Quantro Security, a New York-based cybersecurity startup, has emerged from stealth with $2.5 million in seed funding to develop an AI-powered vulnerability management platform designed to help organisations better understand and reduce security risks.
Founded in 2025 by veterans from CrowdStrike, Tenable and Qualys, the company has built an AI agent called VM.Analyst that aggregates and analyses security data from across enterprise systems to provide actionable intelligence for security teams.
The platform integrates with an organisation’s existing cybersecurity stack and ingests data from configuration management databases (CMDBs), cloud services, firewalls and vulnerability management platforms. The system then normalises the information and delivers insights aimed at helping organisations reduce operational and cyber risks.
VM.Analyst evaluates an organisation’s risk landscape by analysing context, existing security controls and configuration settings. Based on this analysis, it provides recommendations for addressing vulnerabilities while keeping human operators involved in the decision-making process.
Security teams can interact with the AI agent through natural-language prompts to obtain insights, delegate tasks or request guidance on maintaining compliance, mitigating risks or remediating vulnerabilities.
Quantro said the platform incorporates strict data governance practices aligned with industry standards. The company added that customer data is encrypted both in transit and at rest, and that such data is not used to train its AI models. It also enforces regional data residency policies to ensure compliance with regulatory requirements.
The seed funding round values Quantro Security at $25 million and follows the company’s early traction with initial customers.
Commenting on the development, Ben Doane, principal at Forvis Mazars, said Quantro Security’s VM.Analyst platform modernises vulnerability management by applying a purpose-built AI approach that helps security operations teams overcome traditional challenges.
He added that the platform’s analysis and prioritisation capabilities enable security teams to gain insights that extend beyond what human analysts alone can achieve.
