategy has largely been out running / out engineering general purpose agents but the question is really how long that will last. Reframing this, so that software vendors can go from defense to offense means asking, how do we build something that is hard to replicate but still very useful for the agent. In a way, a lot of software was built on borrowed time - on human inertia holding longer than it should. AI is just calling that bluff... More on my thoughts on the Token Threshold in the latest Founder Catalyst edition.

network engineering x cybersecurity collab 🤠 super excited to be partnering with Decibel Partners to showcase a few of the cool companies they support! recorded a few videos in this series at RSA and I’m really proud of how they turned out - stay tuned to catch them over the next few months :)

Huge congratulations to Jonathan Cran and the Mallory team for launching their AI-native threat intelligence product into GA today! In the agentic era, attackers no longer operate at human speed. They use AI to discover vulnerabilities, chain exploits, and execute attacks faster than defenders can reason about them. Meanwhile, most threat intelligence platforms were built for a different time, one defined by manual and human analysis of feeds, dashboards, and reports. That model is breaking. Security teams don’t have a data problem anymore; they have a context and reasoning problem. They’re flooded with signals but lack clear answers to what actually matters: what’s exploitable, are we at risk, and what should we fix right now? Mallory flips this paradigm. It ingests global threat data, maps it to an organization’s real environment, and uses AI to generate prioritized, evidence-based answers, not more alerts, but actionable intelligence. Jonathan Cran has spent his entire life working on this problem, first as a young pen tester at Rapid7, then as Head of Research of Kenna Security (acq. by Cisco) and CPO of Bugcrowd and most recently at Mandiant (part of Google Cloud), building what became Google's Global Threat Intelligence product. We, at Decibel Partners, are incredibly excited to partner with Jcran on this journey and can't wait to see what he and the team build next! Read more in our founder Q&A in the comments below. PS: They are hiring!

Mallory is now GA! Today we're launching our AI-native threat intelligence platform built for one question: "Are we affected?" We track thousands of sources, contextualize to your environment, and make investigation easy, whether you're running a three-person team or a thirty-person SOC. We're also announcing our seed funding from Decibel Partners, as well as an incredible team of angels - enabling our team to grow and explore the edges of what's possible when you harness the frontier models for security operations. More on why we built it and what's next here: https://lnkd.in/gdeeJw6M