Security teams face persistent challenges in managing growing security tool stacks, where coverage gaps and alerts often go unaddressed due to difficulties engaging busy employees in remediation processes. Amplifier Security has launched from stealth with a $3.3 million investment and what it describes as the industry's first AI-powered human-in-the-loop automation and security copilot. The platform connects an organization's existing security infrastructure with its workforce through an engagement layer designed to improve response times and security culture.
The company addresses a fundamental tension in enterprise security: automation that enforces controls often meets user resistance when it disrupts workflows, such as when security patches require system reboots during critical operations. Similarly, triaging security alerts requires determining true versus false positives through end-user consultation—a burdensome process that frequently strains relationships between security teams and employees. Amplifier's solution aims to extend the value of existing security tools by enabling faster, collaborative responses that enhance organizational security health.
At the core of the offering is Ampy, an AI security copilot that serves as an engagement interface between security tools and employees. Functioning as what the company calls a "trusted copilot" or "AI security buddy," Ampy helps employees understand security risks they might create while resolving issues in ways that balance security needs with productivity. The approach draws from familiar consumer experiences, such as credit card companies verifying suspicious transactions, guiding employees through security protocols using real-time insights. This method not only accelerates response times but also strengthens security posture by directly involving employees in security processes.
Ampy operates on Amplifier's human-in-the-loop automation platform, which consists of three components: a security data fabric, a security hub, and an engagement studio. The platform integrates with corporate security tools, normalizes data across them to contextualize and prioritize risks and vulnerabilities, and translates findings into actionable remediation engagements through Ampy. This architecture allows organizations to maintain their existing security investments while adding a layer of workforce engagement previously missing from traditional security operations.
The company was founded by Shreyas Sadalgi, CEO, and Thomas Donnelly, CTO and President, both with two decades of experience in enterprise security, IT, and automation. Donnelly brings particular expertise as a three-time CISO and CIO, with over a decade focused on human-centric approaches and technology that transformed security in organizations. Their backgrounds inform Amplifier's emphasis on bridging technical security measures with human behavioral factors—a gap that has long challenged security teams relying solely on tool-based approaches.
For HR technology vendors and professionals, Amplifier's launch signals a growing recognition that effective security requires addressing human elements alongside technological ones. As security tools proliferate, the industry faces increasing complexity in ensuring those tools translate into actual risk reduction. Platforms that facilitate employee engagement with security protocols could influence how organizations approach security training, compliance, and culture-building initiatives. Vendors serving the HR industry may need to consider how their solutions integrate with or complement such engagement-focused security platforms, particularly as remote and hybrid work models make traditional security enforcement more challenging.
The broader implication for the human resources and talent management ecosystem involves the intersection of security, productivity, and employee experience. Security measures that disrupt workflows or strain employee relationships can indirectly affect retention, morale, and operational efficiency. Solutions like Amplifier's that aim to balance security with productivity could become increasingly relevant as organizations seek to maintain robust security postures without compromising employee experience or creating adversarial dynamics between security teams and staff.
