Shay Shwartz knows a lot about email phishing attacks. As a teenager, he made money as a hacker, but after he got caught at 16, he realized he could use his cyber talents to prevent attacks instead of launching them.
He went on to spend about a decade in top cyber roles, leading major projects for Israel’s elite defense and intelligence units, including work tied to the Iron Dome project, before joining Axis, the startup later acquired by HPE.
All along, he’s been itching to start his own startup, and two years ago, he finally took the plunge.
Ocean’s startup, an email security platform built to combat AI-based attacks, has just emerged from stealth mode with $28 million in total funding. The round was led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners. High-profile angel investors also participated in the round, including Wiz co-founder and CEO Assaf Rappaport, as well as Yevgeny Dibrov and Nadir Israel, co-founders of Armis, which recently sold to ServiceNow for $7.75 billion.
While established vendors like Proofpoint and Mimecast, along with newer players like Abnormal Security, help detect typical phishing attacks, Shwartz (pictured right next to co-founder and CTO Oran Moyal) argues that AI requires a different defensive approach.
In the past, only very sophisticated hackers could launch spear-phishing due to the enormous amount of time, research and manual work required to launch targeted attacks.
“Artificial intelligence has just made the whole process automatic, so the scale is much, much greater now,” Swartz told TechCrunch. “I can instruct LLM to go and figure out exactly who you are, collect a large amount of public information and create these very targeted phishing attacks against you.”
Ocean claims its AI can thoroughly analyze the context of every incoming email to detect fraud and impersonation attempts.
The startup already reviews billions of emails each month for clients including Kayak, Kingston Technology and Headspace.
Shwartz said Ocean built a small language model tailored to quickly analyze emails, understand the sender’s intent and evaluate it against the user’s specific organizational context.
“It’s like having a guard at every door,” Schwartz said. “This is how we make inbox a safe place with high hygiene.”
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.
