Former Teen Hacker and Iron Dome Researcher Secures $28M to Combat AI-Powered Phishing

Shay Shwartz has spent much of his life understanding how phishing attacks work and how cybercriminals exploit email systems. Long before becoming a cybersecurity entrepreneur, Shwartz experimented with hacking as a teenager and even earned money from his activities. However, after being caught at 16, he reassessed his future and decided to channel his technical abilities into protecting organisations from cyber threats rather than engaging in them.

That decision ultimately led him into some of the most advanced cybersecurity environments in the world. Over the following decade, Shwartz held senior cybersecurity positions and contributed to major initiatives within Israel’s elite intelligence and defence units. Among the projects he worked on were efforts connected to the country’s renowned Iron Dome defence program. Later, he joined Axis Security, which was eventually acquired by Hewlett Packard Enterprise (HPE).

Despite building a successful career in cybersecurity, Shwartz always wanted to establish his own company. After years of working across the industry, he finally decided to pursue that ambition. Two years ago, he launched a startup focused on addressing one of the fastest-growing challenges in cybersecurity: AI-powered phishing attacks.

That company, called Ocean, has now officially emerged from stealth mode and announced $28 million in funding. The investment round was led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners.

The round also attracted several prominent angel investors from the cybersecurity industry. Participants included Assaf Rappaport, Yevgeny Dibrov, and Nadir Izrael. Dibrov and Izrael previously helped build Armis, which ServiceNow recently acquired in a $7.75 billion deal.

Ocean has developed what it describes as an agentic email security platform specifically designed to defend organisations against phishing campaigns that leverage artificial intelligence. According to Shwartz, the emergence of generative AI has fundamentally changed how cybercriminals operate, making traditional defences less effective against increasingly sophisticated attacks.

Several established cybersecurity companies, including Proofpoint and Mimecast, as well as newer security providers such as Abnormal Security, already help organisations identify and block conventional phishing campaigns. However, Shwartz believes that the rapid rise of AI-generated attacks requires a new approach to email security.

In the past, launching highly targeted spear-phishing campaigns required significant expertise, extensive research, and considerable time. Attackers had to gather information about potential victims, manually study their behaviour, and craft personalised messages designed to increase the likelihood of success.

According to Shwartz, artificial intelligence has transformed that process.

“AI just made the entire process automatic, so the scale is much, much bigger now,” Shwartz explained. “I can instruct LLM to go and understand exactly who you are, harvest a large amount of public information, and create those phishing attacks very targeted against you.”

The ability of modern large language models to collect publicly available information, analyse personal and professional profiles, and generate convincing communication has significantly reduced the barriers that once limited advanced phishing operations. As a result, cybercriminals can execute highly personalised attacks against a much larger number of targets than ever before.

Ocean says its platform was built specifically to counter these evolving threats. The company claims its artificial intelligence system examines the full context of every incoming email to identify potential fraud, impersonation attempts, and other malicious activity before messages reach users.

Rather than relying solely on traditional indicators such as suspicious links, malicious attachments, or known attack signatures, the platform focuses on understanding the intent behind each message and evaluating whether it aligns with legitimate communication patterns.

The startup says it is already analysing billions of emails every month on behalf of customers. Among the organisations currently using the platform are Kayak, Kingston Technology, and Headspace.

Shwartz explained that Ocean developed a specialised small language model optimised for email security. The model is designed to process messages rapidly, determine the sender’s intent, and compare that intent against the unique context of the recipient’s organisation.

By understanding organisational relationships, communication patterns, and contextual signals, the system aims to distinguish legitimate business correspondence from sophisticated phishing attempts that may otherwise appear authentic.

According to Shwartz, this contextual analysis enables Ocean to provide a more proactive layer of protection for corporate inboxes.

“This is like having a guard in every door,” Shwartz said. “This is how we make the inbox a safe place with high hygiene.”

As AI reshapes offensive and defensive cybersecurity, Ocean is focused on protecting organisations from the next generation of phishing threats. With fresh funding, support from leading investors, and growing customer adoption, the startup aims to help businesses defend against increasingly automated and personalised attacks that are becoming more common in the AI era.