Aten Security · Founded 2025 · San Francisco
Authorized is not
the same as safe.
Every security tool in the Replit stack was working exactly as designed. None of them stopped the DROP TABLE from running. That's the problem Thoth solves.
The origin
Built on real production behavioral data.
We built behavioral enforcement infrastructure for enterprise environments from the ground up, learning one thing deeply: the authorization story is never enough. What happens after access is granted is where compliance breaks down.
That insight became Thoth. The MOSES behavioral engine has been running in production since July 2025. We didn't build a prototype. We applied a proven enforcement engine to the most consequential problem in enterprise AI.
When AI agents became real production systems with access to billing APIs, customer databases, and external services, we saw the same gap emerge. The authorization story was good. The post-authorization story was nonexistent.
Apr 2025
Aten Security founded in San Francisco. Mission: close the post-approval security gap that every other enterprise tool ignores.
Aug 2025
MOSES behavioral detection engine ships: two-tier analysis in production. Fast-ML classifies in <100ms; Deep-LLM handles the 15% that needs depth.
Nov 2025
Pivot to AI agent governance. Autonomous agents running on enterprise credentials is the exact gap MOSES was built to close. Thoth SDK development begins.
Mar 2026
RSA launch. Thoth goes public. Shadow mode free. AARM TWG membership confirmed as runtime implementer alongside Noma and Formal.
Apr 2026
Design partner pilots active across financial services, healthcare, and enterprise tech. First enforcement contracts in final stages.
Founder
Nyah Check
Founding engineer at Altitude Networks (acq. by CoinList) and early contributor at Komand Security (acq. by Rapid7). Staff Security Engineer at Anchorage Digital, the federally chartered crypto bank where he built security infrastructure for institutional-grade digital asset custody.
He built the MOSES behavioral detection engine from scratch, in production since August 2025. The same engine now enforces policy on autonomous AI agent actions in under 100ms.
Nyah Check
Founder & CEO · Aten Security
“We are not building a security product. We are building the system that decides whether AI actions are allowed to exist.”
How we build
Design principles.
Evidence over assertion
Every blocked action generates a tamper-evident receipt. Claims about AI safety mean nothing without proof it held.
Fail-safe by default
If Thoth is unreachable, your agent runs unblocked. We never let our enforcement layer become a single point of failure.
Shadow before block
We built shadow mode because enterprise security teams need to see before they commit. Observation is free. Always.
Behavioral, not signature
Known-bad lists don't work against autonomous agents. We watch what agents actually do and flag what deviates from intent.
Advisory board
Advised by people who've lived the problem.
Security leaders who've managed identity, access, and risk at enterprise scale.
Caleb Sima
GP, White Rabbit VC
Ex-CISO, Robinhood · Databricks
Active co-seller. Built security programs at two of the highest-profile fintech companies.
Frederick Lee
CISO, Reddit
Ex-CISO, Gusto · Twilio
Design partner on the Reddit internal agent audit. CISO-to-CISO referrals drive our highest-conversion pipeline.
Shaun Blackburn
CISO, True Anomaly
Ex-CISO, Gemini · Airbnb · Netflix
Sponsor of the Gemini $90K enforcement pilot, our first contracted enforcement customer.
Prem Iyer
SVP, Palo Alto Networks
Enterprise GTM strategy. Brings the network-level security perspective to how Thoth fits the modern enterprise security stack.
Ecosystem
AARM Foundation: Technical Working Group Member.
Aten Security is a confirmed TWG member of the AARM Foundation (AI Agent Risk Management), serving as a runtime implementer alongside Noma and Formal Security. Membership confirmed April 2, 2026.
AARM conformance review is underway. Passing means Thoth carries the AARM conformant badge, an industry-recognized signal that our runtime enforcement meets the AARM specification.
Get in touch