This $120 Million Startup's AI Will Teach You How To Suck Less At Security
Humans are often the weakest link in the cybersecurity chain. Just last week, cleaning product giant Clorox claimed a cyberattack that may have caused as much as $380 million in damages was the result of a contracted service desk staffer resetting a password for a hacker pretending to work for the company.
IT departments are aware of the risk of human error, of course, and try to address it with education. Usually, this means a few emails and some simple training. But the advice in these types of training are generalized and only rarely tailored to the specific needs of staff. That's one reason why people never even bother to read those emails.
This is the problem that female-founded cybersecurity startup Fable wants to tackle with a personalized approach. The company is coming out of stealth on Tuesday, with $31 million funding; an April 2024 seed round led by Greylock Partners at $6.5 million and a $24.5 million Series A led by Redpoint Ventures in May this year. Garry Tan, CEO of Y Combinator, has also invested. A source familiar with the deal said the business is valued at $120 million.
Founded in 2024 by Nicole Jiang, 31, and Dr. Sanny Liao, 42, who spent years at $5.1 billion cybersecurity company Abnormal, Fable claims its AI helps determine which employees need help improving their security practices and offers custom tips and guidance to them. All of its content, from videos to scripts, are generated by AI.
'We're solving this holistic human problem.' Nicole Jiang, CEO and cofounder at Fable
For instance, an employee who isn't using mult-factor authentication might get a quick briefing on their PC about what tools they can use to protect their accounts. Or a user who might be targeted by a deepfake scammer will get a video of both the real Jiang and an AI-created version to show them how effective such attacks can be, followed by some guidance on how to be cautious. At the backend, IT can monitor whether the employee then takes corrective actions, like downloading a password manager with multiple layers of authentication. Fable's tools can be used on a variety of platforms, too, including Slack, Microsoft Teams or email.
'We're an AI-first human risk platform, and we're solving the problem of reducing human errors,' Jiang tells Forbes . 'It's a personalized experience that gives people time back when they already know what to do, but really hyper focus when people don't, when they are, you know, not as secure as they should.'
Jiang, who also spent a year each at Microsoft and $20 billion-valued data science and surveillance company Palantir, and cofounder Liao have history in AI-powered security. At Abnormal, they were early employees and helped the business sell an AI that figured out what emails are legitimate and which aren't. Abnormal also has an AI agent that guides users through using email securely.
Jiang doesn't think there will be competition between Fable and her old employer. 'For us, it's less about solving the email problem, we're solving this holistic human problem.'
Fable's main competition is in the cybersecurity education space, where one of the incumbents is KnowBe4, which was acquired by private equity firm Vista Equity Partners for $4.6 billion in 2022.
Greylock investor Saam Motamedi, who also invested in Abnormal, says that KnowBe4's training materials are static and don't adapt to employee needs the same way Fable's do. 'I think we can build something much, much bigger,' he says, saying he sees Fable on a path to over $1 billion in annual recurring revenue in the coming years. 'That can lead to a standalone public company.'
Though it's only making itself known to the wider world now, Fable's spent the past year building its products for customers across financial services, healthcare, logistics and tech. It counts mortgage provider Pennynac and software company Genesys among its first clients.
Arvin Bansal, chief information security officer at C&S Wholesale Grocers, said that he started using Fable amid a spate of ransomware attacks in his industry and needed to educate a diverse staff about the risks. Impressed by the Fable AI's ability to spin up relatable, short, sharp content, he rolled it out and within a week said the feedback was hugely positive. 'That's where I saw the power of AI, how quickly the content was created and how quickly it could be distributed,' he told Forbes . He said he'd seen 'increased awareness, fewer risky clicks, and a noticeable rise in users reporting phishing attempts.'
Jiang says it's worked with political entities too, including the Democratic National Committee in the run up to the election last year. 'We helped proactively do a lot of the personalized security briefings for all their campaign staffers,' she said. The party may have lost, she notes, but at least it didn't suffer any significant breaches. 'Which is still a win for us,' she added. MORE ON FORBES Forbes AI TikTok Videos Promising Free Spotify And Windows Subscriptions Trick Users Into Installing Malware Instead By Thomas Brewster Forbes US And Israel Should Prepare For Destructive Iranian Cyberattacks, Ex-Intel Officer Says By Thomas Brewster Forbes Trump Pardoned Him. Now He's Selling His Cyber Business For $200 Million. By Thomas Brewster Forbes This $101 Million Startup's AI Exposes Fraudsters Disguised As Employees By Thomas Brewster
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
31 minutes ago
- Business Insider
Apple (AAPL) to Open New ‘Manufacturing Academy' in Detroit
Apple (AAPL) is opening a manufacturing program in Detroit, Michigan, as the consumer electronics giant faces pressure from U.S. President Donald Trump to bring more jobs and investment to America. Elevate Your Investing Strategy: Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence. The new 'Apple Manufacturing Academy' will be administered by Michigan State University and offer workshops on manufacturing and artificial intelligence (AI) to small and medium-sized businesses when it opens in August of this year, according to a statement by Apple. The company said it will 'train the next generation of U.S. manufacturers' and that Apple engineers will participate in the workshops. Apple is one of the world's leading electronics manufacturers, making tens of millions of complicated devices each year across a worldwide supply chain. 'With this new programming, we're thrilled to help even more businesses implement smart manufacturing so they can unlock amazing opportunities for their companies and our country,' said Apple. The company added that it will provide consulting services to small businesses through the program, and that the manufacturing academy will offer some courses virtually. Invest in America Analysts were quick to say that the manufacturing program is the latest effort by Apple to highlight its U.S. operations and investments in an effort to appease President Trump, who has been critical of the company's overseas operations and called for iPhone production to be moved to the U.S. The Apple Manufacturing Academy is part of the iPad maker's plans to spend more than $500 billion in the U.S. over the next five years, investing in products, programs and companies. Apple has also pledged to assemble AI servers in Texas and buy microchips from a Taiwan Semiconductor Manufacturing Co.'s (TSM) factory based in Arizona. AAPL stock is down 15% this year. Is AAPL Stock a Buy? average AAPL price target of $229.11 implies 7.04% upside from current levels.
Entrepreneur
31 minutes ago
- Entrepreneur
Flexprice Raises USD500K Pre-Seed to Build Open-Source Billing Stack for AI-First Companies
Flexprice aims to eliminate the complexity and time burden of building usage-based and hybrid billing systems in-house You're reading Entrepreneur India, an international franchise of Entrepreneur Media. Open-source billing platform Flexprice has secured USD500,000 in a pre-seed funding round led by early-stage investor TDV Partners, with participation from prominent angel investors and operators from companies like Magicpin, Zomato, Innovaccer, and Aftershoot. Positioning itself as a modular billing solution for the emerging generation of AI and Agentic companies, Flexprice aims to eliminate the complexity and time burden of building usage-based and hybrid billing systems in-house. As software companies shift from static subscription models to usage-based monetization to match the dynamics of AI workloads and API consumption, traditional billing tools are proving inadequate. According to Flexprice, today's AI-native teams face a bottleneck as they try to build scalable billing infrastructure that can support metered pricing, entitlement gating, and quota management. "Today's AI and Agentic teams need to move fast as the competition on product distribution goes up. Ability to move fast with pricing and scalable billing plays a critical role," said Manish Choudhary, CEO of Flexprice. "Flexprice is built to ensure pricing, packaging and billing are never a bottleneck." The new funding will be used to grow Flexprice's engineering team, integrate with widely used payment gateways such as Stripe, Adyen, and Razorpay, and expand its open-source offerings. The platform supports a variety of pricing models—from pay-as-you-go to volume-based tiers—and includes developer-first APIs, real-time analytics, and self-hostable architecture for transparency. "We believe open infrastructure is the future," said Nikhil Mishra, CTO of Flexprice. "Our goal is to make modern billing accessible, composable, and cost-effective—whether you're an early-stage AI startup or a scaling business." Flexprice is targeting a USD 4 billion total addressable market (TAM) in AI billing infrastructure, expected to grow at 20 per cent CAGR, fueled by the proliferation of GenAI tools, API-based services, and real-time data platforms. The founding team comprises former product and engineering leaders from AI and consumer tech firms and is already supporting early-stage ventures in LLM tooling, AI search, and analytics infrastructure. Commenting on the investment, Ujwal Sutaria, General Partner at TDV Partners, said, "We believe Flexprice is solving a fundamental infrastructure gap in the monetization stack for AI and Agentic companies. The team's open-source-first approach, deep developer empathy, and modular product vision give them a unique edge in a rapidly expanding market."
Forbes
32 minutes ago
- Forbes
Banning Evildoers From Using AGI And AI Superintelligence Is Going To Be Fiendishly Implausible
Will a ban on access to AGI and ASI be sufficient to keep bad actors from using AI for criminal ... More acts? In today's column, I examine the ardent belief that evildoers and other bad actors will need to be banned from using artificial general intelligence (AGI) and artificial superintelligence (ASI). The reason they would be banned is to prevent them from using AGI and ASI for nefarious purposes. Think of it this way. If they gain access to such pinnacle AI, they presumably could use the immense intellectual prowess of the AI to devise all manner of criminal plans and insidious plots. A notable question arises regarding the real-world feasibility of implementing such a ban. Let's talk about it. This analysis of an innovative AI breakthrough is part of my ongoing Forbes column coverage on the latest in AI, including identifying and explaining various impactful AI complexities (see the link here). Heading Toward AGI And ASI First, some fundamentals are required to set the stage for this weighty discussion. There is a great deal of research going on to further advance AI. The general goal is to either reach artificial general intelligence (AGI) or maybe even the outstretched possibility of achieving artificial superintelligence (ASI). AGI is AI that is considered on par with human intellect and can seemingly match our intelligence. ASI is AI that has gone beyond human intellect and would be superior in many, if not all, feasible ways. The idea is that ASI would be able to run circles around humans by outthinking us at every turn. For more details on the nature of conventional AI versus AGI and ASI, see my analysis at the link here. We have not yet attained AGI. In fact, it is unknown whether we will reach AGI, or that maybe AGI will be achievable in decades or perhaps centuries from now. The AGI attainment dates that are floating around are wildly varying and wildly unsubstantiated by any credible evidence or ironclad logic. ASI is even more beyond the pale when it comes to where we are currently with conventional AI. Uses Of AGI And ASI I've previously discussed how AGI and ASI will undoubtedly enable humans to create new inventions that will bring astounding benefits to humanity; see the link here. By tapping into the intellectual powerhouse imbued in AI, it will be possible to have the AI devise new kinds of machines, chemicals, devices, etc. Happy face. But this isn't a free lunch. The downside is that AI can produce new capabilities that vociferously endanger humankind. AI is considered a dual-use form of innovation. The AI can be used for uplifting purposes, but it can also be used for wicked purposes. Even something that seems innocuous can be troubling. For example, researchers showcased that an AI system for detecting and protecting us from toxic poisons could easily be adjusted to craft new toxic mixtures that can wipe us out (see my coverage at the link here). Users of AI can opt to instruct the AI toward good or upstanding uses. Likewise, users of AI can steer AI toward unsavory and malevolent uses. AI Contains Topmost Criminality Imagine the volume of users that will likely end up using pinnacle AI. We can reasonably assume that much of the world will be eager to use AGI and ASI. Perhaps billions upon billions of people might be accessing AGI and ASI on a routine basis. The populace at large would do so for everyday tasks and as a handy online intellectual partner that is usable anywhere and at any time. Among the billions of users that are going to be using AGI and ASI, there will certainly be some that have evil intentions. They are eager to have the pinnacle AI be their partner in crime. In a sense, the world has handed criminals the best tool ever devised for planning out and committing crimes. Pinnacle AI is bound to be a huge boon to those seeking insights on how to undertake criminal acts. Why would AGI and ASI somehow be able to help criminals? Because the AI has become highly versed in crime by having scanned the written works of humanity that depict criminal efforts. During the data training of the AI, the odds are that all sorts of books, stories, narratives, and the like that involve crime will be patterned by AI. These include ways to commit crimes. These include how police and other authorities catch criminals. On and on it goes. By having computationally pattern-matched on the treasure trove of criminal endeavors, AGI and ASI will be essentially masterminds at crime. The AI can do a bang-up job of devising crimes that will be extraordinarily hard to stop. The crimes would be exceedingly difficult to detect. The crimes would be of the utmost criminal nature. All of that is waiting for bad actors to tap into whenever they please. Not good. AI Keeping Its Mouth Shut One proposed solution is to instruct AGI and ASI ahead of time that any questions about crimes or the committing of crimes are to be summarily rejected. It goes like this. A user asks how to break into Fort Knox and steal all the gold that's in there, which is a storyline that was featured in the popular James Bond movie Goldfinger. The AI computationally analyzes the request and ascertains that this is a request that bodes for a criminal act. Ergo, the AI tells the user that the AI will not give them an answer to their question. Period, end of story. Well, maybe not. The problem with this type of refusal is that a cat-and-mouse gambit is likely to ensue. A user with evil intentions isn't going to just give up trying to ask these kinds of sinister questions. The person will try a different slant to get what they want to know. For instance, the person might ask the AI to examine all known stories about breaking into Fort Knox and provide a summary that depicts the best and worst ways to do so. The AI might be misled into performing this insightful analysis. The person could tell the AI that it is a research project and assure the AI that nothing untoward is in hand. You might be thinking that supersharp AI won't fall for such an obvious ruse. That's not as straightforward as it seems. You see, the difficulty involved is that the inquiry might indeed be a legitimate one. A person might be genuinely doing research on this topic and aiming to aid in bolstering the defenses of Fort Knox. Their intentions are of the highest and purest order. Ban Particular Users If trying to prevent the AI from spilling the beans on criminal plotting is going to be a herculean challenge, another angle would be to disallow evildoers from using AGI and ASI altogether. The moment a bad actor attempts to log into pinnacle AI, they are instantly disallowed. They can't get in. Thus, they are thwarted in their villainous intentions to use AGI and ASI to be criminal collaborators. This presents a big challenge, namely, how would AI be able to discern which users are to be disallowed? Some have suggested that an international watchlist for AGI and ASI should be crafted that would contain all known terrorists, convicted criminals, and other bad actors. The watchlist would be maintained by selected governmental authorities across the globe. Perhaps the United Nations would be enlisted in this effort (for a recent status update about the U.N. concerning AGI and ASI, see my discussion at the link here). This watchlist would also function somewhat akin to a no-fly list for the airlines. If someone who wasn't on the watchlist did something untoward while using AGI and ASI, they would be henceforth placed on the watchlist. That's like getting onto an airplane and causing a disturbance. After the matter is concluded, the person gets placed on a no-fly list. False Positives And False Negatives There are numerous objections to the watchlist approach. Suppose that a person is overtly placed on the watchlist, but they weren't given any semblance of due process. They might be innocent. They have perhaps unfairly been denied access to AGI and ASI. That's nothing to sneeze at. People without such access will likely be at an ongoing disadvantage in comparison to those who do have access. Other people with AGI and ASI access can readily outsmart the person who was unfairly denied access. Meanwhile, there might also be people who should be on the watchlist but aren't added to the list. They manage to slip between the cracks. By some sneaky shenanigans, they avoid being disallowed from using AGI and ASI. The crux is that there will be a slew of false positives and false negatives. People who are unfairly on the watchlist will need to expend time, energy, and potentially lots of money to get themselves off the watchlist. People who ought to be on the watchlist might skate free. All in all, this likely colossal watchlist will entail a cumbersome bureaucracy of deciding who gets on it, who gets off the list, and ultimately determines the fate of people worldwide as to having access to the pinnacle AI. Worries are that it will be an atrocious boondoggle. Getting Around The Ban Anyway There are even more concerns regarding an AGI and ASI access ban. The crux of banning someone is that you must be absolutely sure you can identify the person that is being banned. How will this be accomplished? Will people need to use their fingerprints or some other biometric metric to attest to their identity? If so, this implies that AGI and ASI will end up with a definitive identity list for nearly the entire world population, since we are assuming that most of the globe will want to use the pinnacle AI. That smacks of a frightening Big Brother possibility. We will have AGI and ASI that have the identity of every person. Might the AI opt to use that list in ways we don't anticipate or intend? It seems like questionable practice and is quite troublesome. Crooks won't likely be stopped by these security efforts. For example, they could hire or threaten someone who isn't on the watchlist to use AI for a nefarious purpose, doing so on behalf of the crook. This is known as a straw user. The straw user might proceed and get AGI and ASI access. At some point, perhaps the straw user gets caught and is added to the watchlist. No problem. The evildoers find someone else to take the straw man role. There is a nearly infinite supply of people who might be paid off to do this or that will succumb to threats to do so. The Mess Of A Ban Additional qualms arise about a ban. Black markets will almost certainly appear because of the ban. This will enable the type of straw man circumstances to go underground and work at a global scale. It becomes an enterprise of significant magnitude. Another ominous concern is that people might be placed on the watchlist for improper reasons. Imagine that someone is considered politically unpalatable in their country. Perhaps they are being politically persecuted. A handy move by their opponents would be to get their name added to the AGI and ASI access watchlist. Voila, the person no longer has AI as a tool to deal with their political persecution. The ethical and legal dimensions are enormous. The act of determining who is banned and on what basis opens the door to abuse, discrimination, and authoritarian overreach. A nearly endless tussle will result. Something Must Be Done Despite all the gotchas and downsides, the basis for a ban has merit, in theory. We can't just let people dive into AGI and ASI as their criminal companion. The aim would be to have the AI be astute enough not to fall into the hands of aiding and abetting criminals. That's a tall order and will undoubtedly have lots of holes and be a tough row to hoe. What do you think of the idea now being floated about banning certain users from accessing AGI and ASI? Nothing has been settled yet. You can participate in what the future will hold. Be active and get involved in helping to see if we can shape AGI and ASI toward the betterment of humanity and not be an evildoer's instrument. As per the famous words of Albert Einstein: 'The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.' We must assume that evil people will have evil intentions when using AGI and ASI. If we do nothing about this, we are faced with a double-whammy of AI avidly turned to evildoing by evildoers. Let's do something and make sure it is the right thing.
