Silmaril

Active

Prompt injection defense that is self-healing

Spring 2026Founded 20262 peopleSan Francisco, CA, USA

silmaril.dev ↗LinkedIn ↗See on the Idea Map B2B momentum

Generate ideas →

AI insightcan contain mistakes

Prompt Injection DefenseSaaSAI platform developers, enterprises running agentsLow competition

Moat

Application context understanding novel; 2x threat detection vs. SOTA; low-latency execution; $28M damage stopped (proof point).

Key risk

Prompt injection threats may diminish with better agent training; integration burden; false positives; commoditization risk.

Why now

Rapid agent adoption creating prompt injection attack surface; need for autonomous defense.

Competitors

Emerging space, traditional WAF/API security

About

Silmaril is self-healing prompt injection defense for AI native applications and agents. It understands application context to block 2x as many threats as current SOTA defenses with 10x lower latency. Customers plug us into agentic frameworks like LangGraph with 5 lines of code. Silmaril has stopped $28M of damages for customers.

From their website

as of Jun 7, 2026silmaril.dev ↗

SaaSSubscription

Silmaril is a self-improving firewall for AI applications that defends against prompt injection by continuously retraining on discovered attacks. It integrates with major agentic SDKs and operates as a real-time defense layer to block harmful outcomes before they materialize.

Silmaril wraps inference calls with a firewall classifier that analyzes user intent, application context, and execution state to block risky actions in real time. It uses autonomous threat hunting to discover attack chains, generates synthetic training data from those findings, and retrains the defense so updates deploy across deployments within under an hour. Integration requires five lines of code and supports managed or self-hosted controls across major agent stacks and node-level blocking.

Who it’s for: AI-native applications and platforms that deploy autonomous agents or toolchains and are concerned with prompt injection and related attacks (e.g., AI productivity apps, analytics platforms, code assistants).

Features

real-time attack blocking
autonomous threat hunting
self-improving retraining loop
multihead classifier evaluating intent, context, and state
five-line integration
agent SDK compatibility
managed or self-hosted deployment

Backed by Y Combinator; mentions of case studies, deployments, and ongoing retraining loops indicate traction and funding signals.

Founders · 2

Aum UpadhyayFounder

Amazon

Co-Founder & CEO at Silmaril. I built the security and privacy framework at AWS that prevented over $1.8B in damages. Now I bring that same defensive mindset to Silmaril, working with customers to ship prompt injection defense.

LinkedIn ↗X ↗

Eduardo VelascoFounder

Amazon

Co-Founder & CTO at Silmaril, the world's first self-healing prompt injection defense. I prove the risks are real by finding exploits myself. I chained a prompt injection into root access inside ChatGPT. Ex-Amazon tech lead specializing in low latency ML models that generated $400M in annual revenue.

LinkedIn ↗X ↗

Launch · 1 launch

Silmaril: Self-healing Prompt Injection Defense · Apr 2026
View ↗
Block 2x more attacks with 10x lower latency.
Silmaril provides prompt injection defense for AI applications using autonomous agents to identify threats and a real-time classifier that blocks attacks based on application context. The system retrains continuously on verified exploits without requiring manual policy updates.
▲ 21

B2BSecurity

Related startups

SilaWinter 2026

AI Work Messaging & Collaboration Platform

Agentic Team CollaborationActive

MountSpring 2026

The AI Insurance Carrier

AI Agent Liability InsuranceActive

3 more related startups + AI insights

Free account · no credit card.

Also in Spring 2026

HeyClicky Huscarl Inc.Thomas Cohesion Maquoketa Research Intelligence Factory