Hex Security: AI that Hacks before Attackers do
AI agents that find security vulnerabilities in your apps & infrastructure
We're @Huzaifa Ahmad, @Ahmad Khan, and @Prama Yudhistira (@Hex Security, W26). We built AI agents that automate penetration testing.
In the past few weeks, our agents found critical vulnerabilities in dozens of YC companies (ones you’ve heard of): SQL injection exposing billions of records, demonstrated a PoC worm that could infect entire networks, gained access to hundreds of codebases, and more. Through this, we have prevented an estimated $3B+ in potential damages (based on exposed record counts and IBM's Cost of a Data Breach benchmarks).
The problem: Companies lose $10T+ annually to preventable vulnerabilities, yet most pentest once a year because it's manual, expensive, and slow. By the time you get the PDF, your codebase has changed.
And that gap is widening. In September 2025, Anthropic caught Chinese state-sponsored hackers using AI to run 80-90% of an attack autonomously — thousands of requests per second, speeds no human team could match. The attackers have AI now, and defenders need it too.
What we built: AI agents that run continuous penetration tests against your apps and infrastructure. They find vulnerabilities, chain exploits together, and deliver actionable findings with reproduction steps — at a fraction of the cost of traditional pentesting.
Want to see what we find in your systems? Book a discovery call: hex.co
Visit us at hex.co | founders@hex.co