From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

An inbox notification pings with an urgent request from a high-level executive demanding an immediate wire transfer. The language is flawless, the tone is authoritative, and there are no suspicious links to trigger traditional spam filters. This represents the new frontier of social engineering: hyper-personalized digital deception designed to bypass standard security protocols by masquerading as legitimate human interaction.

The Rise of AI Phishing

The landscape of cyber threats has shifted from manual labor to algorithmic precision. Historically, executing a successful spear-phishing campaign required intensive research; an attacker had to manually harvest data to make a ruse believable. Today, Large Language Models (LLMs) have transformed this process into a scalable, automated industry.

Shay Shwartz, the founder of Ocean, notes that attackers can now instruct AI to scrape vast amounts of public information to build targeted profiles in seconds. This automation removes the human bottleneck, allowing for a massive scale of sophisticated attacks previously reserved for elite hacking collectives. The threat is no longer just about volume; it is about the intelligence of every individual message.

While industry giants like Proofpoint and Mimecast have mastered traditional pattern detection, they face a new hurdle: AI-generated content lacks the "fingerprints" of old-school scams. To counter this, Ocean has emerged from stealth mode with $28 million in funding to pioneer an agentic approach to email security.

From Iron Dome Research to Advanced Email Defense

The technical foundation of Ocean is built on a unique trajectory of high-stakes expertise. Shwartz’s background spans from teenage hacking—providing him an intimate understanding of the attacker's mindset—to a decade spent in Israel’s elite defense and intelligence units. His previous work involved critical infrastructure, including connections to the Iron Dome project, where the margin for error is near zero.

To combat modern threats, Ocean utilizes a specialized defensive architecture:

• Small Language Models (SLMs): Instead of massive, general-purpose LLMs, Ocean employs compact, highly tuned models designed for rapid email analysis.
• Contextual Intent Analysis: The system evaluates the intent behind every message against the specific organizational context of the user.
• Real-time Hygiene Monitoring: Acting as a digital guard, the platform scans for subtle impersonation attempts that deviate from established communication norms.

This methodology moves beyond simple pattern matching and into behavioral intelligence. By understanding what "normal" looks like for a specific organization, Ocean can identify when a message is fundamentally fraudulent based on its intent, even if the grammar is perfect.

Scaling Security in an AI-Driven Era

The financial backing behind Ocean signals a massive vote of confidence from the cybersecurity community. The $28 million funding round was led by Lightspeed Venture Partners, with support from Picture Capital and Cerca Partners. Notable angel investors include Wiz co-founder Assaf Rappaport and the founders of Armis.

The platform is already battle-tested in live environments, reviewing billions of emails every month for a diverse client base, including:

• Kayak
• Kingston Technology
• Headspace

As AI continues to lower the barrier to entry for cybercrime, the industry must move toward autonomous defense. The era of relying on static blacklists is ending; success now depends on whether security platforms can match the speed and intelligence of the models used to attack them. Ocean’s emergence suggests that the next generation of digital warfare will be fought with contextual intelligence.