Q&A with Aurascape CEO Moinul Khan: Securing the AI Era
Q&A with Aurascape CEO Moinul Khan: Securing the AI Era
Before his current role as Co-founder and CEO of Aurascape, Moinul Khan was the VP/GM of Secure Service Edge (Data Protection) at Zscaler. He previously worked as the Director, Product Management, Mobility at Palo Alto Networks, Director of Product Management at Netskope, and Head of Product Management at Juniper Networks.
Aurascape has officially launched out of stealth with $50 million in funding, led by Menlo Ventures and Mayfield Fund, alongside support from Celesta and industry veterans like Lip-Bu Tan and Greg Clark. Read the funding news and explore more about the company and its mission on their official website.
Before his current role as Co-founder and CEO of Aurascape, Moinul Khan was the VP/GM of Secure Service Edge (Data Protection) at Zscaler. He previously worked as the Director, Product Management, Mobility at Palo Alto Networks, Director of Product Management at Netskope, and Head of Product Management at Juniper Networks.
Aurascape has officially launched out of stealth with $50 million in funding, led by Menlo Ventures and Mayfield Fund, alongside support from Celesta and industry veterans like Lip-Bu Tan and Greg Clark. Read the funding news and explore more about the company and its mission on their official website.
Q: For those unfamiliar—what is Aurascape and what problem are you solving?
Moinul Khan: Aurascape is an AI security company. As AI tools rapidly become essential in the workplace, enterprises face a new kind of risk: data loss, IP leakage, and threats coming through generative AI tools that traditional security systems can't see.
Employees are using hundreds of AI tools—chatbots, code assistants, embedded AI agents in SaaS platforms—and while these apps are incredibly productive, they also create blind spots. Our mission is to let organizations continue to innovate and not have to block or restrict users from these tools by protecting their data in real time.
We’ve built the first AI-native security platform to monitor and secure interactions with AI applications—whether it’s embedded in software, delivered through web apps, or streaming data.
Q: What makes your platform different from traditional security tools? Why can’t firewalls and proxies keep up with AI?
Khan: Traditional security tools were built for a different era. First, we had firewalls blocking malicious websites and malware downloads. Then came application-aware proxies like Zscaler and Palo Alto Networks’ next-gen firewall that offered visibility into SaaS usage.
But AI breaks those assumptions. AI tools aren’t just static websites—they’re dynamic, agent-like systems. A single AI app like Microsoft Copilot might use HTTP for file upload, WebSockets for chat, and QUIC or Protobuf for streaming or background processing. Legacy tools can’t inspect or interpret these newer protocols. For example, your firewall might catch a file upload, but completely miss high-frequency chat prompts or data streaming via WebSockets.
Aurascape’s platform is built from the ground up for this new reality and understands the intention behind each AI interaction. We can inspect traffic across modern protocols, classify content, and enforce security policies in real time.
Q: There are big security players claiming they’re moving into AI. How do you differentiate?
Khan: Everyone can build features. What matters is architecture. Incumbents are retrofitting their existing stacks, but we started fresh. We've built a truly AI-native platform that has 14 patents filed so far, in less than a year.
What’s unique about platform is we’re using AI to fight AI—something legacy tools can’t do with velocity. Our backend is powered by three autonomous agents. Neuroplane discovers and fingerprints new AI apps automatically, so we can support them within 24 hours. Neuralock delivers threat prevention and data protection without relying on fragile regex rules. And NeuroOps automates incident response, reducing the strain of alert fatigue put on IT teams.
Legacy security vendors are spread thin by trying to do everything, where we're laser-focused on AI security. That focus benefits our speed and precision.
Our landing strategy is to give customers something they don't have today—visibility and control over AI usage. But over time, we’re positioning ourselves to be a major cybersecurity player. When AI becomes mainstream, we want Aurascape to be the platform enterprises rely on.
Q: How does Aurascape’s AI actually work in real-world scenarios?
Khan: GPT-4 can summarize an 80-page PDF or recognize a malicious URL because it was trained on massive data. But you can’t just embed GPT-4 into your security stack—it’s too slow and expensive for real-time enforcement.
We tuned our own AI models to work efficiently at the network edge. They’re optimized for speed, accuracy, and real-time decisions. If a user uploads a sensitive source code file to an AI tool, we can flag it or block it before it leaves the network. If an AI chatbot is pulling in confidential voice data or processing video content, we can inspect and classify that too.
That’s where our multimodal approach comes in. We don’t just process text—we analyze images, audio, and video in real time. Traditional tools can’t do that. They rely on OCR or simple string matching, which leads to false positives and missed threats. We’ve eliminated that with AI agents that understand the context across formats.
Q: So your platform is both proactive and adaptive?
Khan: Exactly. We monitor both data in motion and data at rest, across content types and languages. But more importantly, our system is constantly learning. Traditional tools wait for a manual signature update. Neuroplane doesn’t—it autonomously discovers new AI tools as they launch and builds decoders for them.
That means we're ahead of the curve when new AI apps show up in your environment. You don’t have to wait weeks or months for support. From day one, we’re scanning, classifying, and enforcing policies on those apps.
Q: What’s the bigger picture for Aurascape? Where is this going long-term?
Khan: Right now, AI is just starting to touch every corner of enterprise work. In two years, most SaaS apps will be AI-powered, and the line between a "tool" and an "agent" will blur. When that happens, companies will need new security primitives.
Our landing strategy is to give customers something they don't have today—visibility and control over AI usage. But over time, we’re positioning ourselves to be a major cybersecurity player. When AI becomes mainstream, we want Aurascape to be the platform enterprises rely on.
We're also inline—not just an API tool. That means we don’t just report problems after the fact. We prevent threats in real time, with policy enforcement at the point of action.
Q: Tell us a bit about your background and what led you to start Aurascape.
Khan: I’ve spent the last 15 years in cybersecurity—Zscaler, Palo Alto Networks, Netskope. I worked across data security, CASB, threat prevention, and cloud infrastructure. But when generative AI exploded, I saw something new. CIOs and CISOs were saying, “We don’t know what our users are doing. And we can’t block everything.”
Even when they tried to block ChatGPT, new AI tools popped up the next day. Embedded AI tools in places like healthcare portals or developer platforms made it impossible to block without grinding productivity to a halt.
At the larger companies I worked for, it would’ve taken years to build something truly new. I teamed up with some of the best engineers from Palo Alto, Zscaler, Netskope, Google, and Amazon. We realized we had to start from scratch to do this right, and that’s how Aurascape began.
Q: You’re just launching out of stealth—what’s coming up for the business?
Khan: We’re launching on May 8 and announcing our Series A, led by Menlo Ventures, with participation from Celesta and angels like Lip-Bu Tan (Intel) and Greg Clark (Symantec). We’re coming out of stealth with eight enterprise customers already signed.
And we’ve been named a top 10 finalist at RSA’s Innovation Sandbox, which is a huge validation of both the problem we’re solving and the technology we’ve built. We’re moving fast, but staying focused on solving the hardest problems in AI security.
Q: What kind of support are you looking for from investors or the broader community?
Khan: We’re a small team, and visibility is everything at this stage. Just being able to tell our story helps us connect with customers, partners, and other early adopters. Intros, awareness, or even conversations like this interview are invaluable. We’re not asking for favors—we’re building something companies need right now. We just want a chance to show it.
Q: What keeps you going, and what advice would you offer to other founders?
Khan: Coming from big companies like Palo Alto and Zscaler, the first thing you realize is: you don’t have that logo anymore. Everything is harder. People treat you differently. You have to rebuild trust from scratch.
There are constant highs and lows. One day a major customer is ready to move forward, the next day it’s delayed. Hiring’s the same—you think someone’s joining, then they get a counteroffer. You have to be emotionally resilient.
What keeps me going is the product. I’m a builder. Every time our engineers show me that something new is working, or a customer says, “I’ve never seen this before,” it reaffirms that we’re on the right path. We’re solving hard problems with a high barrier to entry—and that’s what startups should be doing.
My advice would be to focus on innovation. Don’t chase shortcuts or easy wins. Build something that matters, and the market will follow.
