Ocean, a new cybersecurity startup focused on AI-native email protection, has officially emerged from stealth with $28 million in total funding. The round was led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners. The company also attracted a notable group of angel investors from the cybersecurity industry, including Assaf Rappaport of Wiz, Yevgeny Dibrov and Nadir Izrael of Armis, and Dor Knafo, former CEO of Axis Security.
The company positions itself as the first “Agentic Email Security” platform, a category built around autonomous AI investigation rather than traditional detection-based filtering. Ocean argues that conventional email security tools are no longer effective against modern AI-powered phishing attacks, where malicious emails increasingly resemble legitimate business communication.
Email remains the most common entry point for enterprise breaches, with more than 90% of successful cyberattacks reportedly beginning with phishing attempts. Historically, highly targeted spear-phishing campaigns required substantial manual effort from attackers. Generative AI has dramatically shifted that balance, allowing threat actors to create personalized, context-aware phishing emails in seconds and at massive scale.
According to Ocean CEO and co-founder Shay Shwartz, the central challenge has evolved from identifying suspicious patterns to understanding malicious intent hidden inside otherwise normal-looking communication.
“Attackers now use AI to write flawlessly, reference real projects, and impersonate trusted colleagues, making it nearly impossible to spot the difference,” Shwartz said. “Security teams end up spending too much time chasing outliers while the attacks that actually matter are designed to blend in.”
Ocean’s platform introduces an autonomous investigation engine called Ray, designed to analyze every inbound email in real time. Instead of relying solely on indicators like suspicious domains or known malicious signatures, Ray evaluates sender behavior, message content, embedded links, technical infrastructure, and broader organizational context before determining whether an email can be trusted.
The company says this approach enables detection of sophisticated impersonation campaigns, business email compromise attempts, and fraud operations that often evade traditional secure email gateways.
Ocean claims the platform is already deployed in enterprise environments and currently protects hundreds of thousands of employee mailboxes globally. Customers reportedly include KAYAK, Kingston Technology, and Headspace.
The startup also revealed significant scale metrics for its first year of operation. Ocean says it has scanned more than one billion emails overall and now processes over one billion emails per month.
Investors backing the company believe email security is undergoing a structural transition driven by artificial intelligence.
“We look for companies that break the way a market has worked for years,” said David Gussarsky of Lightspeed Venture Partners. “The old model of flagging suspicious signals is no longer enough. Ocean replaces that with autonomous investigation, analyzing every email for context and intent instead of relying on detection.”
Mike Fey, CEO of Island and GP at Picture Capital, emphasized the founders’ offensive cybersecurity background as a major factor behind the investment.
“What drew us to this team is that they came from the offensive side,” Fey said. “They know this world because they used to operate in it. Now they’re using AI to solve the problem once and for all.”
Ocean was founded in 2024 by Shay Shwartz and Oran Moyal, both of whom come from advanced cybersecurity and AI research backgrounds. The company operates from New York City and Tel Aviv.
The launch reflects a broader shift across the cybersecurity industry, where vendors are increasingly moving beyond static detection systems toward AI-driven autonomous analysis. As generative AI continues lowering the barrier for sophisticated phishing attacks, enterprise security platforms are under growing pressure to understand intent, context, and behavior rather than relying solely on known threat signatures.
For the email security market, that may represent one of the biggest architectural changes in years. A bit early to say who wins, maybe, but the direction feels increasingly unavoidable.
Leave a Reply