The pure-play ML security company founded by the researchers who discovered AI-specific malware — and the only one trusted enough to work in classified DoD environments.
www.hiddenlayer.com ↗HiddenLayer was founded in March 2022 in Austin, Texas, by Chris 'Tito' Sestito, Jim Ballard, and Tanner Burns — experienced security and machine learning professionals who first identified AI-specific malware targeting ML models. The company emerged from stealth in July 2022 with a thesis that the machine learning model itself — not just the data or infrastructure around it — is an attackable surface requiring dedicated security controls. HiddenLayer positioned itself as the first company to offer turnkey security for AI that requires no access to raw data or model weights, a critical differentiator for regulated industries and government clients.
HiddenLayer raised $6M in seed funding in 2022 and then $50M in a Series A in September 2023 — the largest Series A in AI security at the time — led by M12 (Microsoft's Venture Fund) and Moore Strategic Ventures, with participation from Booz Allen Ventures, IBM Ventures, and Capital One Ventures. Total disclosed funding stands at approximately $56M. In December 2025, HiddenLayer was selected as an awardee on the US Missile Defense Agency's SHIELD IDIQ contract (ceiling value $151B), a major validation of its Airgapped AI Security Platform for classified DoD and intelligence community deployments.
HiddenLayer's technical architecture centers on non-invasive model inspection: it analyzes model artifacts, tensor structures, and runtime behavior without requiring access to the underlying training data or proprietary weights. The platform's four modules — AI Discovery, AI Supply Chain Security (model scanning), AI Attack Simulation (automated red teaming), and AI Runtime Security (AIDR: AI Detection and Response) — cover the complete ML lifecycle from procurement to production. The company's adversarial AI research team regularly publishes CVEs and novel attack methodologies, including the Tree of Attacks with Pruning (TAP) technique for LLM jailbreaking, establishing HiddenLayer as a credible source of AI threat intelligence.
HiddenLayer is the rare pure-play AI security company that has translated academic adversarial ML research into an enterprise-grade product with real government validation. The MDA SHIELD contract win — securing a slot in the DoD's premier AI acquisition vehicle — demonstrates a level of trust in its technology that no commercial-only AI security vendor has achieved. Its non-invasive architecture (no access to weights or training data) is the only viable path for highly regulated industries — financial services, healthcare, and intelligence agencies — where data sovereignty makes cloud-based scanning services impossible. With $56M raised and a lean 51-200 person headcount, HiddenLayer is capital-efficient relative to its technical footprint, but faces pressure to either raise additional capital to scale enterprise go-to-market or accept a strategic acquisition by a larger platform vendor.
HiddenLayer occupies the pure-play AI model security niche alongside Protect AI and Robust Intelligence (now Cisco). Of the three, it is the only independent company focused exclusively on ML model security — Protect AI is broader (MLOps governance), and Robust Intelligence was acquired by Cisco in 2024. HiddenLayer's government traction and non-invasive architecture give it a strong position in regulated verticals that cloud-based competitors cannot serve. The primary competitive risk is platform consolidation: as Cisco (via AI Defense), SentinelOne, Palo Alto, and Microsoft bundle AI model security into broader security platforms, standalone purchasing of a dedicated AI security tool becomes harder to justify. HiddenLayer's survival thesis rests on technical depth and regulatory compliance requirements that platform vendors cannot cheaply replicate.
206 companies across 10 categories — the most comprehensive AI security company tracker.
Browse All Companies →