StrongestLayer provides an AI-powered, LLM-native email security platform that detects and stops sophisticated email-borne threats like AI-generated phishing, spear phishing, and Business Email Compromise (BEC) by analyzing the intent and context of messages, rather than relying on traditional static rules and pattern-matching. Pulse 2.0 interviewed StrongestLayer CEO Alan LeFort to gain a deeper understanding of the company.
Alan LeFort’s Background
What is Alan LeFort’s background? LeFort said:
“I’ve spent the last 25 years in cybersecurity, working across every part of the business – sales, product development, research, operations, and support. What made this journey unique was the split between enterprise B2B and B2B2C consumer markets, which taught me that every corporate decision-maker is also a consumer with expectations about user experience.”
“Academically, I started pursuing computer science and business at York University before completing my BBA in Finance with minors in theology and philosophy at University of St. Thomas. My Executive MBA from University of Toronto’s Rotman School focused heavily on design thinking, which became foundational to how I approach human-centered innovation.”
“This blend of technical depth, business perspective, and user experience focus shapes how we build products at StrongestLayer. Security tools shouldn’t just deliver outcomes – they should be something people actually want to use.”
Formation Of The Company
How did the idea for StrongestLayer come together? LeFort shared:
“The company evolved with each co-founder’s perspective. It started with Riz, our CTO, recognizing that phishing was becoming too sophisticated for traditional employee training. His insight was that AI-powered customization could fundamentally improve security awareness.”
“When Josh joined as our Chief Product Officer, he brought the missing piece. While testing our early product, he discovered our AI analysis was detecting complex attacks that established email security vendors were completely missing. That’s when we realized we weren’t just improving training – we were identifying a fundamental gap in threat detection.”
“I joined as CEO in early 2024 after advising the team, and saw the strategic opportunity clearly: if only AI can defend against weaponized AI, then we needed to rethink not just detection, but how we empower humans in this new reality. The decision was simple – go all-in on AI-native detection and prevention.”
Favorite Memory
What has been your favorite memory working for the company so far? LeFort reflected:
“There was a moment at a security event in Pittsburgh that crystallized everything for our team. We were showing our platform to prospects, and I noticed something different happening. These weren’t the polite nods you usually get in B2B security demos. People were genuinely excited about what they were seeing.”
“One seasoned CISO said our UX was elegant and modern. Others called our detection approach next-generation. But what really struck me was when prospects started asking for follow-ups and POCs on the spot. That doesn’t happen often in our industry.”
“That’s when Josh, Riz, and I realized we had something special – not just better technology, but a solution that security teams actually want to use. It validated our belief that we’re solving a generational problem with a generational approach.”
Core Products
What are the company’s core products and features? LeFort explained:
“StrongestLayer addresses a fundamental crisis: email security has become a board-level business continuity issue. Enterprise CISOs are spending $875,000 annually just investigating false positives – that’s 25% of analyst time wasted on non-threats. Meanwhile, AI attacks are succeeding because legacy systems suffer from what we call the ‘prosecutor-only problem.’”
“Traditional systems can only hunt for guilt with no mechanism to prove innocence. When AI creates novel attacks with no historical precedent, these prosecutor-only systems are essentially blind. Our solution is TRACE (threat Reasoning AI Correlation Engine) – built on an LLM-as-master architecture that acts as both public defender and prosecutor, with an impartial LLM judge weighing evidence. Every email gets its day in court.”
“Key capabilities include 5-minute deployment with Office 365 and Google Workspace, LLM-generated phishing simulations for realistic training, human risk benchmarking to identify vulnerable departments and employees, and our AI Advisor that empowers employees to engage confidently with email.”
“We offer two variants: our complete platform for comprehensive protection, and a human risk-focused solution that works alongside existing email gateways.”
Challenges Faced
What challenges have LeFort and the team face in building the company? LeFort acknowledged:
“The threat landscape is evolving faster than we’ve ever seen. We’re seeing both increased volume and a significant jump in sophistication, with targeted attacks becoming the norm rather than the exception.”
“By 2027, we expect sophisticated AI-enhanced attacks to comprise 20% of total threat volume, up from 5% today. This isn’t gradual evolution – it’s an exponential shift that makes pattern-based detection obsolete.”
“These challenges led us to focus on intent-based reasoning models. By analyzing what an email is trying to accomplish rather than how it’s constructed, we can detect attacks using techniques we’ve never seen before. That’s exactly why we exist – to solve challenges that legacy architectures fundamentally cannot address.”
Evolution Of The Company’s Technology
How has the company’s technology evolved since launching? LeFort noted:
“Since our market launch in December 2024, we’ve focused on enhancing our detection capabilities and improving the user experience. Our August v2 release includes an enhanced TRACE detection platform, a modern admin experience, and our AI Advisor for end-users – a new way of empowering employees to engage confidently with email.”
“What I’m particularly excited about is addressing problems our customers didn’t even know they had, like the English-language bias in traditional email security patterns that leaves global organizations more vulnerable to local-language attacks.”
Significant Milestones
What have been some of the company’s most significant milestones? LeFort cited:
“Our milestones reflect both technology breakthroughs and market validation.”
“June, On the technology side, we’ve just released a modern LLM-native platform that simulates an army of elite security analysts. They are detecting very nuanced attacks, while avoiding the false positive trap, through our unique dual-evidence architecture.”
“In July – we released our new Admin UI – focused on providing modern analysis, workflows and capabilities tailored to the roles of CISOs, Analysts and Human Risk professionals. These experiences allow users to shift from repetitive time consuming actions, to focusing on strategic analysis and continuous posture improvement.”
“August – In August we released our AI advisor. A fundamental rethinking of what it means to empower employees. Gone is the phishing reporting button that encourages employees to share ‘suspicious’ emails with the security team. In place is a trust-callibration tool that allows employees to get analysis on an any email and answer the question: Is this trustworthy? We believe that calibrating employee trust is critical in a world where AI crafts near perfect attacks, that only AIs can spot. In a world where inboxes are clogged with AI-generated marketing emails – that look a lot like phishing attacks in terms of the techniques used – Employees need dual-training, What does good like and what does bad look like? And they need it to be subtle, friendly and frequent. So we built that. And customers are loving it!”
Funding
When asking LeFort about the company’s funding details, he revealed:
“We’re backed by Sorenson Ventures, who manages $1.6 billion in assets and focus specifically on early-stage B2B cybersecurity companies. Their investment validates both our technology and market opportunity. Our seed round was a 5.2M raise. It will be used to expand our platform and increase our GTM focus: getting our technology into the hands of organizations that need this protection in the Americas.”
“As a recently funded company, revenue discussions are premature. However, I can share leading indicators: we have an 85% POC win rate compared to industry average of 35-40%, strong pipeline concentration in financial services, healthcare, and legal sectors, and high customer satisfaction in early deployments.”
Total Addressable Market
What total addressable market (TAM) size is the company pursuing? LeFort assessed:
“Based on current published research, the global TAM for email security and security awareness training is approximately $6.7 billion in 2024, growing to $30+ billion by 2032. In 2024, the market is dominated by traditional email security solutions ($5.17B) with security awareness training representing a smaller segment ($1.5B). However, by 2032, the focus shifts dramatically toward AI-assisted human risk management, with security awareness training growing at 10.5% CAGR while BEC-specific protection explodes at 20.53% CAGR as organizations recognize that human-centric threats require human-centric solutions. This represents a fundamental market transition from technology-first email filtering to AI-augmented behavioral defense systems that work with human cognition rather than against it.”
Differentiation From The Competition
What differentiates StrongestLayer from its competition? LeFort affirmed:
“We’re not just competing with other vendors – we’re staying ahead of AI-enabled threat actors. This drives everything about our approach.”
“Email security has evolved through three distinct architectural approaches, each with fundamental limitations against novel attacks.”
“Generation I relies on pattern matching – when threats are novel, there are no patterns to match. You can’t use regex to define ‘normal’ business communication either.”
“Generation II uses machine learning on historical attack data – but when AI generates personalized, novel attacks with no precedent, statistical analysis fails completely. You also can’t build ML models to detect legitimacy because the feature space is too vast.”
“Both generations suffer from the “prosecutor-only problem” – they can only hunt for guilt with no mechanism to prove innocence. This creates the classic false positive/false negative tension that can never be solved within a prosecutor-only architecture.”
“We pioneered Generation III with LLM-as-master architecture that breaks this paradigm entirely. Our system acts as both public defender and prosecutor, while an impartial LLM judge weighs evidence and renders verdict. This dual evidence approach focuses on stable indicators that persist regardless of attack novelty – business legitimacy patterns and malicious intent patterns remain consistent even when attack methods are completely novel.”
“We have concrete proof this works. Our TRACE system recently detected a sophisticated Microsoft 365 Direct Send exploitation attack that both Microsoft’s native security and the market leader in email security completely missed. Dark Reading published our analysis after validating our findings.”
“The attack used Microsoft’s legitimate Direct Send feature to bypass authentication, embedded malicious code in image files to evade text scanners, and dynamically personalized phishing pages with victims’ corporate branding. It was novel enough that traditional pattern-matching failed entirely – there was no historical precedent to match against.”
“Our LLM-as-master architecture caught it through dual evidence collection: prosecutor evidence flagged authentication failures and suspicious relay paths, while public defender evidence confirmed this wasn’t legitimate internal communication. The system reasoned about the business intent – legitimate voicemail notifications don’t require authentication bypasses or use suspicious hosting providers.”
“This validates our core thesis: when attacks are truly novel, reasoning about intent and business context succeeds where pattern-matching fails.”
Future Company Goals
What are the company’s future goals? LeFort emphasized:
“Our strategy centers on three core objectives that address the evolving threat landscape and organizational needs.”
“First, we’re committed to nailing detection wherever attacks migrate. Currently, 90% of breaches start with email, but as email security tightens, attackers are already shifting to less protected channels like Microsoft Teams, Slack, and mobile platforms. Our AI-powered detection engine will follow threats across all communication channels, ensuring comprehensive coverage as attack vectors evolve beyond traditional email.”
“Second, we’re shifting work left through intelligent automation to dramatically reduce security operations costs. The more we automate threat detection and response, the less organizations spend on security personnel investigating false positives and managing routine threats. Our goal is to reduce analyst workload by 80% while improving detection accuracy, allowing security teams to focus on strategic initiatives rather than alert fatigue.”
“Third, we’re empowering end-users to calibrate trust through our AI Advisor. Rather than training employees to be universally suspicious, we provide real-time trust signals that help them make confident, informed decisions about communications. This approach transforms users from security bottlenecks into informed decision-makers, improving both security posture and business velocity while reducing the cognitive burden of constant vigilance.”
Additional Thoughts
Any other topics you would like to discuss? LeFort concluded:
“We’re at an inflection point in cybersecurity. Organizations have a window to migrate from pattern-based to reasoning-based email security before AI-enhanced attacks become the dominant threat vector.”
“The question for CISOs isn’t whether their current email security will fail against AI-enhanced attacks – it’s whether they’ll address this gap proactively or reactively. Early adopters gain immediate protection, competitive advantage, and cost optimization through prevention rather than incident response.”
“For the broader industry, StrongestLayer represents more than a new product – we’re demonstrating that cybersecurity can be both more effective and more intuitive to use. As AI reshapes business communication, the organizations that balance AI capability with human empowerment will define the next decade of cybersecurity.”
