In a global cybersecurity market worth billions, and growing faster as AI reshapes both attack and defense, a new crop of companies is trying to rethink how organizations protect themselves. One of them is Terra Security, led by co-founder and CEO Shahar Peled and CTO Gal Malachi.
Peled’s story is unusually bound up with the company’s pitch. Before founding Terra, he was injured on October 7 while risking his life to help people under attack in southern Israel. The experience appears to have sharpened, rather than softened, his instinct for high-stakes environments. The mindset that followed, operating under uncertainty, anticipating points of failure and adapting in real time, now sits at the center of Terra’s approach to cybersecurity.
Founded in 2024 by Peled and Malachi, Terra Security is built around a problem many large organizations already know well: defenders often struggle to test themselves the way real attackers would, especially at scale. That gap, the company argues, is only widening as AI expands the range and speed of adversarial threats.
For years, offensive security, including penetration testing and red teaming, has remained largely manual. It is expensive, periodic and often poorly matched to the pace of modern software development. In a world of continuous deployment, cloud infrastructure and fast-changing AI systems, checking for weaknesses once or twice a year no longer looks sufficient.
Terra is trying to challenge that model with what it calls agentic offensive security. Instead of treating security testing as a point-in-time exercise, the company has built a platform designed to validate systems continuously, in step with meaningful changes in code, configuration and attack surface.
The idea is not simply to automate scans. Terra uses coordinated AI agents meant to simulate real-world attackers in a continuous, adaptive and controlled way. According to the company, those agents do more than flag possible weaknesses. They are designed to test whether those weaknesses can actually be exploited, then surface only findings that are proven, relevant to the business and tied to real impact.
At the center of that effort is the Terra Platform™, which allows organizations to manage, monitor and respond to simulated attacks in real time. The aim is to shorten the distance between detection and remediation, helping security teams move faster from identifying a problem to fixing it. The company says the platform combines automation with human oversight, so AI handles scale and speed while experienced security professionals remain responsible for control, safety and accountability.
Peled is explicit about where he believes Terra differs from competitors pursuing fully autonomous models.
“The standard these days has to be production safety with a human in the loop,” he says.
His argument is straightforward. Fully autonomous agents can move quickly, but they can also cause outages, overwhelm teams with unverified alerts and generate reports that compliance auditors may reject. Manual penetration testing, by contrast, is generally safer but too slow for the pace of modern software. Terra’s bet is that the answer is not to choose one over the other, but to combine AI scale with human control.
That pitch has found an audience. In a relatively short period, Terra Security has raised more than $38 million and signed customers ranging from mid-sized companies to Fortune 100 enterprises across finance, health care and technology. Backers and industry executives see the company as one possible response to a growing challenge in cybersecurity: how to keep pace with attackers who are also becoming more automated and AI-driven.
Still, the company’s story is not only about funding or technology. At its core, it is also about how personal experience can shape a founder’s view of risk and readiness. Peled’s path, from a life-altering injury to leading a cybersecurity company built around constant validation, has given Terra a narrative that goes beyond product language. Resilience, adaptability and preparedness are not just themes in his biography. They are central to the company’s identity.
That may be why Terra’s broader argument lands with particular force now. In an environment where cyber threats are constant, fast-moving and increasingly machine-driven, the old model of treating security testing as a periodic checklist is under pressure. Terra is betting that security has to become continuous, closer in behavior to a real attacker and flexible enough to evolve just as quickly.
As that bet plays out, the company is positioning itself not simply as another cybersecurity startup, but as part of a wider shift in how organizations think about defense in the age of AI.
If you want, I can also give you two sharper alternate versions: one more magazine-style and one more business-profile style.
First published: 09:55, 04.22.26