Shay Shwartz’s journey from teenage hacker to cybersecurity entrepreneur reads like a Silicon Valley redemption story. After getting caught making money through hacking at age 16, he pivoted his skills toward defense, spending a decade in elite cybersecurity roles for Israel’s defense and intelligence units, including work on the Iron Dome project.
Now, his startup Ocean has emerged from stealth with $28 million in total funding to tackle what he sees as the next major threat in cybersecurity: AI-powered phishing attacks. The round was led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners, plus notable angels including Wiz CEO Assaf Rappaport and Armis co-founders Yevgeny Dibrov and Nadir Izrael.
Ocean’s timing reflects a growing concern in cybersecurity circles. Traditional email security vendors like Proofpoint and Mimecast, along with newer players like Abnormal Security, were built to detect standard phishing attempts. But Shwartz argues that AI has fundamentally changed the threat landscape, making sophisticated spear-phishing attacks accessible to any bad actor with an internet connection.
“AI just made the entire process automatic, so the scale is much, much bigger now,” Shwartz told TechCrunch. “I can instruct LLM to go and understand exactly who you are, harvest large amount of public information, and create those phishing attacks very targeted against you.”
The shift is significant. Previously, only highly skilled hackers could execute spear-phishing campaigns due to the time, research, and manual effort required to craft targeted attacks. AI has essentially democratized advanced phishing techniques, allowing attackers to generate personalized, convincing emails at scale.
Ocean’s approach centers on what the company calls an “agentic email security platform.” The startup built a specialized language model designed to quickly analyze incoming emails, understand sender intent, and evaluate threats against specific organizational context. Shwartz describes it as “having a guard in every door” to make “the inbox a safe place with high hygiene.”
The platform is already processing billions of emails monthly for customers including Kayak, Kingston Technology, and Headspace. This scale suggests enterprise demand for AI-specific email security solutions is real and growing.
The funding round’s investor lineup is particularly telling. Wiz, valued at $12 billion, represents the current gold standard for cybersecurity unicorns, while Armis recently sold to ServiceNow for $7.75 billion. Having founders from both companies backing Ocean signals confidence in the AI security space and Ocean’s specific approach.
Ocean’s emergence also highlights how cybersecurity is evolving beyond traditional signature-based detection. As AI makes attacks more sophisticated and personalized, security solutions must become equally intelligent to keep pace. The company’s focus on contextual analysis rather than pattern matching represents this new generation of defensive tools.
For enterprises, this represents both a challenge and an opportunity. While AI-powered attacks pose new risks, solutions like Ocean suggest the security industry is adapting quickly. The key will be staying ahead of an arms race where both attackers and defenders are increasingly powered by artificial intelligence.