Skip to main content
Mallory is a Black Hat USA 2026 Startup Spotlight finalistSee the announcement
Mallory
About Mallory

Building the AI-Native Threat & Exposure Management platform

Mallory unifies live adversary activity with your attack surface to prioritize the exposures real threat actors are targeting right now. We're built by veteran practitioners who've spent decades on the front lines, because defenders deserve AI that acts on intelligence instead of stockpiling it.

Know. Respond. Protect.

Our Mission

Put Agents Behind the Defender's Asymmetry

We built Mallory so a security team can answer “are we exposed?” in minutes, not days.

LLMs have made intelligence effectively free. The scarce thing is no longer analysis; it's a system that can reason over your environment and act on the answer. The new architecture of security operations is a harness with access to your systems, organized around an LLM.

Mallory is that harness. One unsiloed graph holds live adversary activity alongside your assets, your code, and the people who own them. Models sit at the center, reasoning across both sides at once. And an army of agents operates your stack the way a senior analyst would.

Because it's always on, the split between proactive and reactive collapses. The same skill that answers “are we exposed to this?” runs on a schedule hunting the next one, and routes a verifiable answer to the owner with proof the fix landed. Defenders have always held the asymmetry: the source, the commits, the inventory, the context. Mallory is what finally puts agents behind it.

“Threat intel has never been more important, and it has never been noisier. Security teams spend more time assembling the picture than analyzing it. They need to go from signal to context to action, without requiring a massive intel team.”

— Jonathan Cran, Founder & CEO

Decibel Partners

Backed by Decibel Partners

“Threat intelligence was built for an era where we would be able to process information at human speed. With the introduction of agents on the adversarial side, we no longer have a data intel problem but rather a context and reasoning problem. Jonathan and the Mallory team are changing that by connecting real-time threat activity to an organization's environment and processing it for relevance at agentic speed.”— Dan Nguyen-Huu, Partner at DecibelWith participation from LiveOak Ventures and senior leaders at Google, Robinhood, Cisco, Fastly, and GreyNoise.

Mallory is the AI-Native Threat and Exposure Management platform, a cybersecurity reasoning system that unifies live adversary activity with each organization's attack surface to prioritize the exposures real threat actors are targeting right now. Founded in 2024 and based in Austin, TX.

Founded 2024
Headquarters Austin, TX
Principles

What Guides Us

Agency & Ownership

We value agency, ownership, and a bias toward action. Great ideas come from anyone, and everyone is empowered to pursue them.

Practitioner-First

Our customers are leaders in their field. Making the best decisions for them requires deep understanding of how they work and what they need.

Relentless Curiosity

Natural curiosity drives us to challenge the status quo. We explore new ideas, ask hard questions, and build with cutting-edge technology to give defenders the advantage.

Defender's Mindset

We think like practitioners because we're practitioners. Our mission is to give defenders the upper hand.

Radical Candor

Honest, transparent feedback requires both courage and empathy. We speak openly and grow together.

Built to Last

We do the right thing and get the hard things right for our customers, our team, and the long term.

The Team

Deep Roots in Security Operations

For two decades, Jonathan has shipped the security capabilities and intelligence that the world's best-defended organizations rely on. A practitioner first, he began as a network administrator, cut his teeth as a pentester at Rapid7, then founded Intrigue, an open source attack surface project that was integrated into Mandiant and grew into Google Threat Intelligence. Everywhere he went, he hit the same wall: security teams buried in narrow tools, stitching context together by hand. He left Google in 2024 to build Mallory and fix it.

Our team brings decades of experience from the companies defining modern cybersecurity.

Help Us Build AI for Cyber Defenders

We're always looking for talented people who want to give defenders the advantage.

See Open Roles