Chicago-based SafeHill, formerly known as Tacticly, has emerged from Stealth with a $2.6 million pre-seed funding round led by Mucker Capital and Chingona Ventures.
The firm was founded by Mike Pena (CEO), Nicholas Gonzalez (chief revenue officer), Hector Monsegur (chief research officer), Ibrahim Karajic (VP of infrastructure), and Andy Sok (VP of product).
Monsegur is well known as the reformed blackhat hacker called Sabu, who originally helped develop, and was the de facto leader of, the hacker group LulzSec – before becoming an informant and helping the FBI dismantle it. LulzSec famously targeted major organizations including Sony, the FBI affiliate InfraGard, and various government websites. The FBI operation resulted in several arrests in both the US and UK.
SafeHill offers SecureIQ, a continuous threat exposure management (CTEM) platform it describes as ‘human insight meets AI precision’. It delivers continuous asset discovery, automated threat exposure assessments, and human-validated penetration testing – effectively continuous pentesting rather than point-in-time pentesting.
“Cyber threats are evolving faster than ever, overwhelming security teams with alerts and noise,” says CEO Mike Pena. “Our platform combines AI-driven continuous penetration testing with expert human validation to cut through the noise, focus on real risks, and deliver the impact of a dedicated team of ethical hackers at scale.” This isn’t just a human in the loop in AI assistance, it is humans as part of the loop.
“Human validation is a critical safeguard in AI driven penetration testing ensuring that findings are accurate, relevant, and interpreted in context,” says the firm.
SecureIQ is designed to provide continuous EASM; continuous pentesting (as an AI-human hybrid service); an AI-assisted threat exposure analysis (based on attack path discoveries); compliance mapping with frameworks including PCI-DSS, CMMC, NIST, and ISO27001; real time threat intelligence monitoring; and remediation prioritization.
The funding will primarily be used to expand the firm’s engineering team; to increase its ethical hacking capabilities; deepen partnerships with enterprise security teams; and advance its real time monitoring capabilities.
Related: Cyber Risk Management Firm Safe Raises $70 Million
Related: Most Attack Paths Are Dead Ends, but 2% Lead to Critical Assets: Report
Related: Silent Push Raises $10 Million for Threat Intelligence Platform
Related: LulzSec Hacker-FBI Informant Sabu Walks Free
