General Analysis

General Analysis is a San Francisco-based AI security company building infrastructure for agentic AI systems through context-aware red teaming, vulnerability forecasting, and runtime protection. The company focuses on securing autonomous workflows connected to enterprise APIs, cloud environments, permissions systems, internal tooling, and operational infrastructure where AI agents increasingly execute tasks rather than simply generate responses.

General Analysis is led by Rez Havaei, CEO & Co-Founder, and emerged from AI safety and adversarial simulation research before officially launching in summer 2024. In April 2026, the company announced a $10M seed round backed by Altos Ventures, 645 Ventures, Menlo Ventures, Y Combinator, and additional investors focused on enterprise infrastructure, cybersecurity, and AI systems.

The company matters because enterprise AI adoption has entered a new phase. The market is moving beyond chatbot experiments into operational autonomy where AI systems interact directly with sensitive workflows, databases, customer systems, cloud environments, and business-critical infrastructure. That transition creates an entirely different category of operational and security risk.

General Analysis represents a broader market shift happening across enterprise technology ecosystems: autonomous AI systems are scaling faster than most organizations can operationally secure them. The companies building trust infrastructure around AI adoption may become as strategically important as the companies building the AI systems themselves.

About General Analysis

Wall Street figured out decades ago that speed without risk management is just expensive chaos wearing a tailored suit. Enterprise software is now learning the same lesson while executives sprint toward AI deployment targets like contestants grabbing cash inside a game-show wind tunnel.

General Analysis built an entire company around the uncomfortable reality most enterprises still do not fully understand: autonomous systems create operational leverage and operational exposure simultaneously. Everybody wants the AI assistant scheduling workflows, routing tickets, querying databases, and coordinating internal systems. Fewer people want to think about what happens when those systems gain excessive permissions, chain actions unpredictably, or interact with infrastructure under manipulated conditions. That is the market opening General Analysis stepped into.

The company positions itself as a security infrastructure layer for agentic AI systems, focusing on context-aware red teaming, exploit-path analysis, runtime protection, and vulnerability forecasting. Instead of treating AI security like a prompt-filtering exercise, General Analysis models how attacks move across workflows, APIs, permissions, memory layers, enterprise tooling, and autonomous agent chains operating inside production environments.

That distinction matters because traditional cybersecurity frameworks were not designed for AI systems capable of autonomous execution across interconnected business infrastructure. An employee clicking a phishing link is one category of risk. An autonomous system connected to 15 operational systems while making independent workflow decisions introduces a very different level of exposure.

General Analysis appears less interested in theoretical AI ethics theater and more interested in operational realities that eventually lead to boardroom investigations, compliance escalations, regulator scrutiny, and executives sitting under fluorescent lighting explaining why nobody stress-tested the infrastructure before deployment.

Why General Analysis Matters Right Now

The enterprise AI market is entering a transition phase where operational trust matters more than demo quality. The first wave of AI adoption rewarded novelty. Companies rushed to launch copilots, assistants, summarization tools, workflow automations, and customer-service agents because investors, executives, and markets demanded visible AI momentum. During that phase, speed itself became strategy. Security often became “we’ll figure it out later” written politely inside meeting notes.

Now the infrastructure consequences are arriving. AI systems increasingly connect to CRMs, customer records, internal databases, cloud infrastructure, financial systems, enterprise APIs, and operational tooling. Those integrations create compound risk surfaces that many organizations still do not fully map or understand. Security leaders are now confronting a market where autonomous systems can interact across multiple environments simultaneously while enterprise governance models remain fragmented. That dynamic is creating an entirely new infrastructure category around AI security, runtime governance, observability, and adversarial simulation.

General Analysis matters because the company is positioning itself directly inside that category before enterprise standards fully solidify. Historically, infrastructure transitions create large security markets. Cloud adoption produced cloud-security leaders. API proliferation created API-security markets. Identity sprawl created identity-infrastructure giants. Agentic AI appears to be triggering another foundational security cycle. The timing matters because operational trust tends to become the bottleneck once platform adoption reaches enterprise scale.

The Problem General Analysis Is Solving

Most enterprise AI conversations still sound like executives discussing horsepower while somebody quietly removes the brakes from the vehicle. The real operational risk surrounding autonomous systems is no longer limited to hallucinated responses or isolated prompt attacks. The larger issue lives inside interconnected workflows where AI systems interact with permissions layers, cloud environments, APIs, internal systems, external tools, customer data, and operational infrastructure simultaneously.

The next major AI incident probably does not arrive wearing a black hoodie while techno music plays in the background. It arrives through a “helpful” autonomous workflow nobody fully stress-tested before deployment because everybody was too busy celebrating productivity gains on LinkedIn.

General Analysis approaches this problem through context-aware adversarial simulations. Instead of evaluating prompts in isolation, the platform models how attacks move across enterprise systems, workflows, permissions structures, APIs, and agent interactions inside production environments. The company simulates exploit scenarios designed to expose operational weaknesses before attackers discover them first. That operational perspective separates General Analysis from companies focused primarily on governance dashboards or high-level AI observability tooling.

A prompt vulnerability is manageable. A system-level exploit chain involving autonomous execution layers, sensitive infrastructure access, interconnected APIs, and operational permissions becomes something else entirely. Modern enterprise AI environments increasingly operate inside those interconnected conditions. That is where the real enterprise risk is forming now.

Market Context

The broader AI infrastructure market is beginning to split into 2 overlapping categories. One side focuses on acceleration: faster deployment, increased automation, lower operational costs, and broader enterprise adoption. The other side focuses on operational control: runtime protection, governance, observability, compliance infrastructure, adversarial testing, and AI security. Those categories are rapidly becoming inseparable.

General Analysis operates at the intersection of enterprise AI adoption and cybersecurity infrastructure, 2 markets currently colliding at uncomfortable speed. The company reflects a larger realization spreading across enterprise technology ecosystems: autonomous systems amplify productivity and operational exposure simultaneously. That duality changes procurement behavior.

Enterprises no longer evaluate AI systems exclusively through innovation budgets or experimental product teams. Security executives, compliance leaders, legal departments, infrastructure operators, and boards increasingly participate in deployment decisions because operational failures involving autonomous systems can create legal, financial, reputational, and regulatory consequences simultaneously.

The market itself remains early. Some vendors position around observability. Others focus on governance frameworks, runtime monitoring, or compliance workflows. General Analysis is making a more infrastructure-centric argument centered on exploit-path modeling, adversarial simulations, runtime resilience, and operational trust.

Investors appear to believe that positioning carries long-term strategic value. The company’s $10M seed round reflects broader conviction that AI security evolves into foundational enterprise infrastructure rather than remaining a secondary feature layer attached to existing platforms.

Leadership and Team

Rez Havaei leads General Analysis as CEO & Co-Founder, guiding the company through a market environment where AI deployment cycles are accelerating faster than enterprise operating models can comfortably absorb.

The company emerged from AI safety and adversarial research rather than traditional enterprise SaaS playbooks, and that background shapes how General Analysis frames the market opportunity. The company consistently emphasizes exploit chains, runtime behavior, operational risk, and adversarial simulations instead of defaulting to vague productivity slogans or futuristic marketing theater. That difference in tone matters more than it appears.

A large percentage of the enterprise AI market still communicates like motivational speaking layered over quarterly revenue projections. General Analysis sounds more like operators who have spent serious time studying how interconnected systems fail under pressure. Enterprise buyers increasingly respond to that realism because the operational stakes surrounding autonomous systems are becoming impossible to ignore.

Why Hiring Momentum Matters

General Analysis is actively expanding across engineering, research, and go-to-market functions as enterprise demand for AI security infrastructure accelerates.

That hiring momentum is not merely a recruiting signal. It is a market signal tied directly to how quickly enterprises are operationalizing autonomous systems inside production environments. Companies do not aggressively scale security infrastructure teams unless customer urgency already exists underneath the market narrative.

The hiring environment surrounding AI security also reflects a broader migration happening across cybersecurity, infrastructure engineering, cloud operations, and applied AI research. Technical talent increasingly wants exposure to foundational market shifts rather than incremental feature optimization buried inside mature software categories. AI security currently sits inside that infrastructure-transition moment.

The companies shaping runtime governance, adversarial testing, exploit-path analysis, and operational trust infrastructure today may ultimately influence how enterprise AI systems are deployed for the next decade. Sophisticated operators understand that infrastructure standards often get established during chaotic adoption cycles long before formal regulation catches up.

What This Signals for Enterprise AI

General Analysis reflects a broader truth emerging across enterprise technology markets: operational trust is becoming the gating factor for large-scale autonomous AI adoption.

The first phase of enterprise AI rewarded experimentation, visibility, and deployment velocity. The next phase rewards resilience, governance, runtime accountability, security infrastructure, and operational reliability. That transition changes everything from procurement decisions to enterprise architecture strategy.

Security infrastructure is moving from secondary consideration to deployment prerequisite. Runtime controls, adversarial simulations, exploit-path analysis, observability layers, and operational governance increasingly sit at the center of enterprise AI deployment conversations rather than the edge.

The companies likely to matter most during this cycle are not necessarily the loudest companies generating headlines every 48 hours. They are the companies capable of reducing operational uncertainty for enterprises deploying autonomous systems at scale.

General Analysis is positioning itself directly inside that infrastructure layer while the category itself is still forming in real time. Historically, that tends to matter far more than polished slogans, oversized conference booths, or executives posting inspirational AI quotes over stock photos of server racks.

Frequently Asked Questions

What is General Analysis?

General Analysis is a San Francisco-based AI security company building infrastructure for agentic AI systems through context-aware red teaming, runtime protection, exploit-path analysis, and vulnerability forecasting.

Who leads General Analysis?

Rez Havaei serves as CEO & Co-Founder of General Analysis.

How much funding has General Analysis raised?

General Analysis announced a $10M seed round in April 2026.

Which investors backed General Analysis?

Investors include Altos Ventures, 645 Ventures, Menlo Ventures, Y Combinator, and additional investors focused on enterprise AI infrastructure and cybersecurity.

What problem does General Analysis solve?

General Analysis helps enterprises identify and mitigate operational risks tied to autonomous AI systems interacting with APIs, permissions, workflows, cloud infrastructure, and sensitive operational environments.

Why does agentic AI security matter?

As autonomous systems gain access to enterprise workflows, operational infrastructure, databases, and sensitive systems, security risks expand beyond isolated prompts into full-system operational exposure capable of impacting compliance, security, business continuity, and enterprise trust.