Security stacks are flooded with tools that don’t talk to each other. After detection, teams still have to turn scattered signals into verified action. “Most security stacks are a collection of point tools—CNAPP, SIEM, IAM, scanners—each generating signals, none owning outcomes,” Brooke Motta says.
Motta is the CEO and Co-Founder of RAD Security. She started the company about three and a half years ago after nearly a decade at Rapid7, where she joined as employee number six and helped scale the business through IPO. She later moved into bug bounty, working closely with advanced security teams and seeing how fragmented “done” often looks in practice. Her co-founder, Jimmy Mesta, was initially a customer. A cloud security leader who authored the OWASP Top 10 for Kubernetes, he had firsthand experience with the operational pain of modern cloud security. Together, they set out to build software that could connect what security teams already run and drive follow-through.
RAD Security is an agentic AI security operations platform designed to sit “between detection and decision,” Motta says. The company connects to existing tools, correlates related signals, and uses RADBot and AI Workers to investigate findings, prioritize risk, document supporting evidence, and push actions under defined guardrails. RAD frames the difference as ownership of follow-through: work moves from a finding to a documented outcome that a team can verify, instead of stopping at alert routing.
A second differentiator is evidence linkage. “Every conclusion shows its work,” Motta says. RAD preserves source metadata and maps relationships across signals so teams can review what information a determination relied on and use outputs in audits and reviews. RAD also says it performs its own detection using proprietary behavioral fingerprinting technology, rather than depending exclusively on upstream alerts.
RAD positions itself in a $60B+ global market spanning security operations, automation, and detection and response. Motta argues the market is being reshaped by converging pressures: AI adoption expands cloud complexity and machine identities, telemetry volume rises, attackers move faster, and security headcount stays constrained. At the same time, boards want defensible answers on how security teams are using AI, while finance teams push tool consolidation and clearer ROI.
RAD recently closed its Series A. Motta says current priorities center on trust in production environments and expanding integrations so workflows like triage, reporting, compliance, and risk can run automatically with evidence trails intact. Longer term, she expects security work to become more conversational and evidence-driven: teams ask questions, get answers with supporting proof, and take action without stitching context across dashboards.