Login → Book a demo
Home / Company

SkyDaemon

We build SkyDaemon — the runtime governance platform for AI agents. Headquartered in Berlin, with a research presence in London and Toronto. Founded in 2025 by veterans of the cloud-security and adversarial-ML communities.

What we believe

Production AI agents are the largest new attack surface in enterprise software since the cloud. Three things have to be true at once for that surface to be safe:

  1. Detection has to be runtime. Pre-deployment evals catch a fraction of the failure modes. The rest emerge in contact with real users, real RAG corpora, real tool-call graphs.
  2. Evidence has to be audit-grade. Auditors and regulators don't accept "trust us." They accept signed manifests, OCSF events, and Annex IV bundles. SkyDaemon produces evidence by default.
  3. Coverage has to be comprehensive. Every framework, every language, every LLM provider, every vector store, every SIEM, every compliance regime. Anything less leaves the buyer to glue four vendors together.

Team

SkyDaemon is founder-led, building toward audit-grade runtime AI governance.

MF

Michael Friedman

Founder

Building SkyDaemon to make runtime AI-agent governance audit-grade by default — detection, policy enforcement, and EU AI Act evidence in one platform.

Growing the founding team — we're hiring →

Investors & partners

SkyDaemon is funded by a Series A from a syndicate of European and US security-focused funds. Investors and partners by request.

Careers

We're hiring detection engineers, platform engineers, SDK authors, applied researchers, and customer SEs. Hybrid (Berlin / London / Toronto) and remote-EU. Email hello@skydaemon.com with a CV.

Press

Press inquiries: hello@skydaemon.com. Brand assets, factsheet, executive headshots available on request.

Security

SkyDaemon is built security-first. Highlights:

  • Privacy-by-default. Prompts hashed (SHA-256) at customer edge. SkyDaemon stores hash + redacted matches only.
  • TLS 1.3 end-to-end. AES-256-GCM at rest. RDS KMS-managed keys (BYOK on Enterprise).
  • Multi-tenant Postgres RLS tied to JWT claims. No super-tenant access path.
  • SOC 2 Type II report in progress (under NDA on request).
  • ISO/IEC 27001 + ISO/IEC 42001 certifications in progress.
  • Penetration testing by an independent firm, twice yearly.
  • Vulnerability disclosure program at hello@skydaemon.com.
  • Bug bounty via HackerOne (private, by invitation).

Privacy policy (summary)

SkyDaemon is the data controller. We collect:

  • Account data (name, email, role, company) for authentication.
  • Telemetry from your AI agents — by default, hashed prompt fingerprints + redacted match samples + invocation metadata. Full prompts only with explicit opt-in.
  • Audit logs of mutating actions on your tenant.

We never sell or share your data with third parties for marketing. Sub-processors (AWS, CloudFront, Sentry) are listed in the DPA. Right to access, delete, and port your data per GDPR Articles 15, 16, 17, 20. Data Protection Officer: hello@skydaemon.com.

Full policy available on request.

Terms of service (summary)

The SkyDaemon platform and marketing site are provided as-is for evaluation by registered customers and prospects. Production use is governed by the Master Service Agreement signed at procurement. Content on this marketing site is © 2026 SkyDaemon; do not republish without permission. Trade-marks and logos referenced (OWASP, MITRE, ATLAS, NIST, etc.) belong to their respective owners.

Full Terms of Service shipped with every Team / Enterprise contract.

DPA & Standard Contractual Clauses

Standard EU DPA (Data Processing Agreement) and SCCs (Standard Contractual Clauses) are shipped with every Team and Enterprise contract. Includes:

  • List of sub-processors with audit rights.
  • Tenant data residency commitments.
  • Breach-notification timelines (72 hours per GDPR Art. 33).
  • Data deletion and portability commitments on contract termination.

Pre-signature copy available under NDA: hello@skydaemon.com.

Cookies

This marketing site sets no cookies — no tracking pixels, no third-party analytics, no advertising. When the customer platform launches, its auth cookies will be HttpOnly + Secure + SameSite=Strict.

Status

A public status page will go live with the platform. For uptime or incident questions in the meantime, email hello@skydaemon.com.

Trust portal (uptime, SOC 2 letter, sub-processor list) — Wave 50 roadmap.

Contact

SkyDaemon
Friedrichstraße 68
10117 Berlin, Germany

General: hello@skydaemon.com
Sales: hello@skydaemon.com
Security: hello@skydaemon.com
Press: hello@skydaemon.com
Careers: hello@skydaemon.com
Legal / DPA: hello@skydaemon.com
Data Protection Officer: hello@skydaemon.com

Managing Director: Michael Friedman. Company registration & VAT details available on request.