The Brightmind Partners team has a long history with the SIEM category. Whether helping to build one of the fastest growing SIEM platforms at CrowdStrike or managing SIEM operations at Fortune 50 scale, our perspectives were clearly aligned on two major areas 1) AI would fundamentally change the detection and investigation process 2) the underlying data architecture needed to be more dynamic and adaptive. Most of the operators we spoke to agreed on the need and recognized shortfalls of incumbent approaches, but we heard a lot of the same opinions - SIEM is “hard” and it’s “too big to fail”. This sentiment still gets us excited when we think about the Artemis opportunity. We believe that in the AI era, inertia is no longer a moat – enterprise grade products can be built by the right teams in quarters rather than years and AI-assisted adversaries move faster than incumbents.
Adaptive Protection, a Bold Approach to Understand and Defend the Enterprise
The best teams we have worked with tune down the volume on inertia, trusting their lived experiences, knowing that they can build solutions capable of delivering better outcomes. Shachar Hirshberg and Dan Shiebler exemplify this mindset, with immense experience at the confluence of SIEM and AI from their former leadership roles at AWS and Abnormal Security. Together, they set out to build a new approach to security operations: adaptive protection. Adaptive protection is built on a straightforward premise: enormous volumes of data across enterprises go underutilized and the context from that data needs to be deeply embedded in an autonomous detection lifecycle. With adaptive protection, the detection, investigation and response is automated with the full context of the enterprise environment, eliminating costly false positives and evaluating threats as comprehensive attack stories. The speed of AI-assisted adversaries is rendering the traditional detection engineering and investigation process obsolete, operators need adaptive detection that understands the threat landscape, their infrastructure and business context with the ability to federate or centralize the underlying data. This is no easy task; it is a broad vision the SIEM space has attempted to build for over a decade. It took the Artemis team six months.
Artemis’ AI-Native Protection Platform
An Architecture that does not Rely on Data Gravity
The SIEM market has been built on a foundation of ingest and retention economics, singularly focused on driving as much data as possible to a centralized plane. However, data management strategies have become increasingly fragmented with data warehouses, cloud datastores and first party security vendors all providing their own unique and effective value propositions. Indexing to a centralized security data management strategy may be right for some and wrong for others. Whether running adaptive protection over multiple SIEMs, datastores or centralizing on Artemis’ storage, Artemis built their platform for complete flexibility, delivering the outcomes without the lock-in.
Beyond product excellence, Shachar and Dan have built a culture of customer obsession that blurs the lines between product and service, deeply aligning themselves as a trusted partner. We are incredibly proud to have worked with Artemis from day one. This is just the beginning – onward and upward!
Let's Secure Tomorrow, Together.
We're always looking for the next generation of cybersecurity innovators. Reach out to our team to start the conversation.
Other Articles
Artemis: Reimagining Security Operations for the AI-Era
Brightmind Partners announces their investment in Artemis, a new security operations platform founded by Shachar Hirshberg and Dan Shiebler (former leaders at AWS and Abnormal Security) that aims to reimagine SIEM for the AI era. The company introduces "adaptive protection," an approach that automates detection, investigation, and response by embedding deep enterprise context into an autonomous detection lifecycle, eliminating false positives and evaluating threats as complete attack stories. Unlike traditional SIEMs built on centralized data ingest and retention economics, Artemis offers architectural flexibility that works across multiple SIEMs, datastores, or its own storage, avoiding vendor lock-in. Brightmind praises the team's rapid execution—building in six months what the SIEM space has attempted for over a decade—along with their strong customer-obsessed culture.
What everyone seems to be overlooking with Mythos and Project Glasswing
Stephen argues that while Mythos (an AI security model) giving 50 companies a 90-day head start to find vulnerabilities sounds promising, it's largely illusory — enterprises are already drowning in unpatched critical vulnerabilities and the remediation pipeline is far too slow and contentious to meaningfully close the gap in time. On day 91, when Mythos is broadly released, whatever defensive advantage was gained evaporates and attackers gain the same powerful exploit-generation capability. He recommends CISOs restructure their security orgs entirely — retiring traditional scanning teams in favor of one massive remediation-focused team, letting AI handle identification while humans focus solely on fixing. His deeper fear is that these capabilities will trickle into small, offline, guardrail-free local models, democratizing exploit generation in a way that creates systemic risk far beyond what any centralized tool with access controls can contain.