WraithWatch lands $30M federal contract to defend nearly a dozen agencies — former Anduril CIO explains AI cyber defense
Mar 3, 2026 with Nik Seetharaman
Key Points
- WraithWatch wins $30M federal contract to deploy autonomous cyber defense across nearly a dozen US government agencies, validating AI-powered security as attackers increasingly weaponize agentic workflows.
- The startup breaks down security data silos by deploying AI agents to interrogate fragmented tools like Splunk and CrowdStrike at machine speed, uncovering breaches humans miss.
- Co-founder Nik Seetharaman, former CIO at Anduril and cyber leader at SpaceX and Palantir, positions the platform as asymmetric defense against sustained campaigns by Iran, Russia, China, and North Korea.
Summary
Nik Seetharaman, co-founder and CEO of WraithWatch, won a $30M federal contract to deploy autonomous cyber defense systems across nearly a dozen US government agencies. The deal validates an AI-powered security approach built for an era when attackers are weaponizing agentic workflows faster than human defenders can respond.
Seetharaman brings deep credibility in defense technology. He was CIO at Anduril, where he scaled operations from 100 to 4,500 people. Before that, he led cyber teams at SpaceX and Palantir and served in electronic warfare and cyber operations for US Special Operations Command.
The fragmentation problem
Cyber defenders operate at human speed with reactive workflows and manual control updates every six months. Meanwhile, attackers are moving to AI agents and industrial-scale exploits. Organizations accumulate what Seetharaman calls dead data: information that could expose latent risks or reveal breaches, but sits untouched across disconnected tools like CrowdStrike, Okta, and Splunk because no one has the bandwidth to query it meaningfully.
The 2019 Triton malware attack on Middle Eastern oil and gas facilities illustrates the gap. The attack succeeded because four critical data points never connected: a senior engineer with weak controls on a system that also served as a jump-off point into critical infrastructure. A red team took three months to find it, working through hundreds of potential attack paths.
The WraithWatch approach
WraithWatch breaks down tool silos, forces data integration, and deploys swarms of agentic workers to interrogate dead data sources at machine speed. The system generates and evaluates queries faster than humans could predict what to ask, uncovering latent vulnerabilities and detecting active breaches as they happen. Seetharaman describes it as a cyber analog to JADC2 (Joint All-Domain Command and Control), the military system that fuses sensor data into a cohesive command layer for real-time decision-making.
This mirrors what Palantir attempted with Foundry but earlier, when that platform was premature for cyber adoption.
Timing and geopolitics
The contract lands as Iran escalates cyber operations. Seetharaman notes that Iran, Russia, China, and North Korea have conducted a sustained campaign against US government and private sector targets for fifteen years as part of an ongoing cyber cold war that most organizations do not fully acknowledge. Iranian cyber activity ceased completely after recent US military strikes, suggesting the political window for cyber defense investment may be narrow.
For Fortune 500 companies and federal agencies, asymmetric attack pressure requires asymmetric defensive pressure. The federal deployment across nearly a dozen agencies is the first large-scale test of that thesis.