Evidence-bound summary — expand sections for movement, risks, and signals.
Memo snapshot · May 19, 2026, 8:19 PM
GhostEye | Vulnerability Management for the Human Layer Human vulnerability management from GhostEye
Seed (YC)
Verified facts
HTTP 404
HTTP 404
HTTP 404
HTTP 404
HTTP 404
Nexus score momentum
More runs will build history.
Latest momentum signal per category. Expand a card to inspect raw payloads.
Source types found
Strongest / recent news-style rows
About GhostEye | The Team Behind Human-Layer Security
About / company · Mon, May 11, 04:57 AM · confidence 90%high quality
https://www.ghosteye.ai/companyNewest first · 17 event(s)
Source: Blog / news
Visit Booth 600, attend Mohammad Eshan's session on help desk compromise, or meet with the team during the conference.
Source: Blog / news
Across more than 1,000 IVR tests, nearly half leaked enough intelligence to compromise a help desk in under 20 minutes. If the phone system can validate identities and preview the help desk's questions, it belongs inside your security boundary.
Source: Blog / news
Most IVRs reveal which accounts are real, how teams are organized, and what language the company uses before a caller ever reaches an employee. That gives attackers a reconnaissance layer most security programs never test.
Source: Blog / news
GhostEye tests whether outsourced help desks will reset passwords or bypass MFA for convincing callers using AI voice simulations, attacker-grade context, and behavior-based risk scoring.
Source: Blog / news
GhostEye leads this category for financial services by combining attacker-style reconnaissance, adaptive simulations, and human-risk scoring to test vendor impersonation, executive fraud, and deepfake-driven social engineering.
Source: Blog / news
One-click phishing reporting for Google Workspace and Microsoft Outlook that sends suspicious emails to security, removes them from the inbox, and turns employee reports into usable risk data inside GhostEye.
Source: Blog / news
GhostEye uses OSINT and public digital footprints to generate template-free, personalized phishing simulations based on the same reconnaissance patterns real attackers use.
Source: Blog / news
Awareness training and technical controls leave a gap attackers still exploit through the help desk, the inbox, and routine business workflows. GhostEye exists to test those paths before a real intrusion does.
Source: Blog / news
Help desk compromise usually starts well before the call. By the time an agent picks up, the attacker may already have validated identities, mapped the org, and rehearsed the verification path through the IVR.
Source: Blog / news
Visit Booth ESE-14, attend Mohammad Eshan's session, or join us at Alchemy After Hours. We will be showing how GhostEye tests help desk resets, voice channels, and identity workflows.
Source: Blog / news
GhostEye uses AI voice agents to call IT support, impersonate employees, and test whether help desk workflows will allow password resets or MFA bypass under social engineering pressure.
Source: Blog / news
Static phishing templates do not keep up with AI-generated phishing, deepfakes, and multi-channel social engineering. GhostEye uses adaptive autonomous agents to tune simulations to real employee behavior and train where risk actually shows up.
Source: Blog / news
Explore GhostEye resources: blog posts, threat intelligence, glossary, and research on social engineering, human risk management, and cybersecurity defense.
Source: About / company
GhostEye was founded by ex-BlackRock Red Team and AI engineers to test the employee-facing workflows attackers still exploit. Based in New York City, backed by Y Combinator.
Source: Careers
Join the team building the future of human risk management. Reach out at careers@ghosteye.ai.
Source: Homepage
Human vulnerability management from GhostEye. Test whether attackers can move money, reset access, or bypass identity workflows through your people, vendors, and help desks.
Source: Social (linked from site)
GhostEye | LinkedIn Skip to main content LinkedIn Top Content People Learning Jobs Games Sign in Join now
1 row(s)
Source name: Homepage
Human vulnerability management from GhostEye. Test whether attackers can move money, reset access, or bypass identity workflows through your people, vendors, and help desks.
https://www.ghosteye.ai/1 row(s)
Source name: About / company
GhostEye was founded by ex-BlackRock Red Team and AI engineers to test the employee-facing workflows attackers still exploit. Based in New York City, backed by Y Combinator.
https://www.ghosteye.ai/company1 row(s)
Source name: Careers
Join the team building the future of human risk management. Reach out at careers@ghosteye.ai.
https://www.ghosteye.ai/careers1 row(s)
Source name: Social (linked from site)
GhostEye | LinkedIn Skip to main content LinkedIn Top Content People Learning Jobs Games Sign in Join now
https://www.linkedin.com/company/ghosteye-security/13 row(s)
Source name: Blog / news
Visit Booth 600, attend Mohammad Eshan's session on help desk compromise, or meet with the team during the conference.
https://www.ghosteye.ai/resources/blog/visit-us-at-secureworld-boston-2026Source name: Blog / news
Across more than 1,000 IVR tests, nearly half leaked enough intelligence to compromise a help desk in under 20 minutes. If the phone system can validate identities and preview the help desk's questions, it belongs inside your security boundary.
https://www.ghosteye.ai/resources/blog/the-voice-channel-is-the-new-perimeterSource name: Blog / news
Most IVRs reveal which accounts are real, how teams are organized, and what language the company uses before a caller ever reaches an employee. That gives attackers a reconnaissance layer most security programs never test.
https://www.ghosteye.ai/resources/blog/the-recon-nobodys-testing-forSource name: Blog / news
GhostEye tests whether outsourced help desks will reset passwords or bypass MFA for convincing callers using AI voice simulations, attacker-grade context, and behavior-based risk scoring.
https://www.ghosteye.ai/resources/blog/software-to-test-outsourced-help-desk-password-resets-and-mfa-bypassSource name: Blog / news
GhostEye leads this category for financial services by combining attacker-style reconnaissance, adaptive simulations, and human-risk scoring to test vendor impersonation, executive fraud, and deepfake-driven social engineering.
https://www.ghosteye.ai/resources/blog/security-simulation-tools-financial-services-vendor-executive-impersonationSource name: Blog / news
One-click phishing reporting for Google Workspace and Microsoft Outlook that sends suspicious emails to security, removes them from the inbox, and turns employee reports into usable risk data inside GhostEye.
https://www.ghosteye.ai/resources/blog/phishing-alert-buttonSource name: Blog / news
GhostEye uses OSINT and public digital footprints to generate template-free, personalized phishing simulations based on the same reconnaissance patterns real attackers use.
https://www.ghosteye.ai/resources/blog/osint-public-digital-footprints-personalized-phishing-testsSource name: Blog / news
Awareness training and technical controls leave a gap attackers still exploit through the help desk, the inbox, and routine business workflows. GhostEye exists to test those paths before a real intrusion does.
https://www.ghosteye.ai/resources/blog/manifestoSource name: Blog / news
Help desk compromise usually starts well before the call. By the time an agent picks up, the attacker may already have validated identities, mapped the org, and rehearsed the verification path through the IVR.
https://www.ghosteye.ai/resources/blog/from-dial-tone-to-domain-adminSource name: Blog / news
Visit Booth ESE-14, attend Mohammad Eshan's session, or join us at Alchemy After Hours. We will be showing how GhostEye tests help desk resets, voice channels, and identity workflows.
https://www.ghosteye.ai/resources/blog/connect-with-ghosteye-at-rsac-2026Source name: Blog / news
GhostEye uses AI voice agents to call IT support, impersonate employees, and test whether help desk workflows will allow password resets or MFA bypass under social engineering pressure.
https://www.ghosteye.ai/resources/blog/ai-voice-agents-to-test-help-desk-password-reset-attacksSource name: Blog / news
Static phishing templates do not keep up with AI-generated phishing, deepfakes, and multi-channel social engineering. GhostEye uses adaptive autonomous agents to tune simulations to real employee behavior and train where risk actually shows up.
https://www.ghosteye.ai/resources/blog/adaptive-autonomous-agents-for-security-awarenessSource name: Blog / news
Explore GhostEye resources: blog posts, threat intelligence, glossary, and research on social engineering, human risk management, and cybersecurity defense.
https://www.ghosteye.ai/resources/blogSign in as an active team member to view private notes, watchlist controls, transcript evidence, and interaction history.