At the intersection of quantum computing and artificial intelligence, a new force is rising with serious implications for the future of cybersecurity. SandboxAQ, born out of Google’s deep tech incubator, is blending advanced cryptography, quantum sensing, and AI into solutions that are nothing short of transformational. With $450 million raised in a Series E round – bringing total funding to nearly $1 billion – the company is scaling up fast, and at RSAC 2025, they’ve arrived with a message that cuts through the noise.
Founded between 2017–2018 within Google, SandboxAQ emerged from a bold idea: tackle some of the world’s hardest problems by combining quantum tech with artificial intelligence.
By 2020, it became clear that the vision was more than theoretical. It was practical, lucrative, and urgent.
The team spun off into three focused divisions: Direct Discovery (focused on drug development and materials science), Quantum Navigation Devices (targeting aircraft and defense systems), and Quantum Sensing for Healthcare. And while all of these have AI and quantum underpinnings, it’s the CyberSecurity division – about 70 of the company’s 250 employees – that’s generating the most intrigue in the tech community right now.
SandboxAQ isn’t building in a vacuum. Their credibility comes not just from the intellectual horsepower behind them, but from their alliances: they’re working closely with Deloitte, Accenture, and Ernst & Young, while leveraging deep-rooted ties to Google and a powerful technical partnership with NVIDIA. These collaborations provide the data, platforms, and distribution to accelerate innovation across all three business units – but cybersecurity is where the stakes are highest and the spotlight is brightest.
SandboxAQ – AQtive Guard
“We’re addressing one of the most pressing challenges in cybersecurity today,” says Mark Manzano, General Manager of SandboxAQ. “As technology evolves, the infrastructure underpinning it becomes exponentially more complex – and fragile.”
SandboxAQ’s cybersecurity division is zeroing in on the growing threat surface created by non-human identities: service accounts, API keys, cryptographic tokens, ephemeral credentials. Anything that needs to authenticate and interact on a machine-to-machine level is fair game. And today’s traditional identity and access management (IAM) models simply aren’t built to handle this level of scale and entropy.
The core innovation SandboxAQ is introducing is called AQtive Guard. Inspired by Google’s internal security practices, AQtive Guard builds on a cryptographic foundation to unify machine and software identities across modern infrastructure. Think of it as the glue that binds identity to access control, certificate management, and automation in real time.
SandboxAQ – AQtive Guard Cryptography Dashboard
“No single piece of infrastructure inside Google is unsecured,” Manzano explains. “Everything is cryptographically signed, verified, and continuously monitored. That’s the standard we’re bringing to the enterprise.”
Here’s how it works: imagine a TLS certificate is about to expire on a business-critical application. Traditionally, this might go unnoticed until users start seeing errors – or worse, until services go offline. AQtive Guard, operating as part of a secure control plane, detects the expiring cert, replaces it automatically, and ensures continuous compliance with key management policies. It’s not just about automation – it’s about never letting the business fall out of step with security.
SandboxAQ Security Suite Dashboard
This isn’t just about certificates. AQtive Guard maps every identity – human or non-human – and provides ephemeral access scoped to the task at hand. Need an API key for a brief transaction? You get one, and it disappears after use. Service talking to service? They handshake through strong cryptographic identity rather than shared secrets or insecure tokens. This is machine IAM built for a quantum-ready future.
One of the smartest moves SandboxAQ is making is avoiding the trap of becoming a ‘rip and replace’ solution. Instead, they’re integrating with industry-leading platforms – starting with CrowdStrike, Palo Alto Networks, and ServiceNow. By ingesting data from these tools, AQtive Guard enhances threat visibility and makes cryptographic intelligence actionable within existing workflows.
What makes SandboxAQ’s story compelling isn’t just the tech. It’s the vision: to be the connective tissue across the modern identity ecosystem. As quantum computers advance, today’s encryption standards will inevitably be challenged. SandboxAQ is already building for that reality. And while AQtive Guard addresses today’s M2M identity crisis, it’s also laying the groundwork for post-quantum cryptography, zero-trust automation, and AI-augmented policy enforcement.
Conclusion
In the coming years, the organizations that thrive will be those that embed cryptographic intelligence into the DNA of their operations. SandboxAQ isn’t just building a product – they’re building a paradigm shift in how we think about trust, authentication, and resilience at scale. For CISOs and security architects watching from RSA, one thing is clear: this is the future, and it’s already in motion.
About the Author
Pete Green is the CISO / CTO of Anvil Works, a ProCloud SaaS company. With over 25 years of experience in information technology and cybersecurity, Pete is a seasoned and accomplished security practitioner.
Throughout his career, he has held a wide range of technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has supported clients across numerous industries, including federal, state, and local government, as well as financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. He also holds a Master of Business Administration in Informatics.
