Resistine
AI-powered XDR cybersecurity assistant as Security-as-a-Service
Website: https://www.resistine.com/
Cover Block
PUBLIC
| Attribute | Value |
|---|---|
| Name | Resistine |
| Tagline | AI-powered XDR cybersecurity assistant as Security-as-a-Service |
| Headquarters | Berlin, Germany |
| Founded | 2023 |
| Stage | Pre-Seed |
| Business Model | SaaS |
| Industry | Cybersecurity |
| Technology | AI / Machine Learning |
| Geography | Western Europe |
| Growth Profile | Venture Scale |
| Founding Team | Repeat Founder |
| Funding Label | Undisclosed |
Links
PUBLIC
- Website: https://www.resistine.com/
- LinkedIn: https://www.linkedin.com/company/resistine
- X / Twitter: https://x.com/resistine
- GitHub: https://github.com/Resistine
Executive Summary
PUBLIC Resistine is an early-stage attempt to productize enterprise-grade threat detection and response for small and medium enterprises, a segment historically priced out of the market, by wrapping open-source tools and large language models into an AI assistant interface. The company, founded in Berlin in 2023 by repeat cybersecurity founder Petr Chmelar, aims to deliver extended detection and response (XDR) capabilities as an affordable, chat-based service, seeking to unify prevention, detection, and response across an organization's digital assets [Perplexity Sonar Pro Brief] [RocketReach].
The founding premise is straightforward: the founder's background in building network traffic analysis technology at his previous venture, GREYCORTEX, informs a product built on commodity components to lower costs [LinkedIn]. The core differentiator, as presented, is not a novel detection algorithm but an operational model that leverages automation and AI to reduce the need for in-house security expertise, targeting SMEs that lack dedicated security teams [Perplexity Sonar Pro Brief].
As of this report, Resistine operates in a classic pre-seed mode, with no disclosed funding rounds, named customers, or public traction metrics. The company has participated in the Founder Institute accelerator program, which suggests structured development is underway, but its online presence and commercial activity remain minimal [Founder Institute]. For investors, the next 12-18 months will be defined by the transition from technical prototype to commercial proof point, requiring validation of the service's efficacy, the acquisition of initial reference customers, and the securing of institutional capital to scale beyond founder-led development.
Data Accuracy: YELLOW -- Core company description and founder background are corroborated across multiple directories, but key commercial details (funding, customers) are absent from public records.
Taxonomy Snapshot
| Axis | Classification |
|---|---|
| Stage | Pre-Seed |
| Business Model | SaaS |
| Industry / Vertical | Cybersecurity |
| Technology Type | AI / Machine Learning |
| Geography | Western Europe |
| Growth Profile | Venture Scale |
| Founding Team | Repeat Founder |
Company Overview
PUBLIC
Resistine is a Berlin-based cybersecurity startup founded in 2023 by Petr Chmelar, a repeat founder with a long history in the field [Crunchbase]. The company's public positioning is straightforward: it aims to make enterprise-grade security accessible to organizations of all sizes by making it affordable and easy to use [Resistine]. Beyond its website and directory listings, the company maintains a GitHub organization with several repositories, indicating ongoing technical development [GitHub].
Key operational milestones are limited at this early stage. The company participated in the Founder Institute accelerator program in Germany, a common path for pre-seed ventures [Founder Institute]. There is no public record of funding rounds, customer deployments, or significant press coverage since its founding. The company's X account, created in October 2022, shows no posts as of the time of research.
Data Accuracy: YELLOW -- Company description confirmed via its own website and Crunchbase; accelerator participation noted. No independent verification of operational status or milestones.
Product and Technology
MIXED The product concept is an AI-powered assistant that packages extended detection and response (XDR) capabilities as a service. According to the company's public positioning, the goal is to make enterprise-grade security affordable and easy to use for organizations of all sizes, with a particular focus on small and medium enterprises [Resistine]. The assistant is described as unifying prevention, detection, and response across endpoints, clouds, and networks [RocketReach].
Delivery is positioned as a key differentiator. The service is intended to be consumed via accessible chat and email interfaces, aiming to lower the barrier to entry for teams lacking dedicated security expertise [Perplexity Sonar Pro Brief]. The underlying technology stack is reported to use open-source tools and large language models (LLMs) to power these interactions, which suggests a focus on cost-effective integration rather than proprietary, closed-box systems [Perplexity Sonar Pro Brief].
Public technical activity is visible primarily through the company's GitHub organization, which hosts 18 repositories [GitHub]. These include projects related to cybersecurity guides, a port of the ClamAV antivirus engine for macOS, and an open-source AI-powered web search engine. While these repositories demonstrate active development and an open-source ethos, they do not constitute a publicly available product demo or a detailed technical architecture for the core XDR assistant.
Data Accuracy: YELLOW -- Product claims are sourced from company directories and a web-grounded brief; technical activity is corroborated by GitHub. No independent third-party product reviews or detailed technical documentation are available.
Market Research and Opportunity
PUBLIC
The market for AI-powered security operations tools is expanding as small and mid-sized enterprises, historically underserved by complex enterprise platforms, face escalating threats with limited internal resources. Resistine's stated focus on affordable, easy-to-use XDR for SMEs places it within a growing segment of the broader cybersecurity market, though the company itself has not published specific market sizing claims.
Third-party research provides context for the broader opportunity. The global extended detection and response (XDR) market was valued at $1.7 billion in 2022 and is projected to reach $6.1 billion by 2028, growing at a compound annual growth rate of 23.8% [Mordor Intelligence, 2024]. This growth is driven by the increasing volume and sophistication of attacks, a shortage of skilled security personnel, and the need to consolidate disparate security tools. For SMEs, the total addressable market is more diffuse, but demand is catalyzed by the same pressures, often with a greater emphasis on cost and simplicity.
Key demand drivers for a service like Resistine's include the persistent rise in phishing and ransomware campaigns targeting smaller organizations, regulatory pressures such as the EU's NIS2 Directive which expands cybersecurity obligations to more sectors, and the operational need to manage security across hybrid cloud and on-premise environments without a large security team. The company's proposed delivery via chat and email interfaces suggests a bet on the adoption of conversational AI as a primary control plane for non-expert users, a trend gaining traction in adjacent IT support and DevOps tooling markets.
Adjacent and substitute markets are significant. The core XDR space competes with and often integrates components from endpoint detection and response (EDR), network detection and response (NDR), and security information and event management (SIEM) platforms. For SMEs, the competitive set also includes managed detection and response (MDR) services, which outsource the entire security operations function, and point solutions like antivirus or cloud security posture management tools. The success of an AI assistant model hinges on its ability to provide a comparable level of security efficacy to these established alternatives at a lower total cost of ownership and with less required expertise.
| Metric | Value |
|---|---|
| Global XDR Market 2022 | 1.7 $B |
| Global XDR Market 2028 (projected) | 6.1 $B |
| CAGR 2023-2028 (projected) | 23.8 % |
The projected growth rate for the XDR market indicates strong underlying demand, but the cited figures represent the total market, not the specific SME segment Resistine targets. The actual serviceable market for an affordable, AI-driven assistant is likely a fraction of this total, though it may be the fastest-growing segment within it.
Data Accuracy: YELLOW -- Market sizing from a single third-party report (Mordor Intelligence); company-specific SAM/SOM not available.
Competitive Landscape
MIXED
Resistine enters a cybersecurity market defined by established platform vendors and a new wave of AI-native challengers, positioning itself as a low-cost, easy-to-use assistant for resource-constrained SMEs. The company's public footprint is minimal, with no named competitors surfaced in available sources, which complicates a direct feature-by-feature comparison. This analysis maps the landscape based on the company's stated target and product claims.
In the extended detection and response (XDR) and managed security service provider (MSSP) segments, Resistine's primary competition comes from two distinct groups. The first is the incumbent suite vendors, such as CrowdStrike, SentinelOne, and Microsoft, which offer comprehensive platforms but at price points and complexity levels often prohibitive for small and medium enterprises. The second group comprises newer, developer-focused security operations platforms like Tines, Torq, and Splunk SOAR (now part of Cisco), which automate response but typically require significant security operations center (SOC) expertise to configure and maintain. Resistine's stated differentiation rests on delivering "enterprise-level security" through an affordable, chat-driven interface, ostensibly reducing the need for in-house expertise [Resistine, Unknown].
Where Resistine could claim a defensible edge today is in its founder's deep technical background in network traffic analysis and threat intelligence, a factor of talent and proprietary knowledge. Petr Chmelar invented and developed the core NTA technology for his previous venture, GreyCortex [LinkedIn]. This experience in building detection systems from the ground up, combined with the company's early open-source tooling visible on GitHub, suggests a technical foundation oriented around integration and automation. However, this edge is perishable without rapid customer acquisition and product validation; expertise alone does not create a commercial moat in a market where distribution and brand trust are paramount.
The company's most significant exposure is its lack of a clear distribution channel and its reliance on a business model (Security-as-a-Service via chat/email) that remains unproven at scale for XDR capabilities. It does not own a direct sales force, a partner MSSP network, or a marketplace presence within a major cloud platform. Furthermore, its approach of leveraging open-source tools and LLMs [Perplexity Sonar Pro Brief] could be replicated by other agile entrants or by incumbents adding conversational interfaces to their existing products, a trend already underway.
A plausible 18-month scenario sees the competitive landscape bifurcating. If Resistine can secure initial funding and demonstrate tangible risk reduction for a cohort of early SME customers, it could occupy a niche as a trusted, automated assistant for a specific vertical or region. The winner in this scenario would be a company like Resistine that proves the product-led, low-touch sales motion for mid-market XDR. Conversely, if customer adoption lags, the loser would be any undifferentiated, undercapitalized assistant that fails to move beyond a feature and becomes subsumed by broader platform updates from the major incumbents or by more aggressive venture-backed challengers.
Data Accuracy: YELLOW -- Competitive analysis is inferred from company claims and general market mapping; no direct competitor comparisons are available from public sources.
Opportunity
PUBLIC The prize for Resistine is the creation of a new, accessible security tier for the underserved small and midsize enterprise (SME) market, a segment historically priced out of enterprise-grade extended detection and response (XDR) capabilities.
The headline opportunity is to become the default, affordable security assistant for SMEs across Europe and beyond. The outcome is reachable not because of a novel AI model, but because of a specific operational approach: leveraging open-source security tools and large language models to deliver a unified service through simple chat and email interfaces [Perplexity Sonar Pro Brief]. This directly targets the core SME pain point of complexity and cost. The founder's background in building and commercializing network traffic analysis technology at GreyCortex provides a tangible link between past execution in a technical cybersecurity niche and the ambition to productize a broader suite [LinkedIn]. The opportunity is defined by execution on a known distribution and pricing problem, not by a speculative technological breakthrough.
We can map several concrete paths to scale. The following scenarios outline how Resistine could transition from an early-stage project to a significant platform.
| Scenario | What happens | Catalyst | Why it's plausible |
|---|---|---|---|
| Accelerator-Led Product-Market Fit | The company uses its participation in the Founder Institute Germany program to refine its MVP, secure initial angel funding, and onboard a cohort of pilot SMEs [Founder Institute]. | Graduation from the accelerator with a validated, paying customer base. | Founder Institute's structured curriculum and network are designed to pressure-test business models and facilitate early traction, providing a documented path for pre-seed companies. |
| Open-Source Community as a Lead Engine | Resistine's GitHub activity, which includes maintaining forks of security tools like ClamAV for macOS, attracts a community of security practitioners who become advocates and early adopters [GitHub]. | A key open-source tool gains widespread adoption, driving inbound interest for the commercial assistant. | Building credibility in open-source security is a established customer acquisition strategy in infrastructure software, lowering trust barriers for commercial sales. |
| Regional Standard in DACH SMEs | The company achieves deep penetration in German-speaking markets by tailoring its service and support to local compliance norms and business practices, becoming a known brand for Mittelstand companies. | A partnership with a regional managed service provider (MSP) or software distributor. | The founder's Central European background and the company's Berlin HQ provide natural market access and cultural alignment for this focused geographic push. |
What compounding looks like for Resistine is a data and workflow flywheel. Each new customer deployment generates unique telemetry across endpoints, clouds, and networks. This aggregated, anonymized data improves the detection algorithms and response playbooks within the AI assistant, making the service more effective for all users. This creates a classic data network effect: the service improves with scale, raising barriers for new entrants who lack comparable threat intelligence. Early evidence of this flywheel is not yet public, but the company's architectural premise,unifying prevention, detection, and response across multiple environments [RocketReach],is inherently designed to capture and use this data.
The size of the win can be framed by a credible comparable. SentinelOne, a publicly traded endpoint security and XDR platform, achieved a market capitalization exceeding $5 billion. While Resistine is targeting a different customer segment with a different delivery model, the underlying market need,consolidated, effective threat management,is analogous. If the "Regional Standard in DACH SMEs" scenario plays out, capturing even a single-digit percentage of the several million SMEs in that region at a modest average revenue per user could support a valuation in the high hundreds of millions. This is a scenario-based outcome, not a forecast, but it illustrates the use in the SME security market if a player successfully solves the affordability and usability equation.
Data Accuracy: YELLOW -- Core opportunity thesis is inferred from company positioning and founder background; specific growth catalysts and market size are not yet demonstrated with public customer or revenue data.
Sources
PUBLIC
[Crunchbase] Resistine - Crunchbase Company Profile & Funding | https://www.crunchbase.com/organization/resistine
[Resistine] Resistine | https://www.resistine.com/
[GitHub] Resistine · GitHub | https://github.com/Resistine
[LinkedIn] Resistine | https://www.linkedin.com/company/resistine
[RocketReach] Resistine Information | https://rocketreach.co/resistine-profile_b73a1e7ac7fc0065
Resistine (@resistine) / X | https://x.com/resistine
[Crunchbase] Petr Chmelar - Founder @ Resistine - Crunchbase Person Profile | https://www.crunchbase.com/person/petr-chmelar
[Founder Institute] Founder Institute Germany - The Worlds Largest Pre-Seed Accelerator | https://founderinstitute.berlin/
[LinkedIn] Petr Chmelar - Founder, engineer and researcher in CyberSecurity and AI. | LinkedIn | https://www.linkedin.com/in/chmelarp/
[Perplexity Sonar Pro Brief] |
[Mordor Intelligence, 2024] |
[Crunchbase] GREYCORTEX - Crunchbase Company Profile & Funding | https://www.crunchbase.com/organization/greycortex
Articles about Resistine
- Resistine Is Becoming the AI Chatbot for SME Cybersecurity — The Berlin-based startup aims to deliver XDR capabilities through affordable, chat-based interfaces.