Audn.AI's 120B-Parameter Red Team Aims to Jailbreak the Voice Agent

The security startup is running thousands of adversarial calls a day to find the vulnerabilities in your AI's tone of voice.

By

About Audn.AI

Published

You dial the number, and a pleasant, automated voice answers. You ask a simple question, then another, your tone shifting, your words beginning to twist. You are not a customer. You are a piece of code named Pingu, and your job is to find the crack in the agent’s polite facade, the moment where a well-trained model can be persuaded to give up a one-time password or route a call to a forbidden extension. This is the daily work of Audn.AI, a security startup that has built an automated adversary to live inside the phone lines, chat windows, and browsers where AI agents now operate [Audn.AI homepage].

The Adversarial Loop

Audn.AI’s core proposition is a continuous, automated red-teaming service. It runs what the company calls a “closed adversarial loop” where one AI, the Red Team, attacks a customer’s AI agent, while another, the Blue Team, validates and scores each finding [Audn.AI homepage]. The platform is designed to execute thousands of these adversarial interactions per day across text and voice, probing for novel attacks like prompt injection, voice cloning, data exfiltration, and social engineering [Audn.AI homepage]. For voice agents,a particular focus,it simulates multi-turn adversarial calls complete with deepfake voices, background noise, and attempts to escape interactive voice response (IVR) systems [Audn.AI - $1105 last 30 days]. The goal is not just to find bugs, but to map every vulnerability to established compliance frameworks like OWASP, NIST, and the EU AI Act, delivering an audit-ready evidence pack within 24 hours [Audn.AI homepage] [Audn.AI - $1105 last 30 days].

The Tools in the Kit

The platform’s capabilities are bundled into a suite of tools with distinct, color-coded roles. This structure allows it to sell into different parts of a security organization’s workflow, from initial penetration testing to ongoing runtime defense.

  • Audn Red (Attack Corpus). This is the offensive engine, containing a reported library of over 50,000 attack techniques with more than 500 new ones added daily. The company claims it has tested over 200 models with a 94% success rate in vulnerability detection [Audn.AI Audn Red].
  • Audn Purple (RL-SEC Hardening Loop). This tool represents the learning cycle, where findings from Red are used to reinforce and harden the defending Blue AI's models.
  • Audn Blue (Real-Time Defense). This component acts as the runtime guardrail, designed to block identified attack paths in production environments [Audn.AI homepage].
  • Audn Red Voice. A specialized module for voice-agent red teaming that integrates with platforms like Twilio, Genesys, and Amazon Connect [Audn.AI Voice AI Red Teaming].

At the heart of this operation is Pingu Unchained, a 120B-parameter, uncensored large language model specifically trained for red team and penetration testing workflows [Audn.AI Pingu Unchained]. Described as a tool for researchers who need to “ask questions that mainstream LLMs are trained not to answer,” Pingu provides the reasoning backbone for understanding complex agent interactions and decision flows during security tests [19 large language models redefining AI safety,and danger | InfoWorld] [r/cybersecurity on Reddit].

The Early-Stage Reality

For all its technical ambition, Audn.AI operates with a notably thin public footprint. The company’s claims about being founded by security engineers from Wayve, Meta, and Microsoft are currently self-reported and uncorroborated by independent sources [Audn.AI homepage]. There is no verifiable funding history, named customer base, or major press coverage in the public record. A third-party site estimated its monthly revenue at $1105, suggesting a very early, perhaps bootstrapped, stage of commercialization [Trustmrr.com]. This lack of external validation is the company’s most immediate hurdle; in enterprise security, trust is the primary currency, and it is built through proven customer deployments and investor confidence.

The competitive landscape is also unformed but inevitable. As AI agents become critical infrastructure, every major cloud security provider and incumbent cybersecurity firm will develop or acquire similar capabilities. Audn.AI’s bet is that by focusing exclusively on the novel attack surfaces of agentic AI,especially voice,and building a deeply technical, automated product from the ground up, it can move faster and with more specificity than broader platforms. Its integration targets for voice (Twilio, Genesys, Amazon Connect) indicate a wedge into the contact center and customer service automation market, a multi-billion-dollar sector where a security breach could be catastrophic [Audn.AI Voice AI Red Teaming].

What to Watch in the Next Twelve Months

The coming year will be about moving from technical demonstration to commercial proof. Key signals to track will be the announcement of a first institutional funding round, which would provide both capital and a reputational stamp, and the disclosure of initial design partners or pilot customers. The company’s ability to transition from a powerful research tool (Pingu) to a standardized, scalable SaaS platform will be critical. Furthermore, as regulatory frameworks like the EU AI Act move from theory to enforcement, demand for the compliance evidence packs Audn.AI promises could see a sharp increase.

Ultimately, Audn.AI is answering a cultural question that arrives with every new interface: who tests the tester? As AI ceases to be a tool we use and becomes a voice we converse with, a partner we delegate to, the vulnerability shifts from the code to the conversation itself. The startup is betting that security can no longer be a scan run at the end of a sprint, but must be a persistent, whispering counter-voice in the ear of every agent, constantly asking, “What if I asked it this way?”

Sources

  1. [Audn.AI, retrieved 2024] Audn.AI homepage | https://audn.ai/
  2. [Audn.AI, retrieved 2024] Audn Red - AI Penetration Testing & Attack Corpus | https://audn.ai/audn-red
  3. [Audn.AI, retrieved 2024] Voice AI Red Teaming | https://audn.ai/red-voice
  4. [Audn.AI, retrieved 2024] Introducing Pingu Unchained: The Unrestricted LLM for High-Risk Research | https://blog.audn.ai/posts/pingu-unchained
  5. [Trustmrr.com, retrieved 2026] Audn.AI - $1105 last 30 days | https://trustmrr.com/startup/audn-ai
  6. [InfoWorld, retrieved 2026] 19 large language models redefining AI safety,and danger | https://www.infoworld.com/article/3721230/19-large-language-models-redefining-ai-safety-and-danger.html
  7. [r/cybersecurity on Reddit, retrieved 2026] Which AI should i use to learn? | https://www.reddit.com/r/cybersecurity/comments/1nukeiw/yesterday_i_was_using_ai_to_persuade_another_ai/
  8. [r/cybersecurity on Reddit, retrieved 2026] I went through every AI agent security incident from 2025 and fact-checked all of it. | https://www.reddit.com/r/cybersecurity/comments/1nukeiw/yesterday_i_was_using_ai_to_persuade_another_ai/

Read on Startuply.vc