The
Origin
The Setup
In early 2024, I started Mighty with a thesis: local AI would become the next big thing. This was six months before Apple announced Apple Intelligence.
But my interest wasn't just about local models. It was about security.
Phones are already secure devices. Encryption built in. Secure enclaves for biometrics. Hardware-level protection that users never think about. The model was compelling: powerful capability on top of invisible security. I wanted to know if AI could work the same way.
I built a prototype that translated voice commands into application actions. It worked decently, not excellently. Small models weren't there yet.
Then Apple launched Apple Intelligence. It underwhelmed. But I didn't abandon the question. I took it somewhere else.
The Pivot to TEE
Nvidia released Trusted Execution Environments in 2022. By 2024, they were stable enough to build on.
Same question, different substrate. Phones answered "how do you build security that disappears?" with secure enclaves. TEE answered it with hardware attestation. Provable privacy. Encryption you can verify. No trust required.
I kept thinking about SSL/TLS. That protocol brought foundational change to commerce and the internet. You don't think about it when you shop online. It just works. Your session is secure. I believed TEE could do the same for AI.
I started building environments for open source models to run in TEE.
Meeting Munam
In mid-2024, a mutual investor introduced me to Munam Wasi. He was departing from Delegate Labs, where he had built role-based crypto wallet security tooling.
Our first calls were long. We argued about whether TEE would ever matter outside of web3. We debated whether enterprises would pay for security they couldn't see. We kept circling the same frustration: why does security always feel like friction? Why do compliance teams slow everything down? Why hasn't anyone built protection that just works?
"The web browser solved this twenty years ago. TLS secures your session without asking permission. You just browse. Why can't AI work like that?"
That was the moment. Not because it was a new idea. Because it was exactly what I'd been chasing with local AI and TEE and couldn't articulate. Security that disappears into the infrastructure. Compliance that happens automatically. Protection you never configure.
Three things mattered to both of us: security, compliance, and ease of use. Not as tradeoffs. As a unified north star. And underneath that, a conviction we didn't fully name until later.
The Conviction
The agentic future is coming whether security is ready or not.
Agents that browse, execute code, access databases, send emails, move money. Agents that act on your behalf with real consequences. The capability curve is steep. The security curve is flat.
Most people building AI systems don't think about prompt injection until it happens. Most enterprises don't think about multimodal attacks until an image compromises their pipeline. The threat surface is expanding faster than awareness.
We believe autonomous systems without invisible security will cause serious harm. Not hypothetical harm. Actual breaches, actual data leaks, actual financial loss.
That's the obsession. Not security as a feature. Security as a foundation. Protection so embedded it becomes assumed. The agentic world needs a layer that makes safety default, not optional.
Building & Converging
Building Together
We launched an easy way for developers to deploy AI applications to TEE environments. Think Vercel for secure AI. Over 80 teams and developers used it happily.
But expansion hit a wall. In mid-2025, most enterprises were still getting comfortable with AI itself. They were consuming AI through applications, not infrastructure. Our value proposition made sense at the enterprise level, but enterprises weren't ready to buy infrastructure yet. We decided to sunset that focus.
The Convergence
In the background, something else was happening. 2024 and 2025 saw a surge of agentic attacks. Big companies, small companies, all getting hit. Plugins compromised. Full applications exploited. The threat surface was expanding fast.
We started attending hackathons to test our hunches. AI4Hack in October. AGI House Gemini 3 Build Day in December. AI Tinkerers Secure Agent Buildathon that same month. Each time, we came home as winners.
We launched an open source MCP scanner on Hacker News. It sparked a heated debate among security veterans. That reaction told us we were onto something real. Last month, we fully converged on this path.
What We Are Building
Mighty is the multimodal agentic gateway for the autonomous world.
Threats are evolving beyond text. They're multimodal now. We are building the fastest, most secure layer to catch threats before they cause damage. Many agentic threats are invisible. We built the tooling to see them.
Just like a HEPA filter protects the air you breathe without you thinking about it, Mighty protects by sanitizing inputs and outputs. You don't configure it. It just works.
Citadel, our core product, is an API layer that protects AI applications from image, document, and text attacks. We are currently in private testing and invite you to apply.
Our Beliefs
These beliefs are why we started Mighty. They're not observations. They're convictions.
Security Must Be Invisible
The best security disappears. You don't configure SSL when you shop online. You just shop. AI security should work the same way. If developers have to think about it, adoption stalls. We're building for the world where security is assumed, not assembled.
The Attack Surface Is Exploding
Text was one vector. Now it's images, PDFs, audio, video. Each modality multiplies the threat surface. Agents that browse, execute code, and take actions create exponential risk. Most security tools were built for a text-only world. That world is gone.
Open Source Demands Open Security
DeepSeek R1 changed the game when it dropped a year ago. Enterprises are diversifying. Open source models will power a significant share of production AI. But open source models need open, interoperable security layers. Walled gardens won't protect a fragmented ecosystem.
Hardware Attestation Beats Paperwork
SOC2 is a checkbox. A signature on a compliance doc is someone's word. Hardware attestation through TEE is proof. No spying. No data training. Encryption you can verify. As AI touches more sensitive data, provable security becomes table stakes. Trust but verify is dead. Verify, then trust.
The Invisible Layer Wins
HEPA filters don't ask for configuration. They just clean the air. The companies that win in AI security will be the ones nobody thinks about because everything just works. That's the bar. That's what we're building toward.
What Comes Next
Every chapter was the same question: how do you build security that's so foundational it becomes invisible?
Phones answered it with secure enclaves. TEE answered it with hardware attestation. Agentic AI hasn't answered it yet.
That's what we're solving.
The breaches are already happening. Prompt injections in production. Malicious payloads hidden in images. Attacks that most teams don't detect until damage is done. And this is just the beginning. The vectors will grow in ways unthought and unimagined. Every new capability creates new attack surface. Every new modality opens new doors.
The agentic future needs an immune system. Not a static filter. A layer that adapts, learns, and responds to threats before they spread. A layer that lets builders build without carrying the security burden themselves.
That's Mighty. That's what we're here to do.
This is our story. This is our mission. And the best is ahead.