Mycroft co-founder and CEO Mike Kim claims that most business security and compliance software on the market is either “too shallow” or “overkill.”
“You don’t need a large team to really get enterprise cybersecurity.”
With Mycroft, Kim and former colleagues from partner relationship management platform PartnerStack have teamed up to build what he described as “the Goldilocks tool” for companies looking to stay secure and compliant easier and more cost-effectively.
The Toronto-based company aims to give business-to-business (B2B) software-as-a-service (SaaS) startups “enterprise-grade security without the overhead” using agentic artificial intelligence (AI). In an interview with BetaKit, Kim said Mycroft’s offering is the product “we wish we had” earlier.
Mycroft recently secured $3.5 million USD to execute on that vision, refine its product, and bring it to more growth-stage customers in sectors like FinTech and healthtech.
The all-equity, all-primary seed round from June was led by Luge Capital, with support from fellow new investors Brightspark Ventures and Graphite Ventures. Existing backers Ripple Ventures, Developer Capital (DevCap), Antler, and BoxOne Ventures also participated. Kim declined to disclose Mycroft’s valuation.
Kim has been working in security and compliance for more than a decade at consultancies like KPMG and EY, Toronto accounting tech firm FreshBooks, and PartnerStack, where he served as engineering manager of trust and platform.
He founded Mycroft in 2024 alongside head of product and design Jonathan Mendes (a co-founder at PartnerStack) and head of engineering Jan Jedrasik (Kim’s first hire at PartnerStack). The trio has been joined by other former PartnerStack employees.
According to Kim, security and compliance functions are often short-staffed and poorly budgeted. He said this is particularly true at fast-growing technology companies that are focusing their limited resources on building and selling products. But he feels they are important, especially for businesses dealing with sensitive data or looking to sell to large companies or customers in highly regulated industries.
“A lot of startups and scaleups—and even enterprises, to an extent—are forced to do a trade-off between speed and security,” Kim said. “With Mycroft, we are changing that.”
Mycroft calls its agentic AI solution a “security and compliance officer” aimed at replacing scattered tools, manual workflows, and spreadsheet-driven processes. The company claims its offering can help businesses autonomously monitor cloud infrastructure, secure devices, enforce policies, manage incidents, and prepare for audits.
In a statement, Luge general partner and Mycroft board member Karim Gillani called the startup’s product “the teammate that every company needs in order to stay safe.”
RELATED: Brightspark closes latest early-stage VC fund at $100 million, adds BC partner
This round brings Mycroft’s total funding to $4.7 million USD, which includes $1.2 million in pre-seed financing from September 2024, raised through a simple agreement for future equity. That round was led by Ripple with support from DevCap and BoxOne.
Since bringing its product to market earlier this year, Mycroft has already amassed more than 50 clients, including Superwhisper, CoVet, Unified.to, Willful, Wisedocs, and Weave.
Mycroft has already used this seed funding to expand its 10-person team to 15, and plans to add another five employees over the coming months to help fulfill its go-to-market and product development plans.
As tech companies look to build leaner teams amid challenging fundraising market conditions and the emergence of AI tooling, Kim argued the time is right for a solution like Mycroft.
“You don’t need a large team to really get enterprise cybersecurity,” he said.
Feature image courtesy Mycroft.