BreachRx is a San Francisco-based cybersecurity company offering the first intelligent incident response platform designed to deliver operational resilience across the entire enterprise. The platform transforms incident response from a crisis-driven, siloed process into a coordinated, routine business function that adapts to evolving regulations, controls, policies, and contracts. BreachRx automates the generation of tailored incident response plans, guiding relevant stakeholders through every phase of an incident, before, during, and after, while ensuring compliance and protecting executive leadership from personal liability. The company’s patented technology integrates privileged communication channels and audit trails, enabling organizations to efficiently manage incident response, reduce risk, and meet the demands of rapidly changing regulatory environments.
Leadership
BreachRx was founded by:
Andy Lunsford – CEO & Co-Founder Andy Lunsford serves as Chief Executive Officer and co-founder of BreachRx. He brings over 15 years of experience in privacy law, large-scale commercial litigation, and compliance. Andy leads the company’s vision to transform incident response into a proactive, business-wide discipline.
Matt Hartley – Chief Product Officer & Co-Founder Matt Hartley is Chief Product Officer and co-founder. With more than 20 years of experience in cybersecurity, threat intelligence, cyber warfare, and product management, Matt drives product innovation and engineering at BreachRx. His background includes senior leadership roles at FireEye and iSIGHT Partners, as well as service in the United States Air Force.
This founding team combines deep expertise in cybersecurity, legal compliance, engineering, and large-scale incident response to deliver BreachRx’s intelligent, automated platform for operational resilience.
Advisory and Board Members
Joe Sullivan, Senior Advisor: Former Chief Security Officer at Uber, providing strategic guidance based on real-world incident response leadership.
Tim McKnight, Board Member: Former CSO at SAP and partner at SYN Ventures, contributing deep expertise in enterprise security and compliance.
Art Coviello, Board Observer: Former CEO of RSA and managing partner at SYN Ventures, offering decades of leadership in cybersecurity innovation.
Core Technologies
Intelligent Incident Response Platform BreachRx’s patented platform automates the creation of dynamic, actionable incident response plans tailored to each incident and organization. It provides targeted, step-by-step guidance to stakeholders, ensuring a coordinated and compliant response.
Rex AI™ A generative AI engine that leverages platform data and the Cyber RegScout™ legal library to deliver real-time, intelligent recommendations to all stakeholders. Rex AI streamlines incident response by automating complex processes, improving accuracy, and reducing the burden on technical teams.
Cyber RegScout™ An automated analysis tool that helps organizations determine regulatory requirements and compliance obligations for every incident. It covers over 200 global incident reporting regulations, ensuring that response activities align with legal deadlines and standards.
Privileged Communication & Audit Trails Integrated secure communication channels and comprehensive audit logs maintain legal privilege, support regulatory compliance, and provide defensible records for executive protection.
Automated Task Assignment & Collaboration The platform automatically assigns tasks to team members, tracks progress, and coordinates efforts in real time, maximizing efficiency and accountability.
Key Capabilities
Automated, tailored incident response plans for any type of breach or incident
Real-time, AI-powered recommendations for all stakeholders
Compliance management with up-to-date regulatory requirements and deadlines
Privileged, secure communication and collaboration during incidents
Comprehensive audit trails for regulatory and legal defense
Rapid incident recovery, reduced risk, and operational cost savings
Dynamic readiness and proactive risk reduction through continuous improvement and tabletop exercises
Investors
BreachRx is a privately held company. In April 2024, it closed a $6.5 million seed round led by SYN Ventures, with participation from Overline. The company is backed by industry leaders and venture capitalists specializing in cybersecurity innovation. Specific valuation figures have not been disclosed.
Notable Clients
BreachRx serves more than 70 customers, including publicly traded and Fortune 500 companies. Its platform is used by security, legal, and compliance leaders in highly regulated industries to automate incident response, run cyber tabletop exercises, and ensure compliance with global privacy and cybersecurity regulations.
Competitors
Company Name
Description
Palo Alto Networks (Cortex XSOAR)
Security orchestration, automation, and response platform for enterprise incident management.
IBM Security QRadar SOAR
Incident response and orchestration for security operations centers.
Rapid7 InsightConnect
Security automation and orchestration platform for incident response.
Swimlane
Low-code security automation for incident response and SOC workflows.
D3 Security
SOAR platform with automated playbooks and compliance-focused incident response.
Resilient (an IBM Company)
Incident response platform focused on workflow automation and regulatory compliance.
