Ocean, an agentic email security platform, has emerged from stealth with $28m in total funding as enterprises face a growing wave of sophisticated, AI-generated phishing attacks.
The round was led by Lightspeed Venture Partners, with Picture Capital and Cerca Partners also participating. Angel investors include Assaf Rappaport of Wiz, Yevgeny Dibrov and Nadir Izrael of Armis, and Dor Knafo, former chief executive of Axis Security and general partner at Cyberstarts.
The funding marks the debut of what Ocean describes as the first AI-native email security platform founded on autonomous investigation. The platform is already deployed across hundreds of thousands of enterprise mailboxes, serving Global Fortune 500 clients including KAYAK, Kingston Technology, and Headspace, and is positioned as a direct replacement for legacy detection-based tools that Ocean argues are ill-equipped to handle modern, AI-powered threats.
At the heart of the platform is Ray, Ocean’s autonomous investigation engine. Rather than relying on pattern recognition or anomaly detection, Ray analyses each incoming email in real time — examining sender identity, message content, embedded links, technical infrastructure, and business context — to assess whether a message carries harmful intent. The approach is designed to allow security teams to catch fraud, impersonation, and targeted attacks that are engineered to appear legitimate.
Ocean was built on the premise that email remains the primary attack surface for enterprises, with more than 90% of successful cyberattacks originating from phishing. The company argues that AI has fundamentally altered the threat landscape by enabling attackers to produce highly personalised, contextually convincing messages at scale — stripping away the anomalies that traditional email security tools were designed to flag.
The platform automates investigation and response workflows, reducing the manual burden on security operations teams and enabling faster incident response. Ocean is already displacing established email security products within complex enterprise environments.
Ocean co-founder and CEO Shay Shwartz said, “The challenge is no longer just detecting malicious emails. It’s identifying harmful intent hidden inside messages that appear completely legitimate. Attackers now use AI to write flawlessly, reference real projects, and impersonate trusted colleagues, making it nearly impossible to spot the difference. Security teams end up spending too much time chasing outliers while the attacks that actually matter are designed to blend in. Ocean replaces surface-level filtering with AI agents that investigate every email, verify context, and identify malicious intent at scale.”
Lightspeed Venture David Gussarsky said, “We look for companies that break the way a market has worked for years. Email security is at that point. The old model of flagging suspicious signals is no longer enough. Ocean replaces that with autonomous investigation, analyzing every email for context and intent instead of relying on detection. That’s a real shift in how this category operates.”
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
