Nemesis

Persistent Security is an EU-native cybersecurity company headquartered in Eupen, Belgium, building Nemesis, a Breach and Attack Simulation (BAS) platform with an AI Operator trained by reinforcement learning. Traditional BAS tools tell attackers what to expect by running static playbooks. Real adversaries don't read scripts. Our AI Operator probes customer environments the way an attacker would, adapting to every defence it meets, and getting smarter with every campaign. Nemesis runs continuous, MITRE ATT&CK-mapped attack campaigns and gives security teams board-ready evidence of what holds and what doesn't. A second deliberate design choice: we deploy agents on each distinct configuration in the environment (typically a small set of golden images), not on every individual endpoint. Every endpoint built from a given golden image shares the same software stack, patch level, EDR and group policy, so one validation point is representative of every endpoint built from that image. Time to first assessment drops from months to days. Operational overhead drops from thousands of agents to a handful. We are EU-native by design: DORA and NIS2 alignment is built into the platform, the team averages 15+ years of offensive security experience, and our pricing is structured to reach the under-served SME and mid-market segment that legacy BAS vendors price out. Today we serve customers across financial services, critical infrastructure, defence and healthcare, with 30+ MSSP partners covering DACH, BeNeLux, and the Nordics. We're currently raising our Seed round to scale the reinforcement-learning pipeline, expand the offensive research team, and saturate the European MSSP partner channel.