Prelude Security, the next generation endpoint protection platform, today announced an additional $16 million investment led by Brightmind Partners, with participation from existing investors Sequoia Capital and Insight Partners, bringing total funding to $45 million. Prelude will use the capital to commercialize runtime memory protection—technology that can detect and stop malicious code at execution—and to expand platform support and customer deployment.

Today’s security teams face an escalating challenge: approximately 75% of advanced cyberattacks now operate exclusively in-memory. These attacks evade traditional file and behavior-based detection methods highlighting the gap in today’s suite of endpoint security platforms. Prelude’s announcement of runtime memory protection fundamentally restructures endpoint protection by leveraging novel, hardware-level telemetry to detect out-of-context code execution, entirely in user mode. This aligns closely with Microsoft’s Windows Resiliency Initiative.

"As we’ve worked with existing customers to monitor and validate their existing endpoint defenses, we've seen first-hand how attackers increasingly live in-memory and evade traditional EDR platforms," said Spencer Thompson, CEO of Prelude Security. "This investment enables us to expand and commercialize our ability to detect adversaries at the moment it matters—execution."

Prelude’s existing monitoring and validation capabilities help customers ensure the coverage and configuration of endpoint security tools like EDR and antivirus to strengthen resilience against commodity malware. Building off these capabilities, Prelude’s introduction of runtime memory protection via a user mode agent provides an innovative, robust layer of defense against the methods of a modern attacker to augment existing defenses.

These attackers increasingly exploit memory-resident techniques, process injection, and "living-off-the-land" tactics to bypass current endpoint security tools. Prelude’s capabilities focus on what attackers must do—execute code—making it possible to stop ransomware and hands-on-keyboard activity faster than current defensive tools.

"The shift to in-memory attacks represents a fundamental evolution in the threat landscape that traditional endpoint solutions simply weren't architected to address," said Stephen Ward, general partner at Brightmind Partners. "Prelude's hardware-level telemetry approach tackles the core problem—attackers must execute code, and that's exactly where this technology intercepts them. This isn't incremental innovation; it's an architectural leap in endpoint security and we believe it’s time for the next generation of endpoint protection and we think this is the team to build it."

"The endpoint security industry has experienced two transformative waves—antivirus and Endpoint Detection and Response—each catalyzed by technological innovation and evolving cyber threats," said Bill Coughran from Sequoia Capital. "We're now witnessing the emergence of a third wave, driven by AI advancement and the transition away from signature-based security models. Prelude is pioneering next-generation endpoint protection designed to counter AI-enabled adversaries, no matter their attack methodology."

About Prelude Security

Prelude Security is a next generation endpoint security company built to monitor existing controls and provide runtime memory protection, entirely in user mode. Backed by Sequoia Capital, Insight Partners, and other leading investors, Prelude is a small team of security researchers and software developers working to reinvent the way we protect endpoints in a world where threats are complex, emergent, and accelerating. Learn more at preludesecurity.com.

About Brightmind Partners

Brightmind Partners is a venture capital firm focused on early stage investments in enterprise technology and AI, partnering with visionary founders who are reimagining enterprise transformation. Founded in 2024, the firm is rooted in our deep operational experience and domain expertise.

Brightmind maintains a conviction that the most impactful technology solutions come from exceptional teams that combine deep technical expertise with a clear understanding of real-world business needs. Its active investment approach leverages decades of technology experience to identify transformative innovations that go beyond incremental improvements, often backing founders who fundamentally understand both technical challenges and enterprise needs while reimagining how organizations can stay ahead of complex market demands.

About Sequoia Capital

Sequoia Capital helps the daring build legendary companies from idea to IPO and beyond.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250925489179/en/

Prelude's hardware-level telemetry approach tackles the core problem—attackers must execute code, and that's exactly where this technology intercepts them.