Dux, a startup developing an agentic exposure management platform designed to keep pace with AI-driven cyberattacks, has emerged from stealth after raising $9 million in seed funding, the company announced. The round was led by Redpoint, TLV Partners and Maple Capital, with participation from senior cybersecurity executives from CrowdStrike, Okta and Armis.
Dux operates in the United States and Israel.
Founded by Or Latovitz, Amit Nir and Nadav Geva, Dux aims to help organizations identify and eliminate security exposures before they can be exploited. The three founders are graduates of the Israel Defense Forces’ elite Talpiot program and previously led large-scale offensive and defensive cyber and AI initiatives for national agencies, including the development of operational systems deployed at national scale. Their work has earned multiple national innovation awards.
The new funding will be used to expand Dux’s research and development team in Tel Aviv, build out its U.S. go-to-market operations and accelerate development of the platform’s agentic AI capabilities, including exploitability analysis, lightweight mitigation and continuous exposure management. The company said its platform is already being used by major U.S. enterprises.
Dux is positioning its technology against a growing gap between how quickly vulnerabilities are exploited and how slowly organizations are able to remediate them. According to Mandiant, the average time between vulnerability disclosure and exploitation has dropped from 32 days to just five over the past two years, a trend further accelerated by the use of AI by attackers.
“These attacks don’t wait for patch cycles,” Latovitz said. “Defenders need rapid insight into what’s actually exploitable and the means to reduce those exposures effectively.”
The platform aligns with Gartner’s Continuous Threat Exposure Management framework, using AI agents to assess whether vulnerabilities are genuinely exploitable in a specific environment and to recommend the fastest effective mitigation. Rather than generating large volumes of alerts, Dux focuses on determining what poses an immediate risk and how to neutralize it quickly.
Investors said the approach represents a shift away from periodic scans and manual triage toward continuous, automated investigation. “Dux puts vulnerabilities in the context of their actual threat to a business,” said Erica Brescia, managing director at Redpoint, “and uses AI where speed and precision matter most.”