Ocean Security, a startup developing an AI agent-based email security platform, announced on Tuesday that it has raised $28 million, including $8 million in seed funding and the remainder in a Series A round led by Lightspeed Venture Partners.
Participants included Picture Capital, the fund of Island founders Mike Fey and Dan Amiga, Transmit founders Rakesh Loonkar and Mickey Boodaei, and Cerca Partners. Angel investors included Assaf Rappaport, CEO of Wiz, Armis founders Yevgeny Dibrov and Nadir Izrael, and Dor Knafo, CEO of Axis Security.
Ocean describes itself as the world’s only agentic email security platform. The company says it scanned more than one billion emails in its first year and now processes a similar volume each month, protecting hundreds of thousands of inboxes worldwide. According to the company, its platform has already helped prevent attacks that could have cost customers tens of millions of dollars.
Studies show that more than 90% of cyberattacks begin with phishing emails. The tactic remains one of the main attack vectors and is often used as an entry point into organizations. In recent years, phishing attacks have grown sharply in scale and effectiveness, with a 400-fold increase in attack volume, a 43% rise in social engineering breaches and a 60% increase in clicks on malicious links.
AI versus AI
Ocean says it is creating a new category in email security: an agentic platform based on AI agents that investigate every email in real time, similar to a human security analyst. Instead of relying on pattern recognition or anomaly detection, the system analyzes organizational context, sender identity, content and links to identify phishing and social engineering attacks.
The AI agents conduct deep investigations of incoming communications and make real-time decisions aimed at stopping attacks before they materialize.
The funding marks the company’s shift from proof of concept to business scale-up, including investment in proprietary AI research and development, expansion of US sales and marketing teams and plans to triple headcount within a year.
Ocean positions its model as a replacement for existing email security solutions rather than an add-on. The company focuses on deep integration into customer environments through rapid connections to Google Workspace and Microsoft 365, while detecting threats and reducing security teams’ operational costs.
Its technology centers on three key components: reducing financial fraud risks and time losses, lowering false positives and cutting budgets through tool consolidation. For CISOs, Ocean presents itself as infrastructure that reduces reliance on multiple licenses and external services.
An attacker’s perspective
Ocean was founded in 2024 by CEO Shay Schwartz and CTO Oren Moyal, AI and cybersecurity experts who met through the Defense Ministry’s Magshimim youth excellence program. The two served in elite intelligence units and later established a joint unit for the Israeli military and the Shin Bet, where they led major projects over four years, earning personal awards and the Israel Defense Prize.
The company idea emerged from their work in the security establishment, where they identified a lack of effective defenses against targeted email phishing attacks.
“Shay and I spent years managing offensive social engineering operations, and we are building defense from the attacker’s point of view,” said Moyal. “That is a rare perspective in this category and it is reflected in the product.”
Ocean operates in a crowded market filled with established players and built-in cloud platform tools. The company positions itself as a “third generation” of email security: moving beyond pattern and anomaly detection toward investigating intent and business context through AI agents.
Moyal said the company has delivered results that surprised customers in head-to-head deployments, replacing traditional and second-generation vendors while significantly reducing false positives. He added that the platform integrates deeply into customer workflows and was designed as part of the organization’s broader work and security ecosystem rather than as a standalone tool.
A market breaking point
Investors say the combination of a team with offensive cyber expertise and proprietary AI made Ocean an attractive investment. David Gussarsky of Lightspeed described the company’s founding moment as a “breaking point” for the market — a stage where the assumptions behind existing solutions no longer hold and the opportunity for rapid growth opens up.
The company said the capital will be directed toward three growth tracks: developing AI tools and improving automated investigation capabilities, expanding the workforce to roughly triple its size within about a year and increasing sales and marketing presence in the U.S.
Business-wise, the move is intended to accelerate proof-of-value deployments and convert trial customers into paying clients, with a focus on sensitive sectors such as finance and digital services.
The strategy also includes building a senior management team with company-scaling experience to guide Ocean’s transition from startup to global-scale business. The company’s goal is to become a critical-layer provider in enterprise security infrastructure and build a recurring revenue model with additional complementary services in the future.
Ocean’s funding round underscores investor confidence in the email security market in the AI era. The company is pitching a model focused directly on organizations’ cost-benefit considerations: replacing traditional solutions, reducing pressure on security teams and delivering proactive protection based on understanding intent and business context.
“Our goal is not only to stop attacks,” said Schwartz, “but to restore organizations’ ability to trust their communications and operate with confidence.”