Agentic Security Startups: Spot the Winners with GitHub and HN Signals

The last time the security world got this interesting was the cloud migration wave. Everyone talked about it for two years before Wiz raised its monster round. By the time the general market figured out cloud security was a real category, the best early bets were already locked up.

Agentic security is setting up the same way. The window is shorter this time.

This Is Not "AI Security" With a New Label

Most "AI security" investments of the past two years were really just incumbent vendors adding a chatbot to their dashboard. That's not what's happening here.

Agentic AI - systems that take autonomous actions across APIs, file systems, and cloud environments - creates an entirely new attack surface. Traditional security tools were built to protect humans accessing systems. They weren't designed for AI agents that can execute thousands of actions per minute, chain tool calls across multiple services, or dynamically generate their own code.

The startups worth watching are the ones building for this specific problem, not the ones retrofitting existing products. That distinction isn't obvious from a pitch deck. It shows up clearly in the code.

If you've been tracking the broader agentic AI startup category this year, you already know the category is moving fast enough that waiting for a company to appear on a VC's portfolio page means you're already late.

GitHub Signals That Tell You Something Real

The best agentic security startups are usually open-source first, or at least open-source adjacent. Developer trust matters in security, and community validation accelerates development on complex threat models.

That makes GitHub your early warning system.

Commit velocity in the past 90 days. More diagnostic than star count. A repo with a few hundred stars but showing 15-20 commits per week from multiple contributors is a stronger signal than 3,000 stars with a dead commit graph. GitHub stars can be gamed; commit velocity is harder to fake.

Issues that read like real production problems. When practitioners file detailed bug reports with specific edge cases, they're running the thing in anger. "Our agent spawned 400 API calls before hitting the rate limit" is a real user. "Great tool, love the README" is not.

Fork/star ratio. A high fork rate relative to stars usually means developers are actively building on top of the project. In security tooling, forks mean integrations - someone is wiring this into their stack. A ratio above 15-20% in the early stage is worth tracking. This is one of the cleaner signals, as the fork/star ratio analysis laid out.

Contributor diversity. Early stage is fine with one or two core contributors. But by the time a security startup is raising a seed round, you want to see external contributors showing up. A solo committer repo means the community hasn't validated the technical approach yet.

If you're doing this at any real volume, you'll want tooling that can pull structured data from GitHub without constantly hitting rate limits. Bright Data ([BRIGHTDATA_AFFILIATE_LINK]) is what several scout fund operators use for pulling GitHub metrics programmatically across a large portfolio of signals.

What Hacker News Tells You That Crunchbase Won't

Hacker News is where security practitioners actually live. Not Twitter, not LinkedIn. HN.

The signals there are different from GitHub. You're not looking at code - you're looking at how the security community reacts to a problem framing.

Show HN posts. When a security startup gets a thread full of security engineers asking detailed technical questions, that's the signal. Not the upvotes. Comments like "interesting, how do you handle the case where the agent uses OAuth impersonation?" mean experts are taking it seriously. As the Show HN startup signal guide covers, thread quality matters more than vote total.

Ask HN threads about the problem, not the product. Before a startup gets attention, the underlying problem usually surfaces in threads like "Ask HN: How are people handling agent permissions in production?" If a startup's product maps cleanly onto one of these threads, they found a real problem.

Who is commenting. Check the comment history of people leaving substantive feedback. If the commenter is a staff engineer at a company running significant AI infrastructure, their opinion carries weight. HN usernames are consistent, so this is possible to track systematically.

Red Flags Dressed as Green Flags

Agentic security is hot enough that there's real noise. Some things that look like signals are just good marketing.

Security report releases. Publishing a threat report is table stakes now. Every startup with a design intern can publish a "State of Agentic Security 2026" PDF and get a wave of LinkedIn engagement. That's not traction. That's content marketing.

Famous advisors. Ex-CISO from a Fortune 500 as an advisor sounds impressive. It usually means they got coffee with someone once. Look for advisors who are writing code or making introductions that show up in the commit log or customer list.

Raised from a known fund. In a hot category, good VCs back multiple companies. A logo on a cap table is not validation of product-market fit. Check whether there's any actual customer traction before treating it as a signal.

Distinguish between activity that proves people want the thing and activity that proves people want to seem like they're on top of the thing. In a fast-moving category, that distinction is the entire game.

Building Your Watch List

Search GitHub for repositories tagged with "agent security," "LLM security," or "AI agent permissions" created in the last 12-18 months. Filter for repos with at least 200 stars and meaningful commit activity. Add the strong ones to a watch folder and check back every 30 days.

Set up HN searches for terms like "agent permissions," "AI agent security," "LLM firewall," and "agentic attack surface." Flag any thread with 50 or more comments for a closer read.

Cross-reference with GitHub due diligence signals before making any moves. A promising repo with a solo founder, no license, and abandoned issues is a pass regardless of how clever the underlying approach is.

The companies worth your time are building for a specific, demonstrable version of the agentic attack surface with real practitioners already testing the thing. Finding them six months before the VC wave arrives is what makes the return multiple.

The beforeVC weekly briefing surfaces exactly these kinds of signals - GitHub projects gaining momentum before they raise, HN threads that practitioners are taking seriously, and early-stage security startups worth adding to your watch list. Sign up to get next week's edition.

Some links are affiliate links. You will not pay more.