Andesite AI Puts Human Analysts at the Center of Cybersecurity Innovation

 

Andesite AI Inc., a two-year-old cybersecurity startup, is reimagining how human expertise and artificial intelligence can work together to strengthen digital defense. Founded by former CIA officers Brian Carbaugh and William MacMillan, the company aims to counter a fragmented cybersecurity landscape that prioritizes technology over the people who operate it. Carbaugh, who spent 24 years at the CIA leading its Global Covert Action unit, said his experience showed him both the power and pitfalls of a technology-first mindset. He noted that true security efficiency comes when teams have seamless access to information and shared intelligence — something still missing in most cybersecurity ecosystems.  

MacMillan, Andesite’s chief product officer, echoed that sentiment. After two decades at the CIA and a leadership role at Salesforce Inc., he observed that Silicon Valley’s focus on building flashy “blinky boxes” has often ignored the needs of cybersecurity operators. He believes defenders should be treated like fighter pilots of the digital age — skilled professionals equipped with the best possible systems, not burdened by cumbersome tools and burnout. 

As generative AI becomes a double-edged sword in cybersecurity, the founders warn that attackers are increasingly using AI to automate exploits and identify vulnerabilities faster than ever. MacMillan cautioned that “the weaponization of gen AI by bad actors is going to be gnarly,” emphasizing the need for defense teams to be equally equipped and adaptable. 

To meet this challenge, Andesite AI has designed a platform that centers on human decision-making. Instead of replacing staff, it provides a “decision layer” that connects with an organization’s existing security tools, harmonizes data, and uses what MacMillan calls “evidentiary AI.” This system explains its reasoning as it correlates alerts, prioritizes threats, and recommends next steps, offering transparency that traditional AI systems often lack. The software can be deployed flexibly — from SaaS models to secure on-premises environments — ensuring adaptability across industries. 

By eliminating the need for analysts to switch between multiple dashboards or write complex queries, Andesite’s technology allows staff to engage with the system in natural language. Analysts can ask questions and receive context-rich insights in real time. The company claims that one workflow, previously requiring 1,000 analyst hours, was reduced to under three minutes using its platform. 

Backed by $38 million in funding, including a $23 million round led by In-Q-Tel Inc., Andesite AI’s client base spans government agencies and private enterprises. Named after a durable igneous rock, the startup plans to expand beyond its AI for Security Operations Centers into areas like fraud detection and risk management. For now, Carbaugh says their focus remains on “delivering absolute white glove excellence” to early adopters as they redefine how humans and AI collaborate in cybersecurity.