From Teen Hacker to Iron Dome Researcher: How One Founder Raised $28M to Fight AI Phishing:
Why Your Current Email Security Is Already Obsolete Against New AI Phishing:
Introduction: When the Hacker Becomes the Guardian:
Some of the most effective cybersecurity founders are the ones who once sat on the other side of the firewall. Shay Shwartz is exactly that. As a teenager, he made money as a hacker — until he got caught at age 16 and faced a choice that would reshape the next two decades of his life. Rather than abandon his deep understanding of how digital attacks are built and executed, he chose to redirect it.
The result, years later, is Ocean: an agentic AI email security platform that just emerged from stealth with $28 million in funding and a bold claim — that it can stop the next generation of AI-powered phishing attacks before they ever reach your inbox.
The timing of Ocean's launch is not accidental. We are living through a fundamental shift in the threat landscape. Artificial intelligence has transformed spear-phishing from a labour-intensive craft that only the most sophisticated hackers could execute into an automated, industrial-scale operation. The old defences were built for the old attacks. Ocean is built for what is happening right now.
Section 1: The Origin Story — From Teenage Hacker to Elite Defence Researcher:
Shay Shwartz's path into cybersecurity is not the typical résumé-polished origin story. It started with a teenage obsession with hacking and a brush with the law at sixteen that could have ended very differently. Instead of derailing his future, getting caught became the catalyst that focused it. Shwartz realised that the same skills and instincts that made him effective as an attacker were precisely what defenders needed — and that there was a more impactful, and legal, way to apply them.
What followed was nearly a decade at the highest levels of Israeli cybersecurity. Shwartz went on to lead major projects for Israel's elite defence and intelligence units, including work connected to the Iron Dome missile defence system — one of the most technically demanding and consequential defence projects in the world. This wasn't theoretical research. It was high-stakes, real-world cyber defence at a national scale, building muscle memory for the kind of adversarial thinking that commercial cybersecurity rarely demands.
After his defence career, Shwartz joined Axis, a cybersecurity startup that was later acquired by HPE, adding enterprise-scale product experience to his arsenal. But throughout it all, the pull toward founding his own company never faded. Two years ago, he finally made the leap — co-founding Ocean alongside CTO Oran Moyal, bringing together his offensive hacker instincts, his defensive military training, and a clear-eyed view of where the next wave of cyber threats was heading.
Section 2: The AI Phishing Threat — Why Existing Defences Are Already Obsolete:
To understand why Ocean exists, you need to understand what AI has done to the phishing threat landscape. For most of the internet era, spear-phishing — highly personalised attacks crafted to deceive a specific individual — was the exclusive domain of well-resourced, technically sophisticated threat actors. The barrier was simple: it required enormous amounts of time, manual research, and human labour to build a convincing targeted attack. That barrier kept the volume low and the defence manageable.
"AI just made the entire process automatic, so the scale is much, much bigger now. I can instruct an LLM to go and understand exactly who you are, harvest a large amount of public information, and create those phishing attacks very targeted against you." — Shay Shwartz, CEO of Ocean
The implications of that shift are staggering. What once required a team of skilled hackers working for days can now be executed by a single operator prompting a large language model in minutes. The LLM scrapes your LinkedIn profile, your company website, your public social media activity, recent press coverage, and your professional relationships — and produces a phishing email so contextually accurate and personally tailored that even a security-aware recipient can struggle to identify it as fraudulent.
Established email security vendors like Proofpoint and Mimecast were built for a different era. Newer players like Abnormal Security have made meaningful progress on detecting anomalous patterns. But Shwartz argues that AI-powered attacks require a fundamentally different defensive architecture — one that can match the intelligence, personalisation, and speed of the attacks it is trying to stop. Signature-based detection and pattern matching are not enough when every attack is uniquely generated.
Section 3: How Ocean Works — Agentic AI Security at Inbox Level:
Ocean's core product is an agentic AI email security platform built from the ground up to fight AI-generated threats. At its heart is a small language model — not a general-purpose LLM, but one purpose-built and fine-tuned specifically for email security analysis. This specialised model is designed to do three things with remarkable speed: analyse the full context of every incoming email, understand the intent behind what the sender is trying to accomplish, and evaluate that intent against the recipient's specific organisational context.
The Hidden AI War
Nobody Is Telling You About
Our latest documentary deep-dive into the geopolitical struggle for machine intelligence dominance. Explore the two paths of AI development: open source vs. closed architecture.
That last element — organisational context — is what separates Ocean's approach from conventional email security tools. A phishing email targeting a CFO at a mid-size fintech company should be evaluated differently from one targeting a school administrator. The risks are different, the attack vectors are different, and the plausible pretexts an attacker would use are different. Ocean's model ingests and learns from each organisation's unique communication patterns, relationships, and risk profile — building a contextual baseline that makes anomalies significantly easier to detect.
"This is like having a guard in every door. This is how we make the inbox a safe place with high hygiene." — Shay Shwartz
The platform currently reviews billions of emails every month for its growing customer base, which already includes recognisable names across multiple industries: travel platform Kayak, technology manufacturer Kingston Technology, and mental wellness app Headspace. Processing at that volume — with the accuracy required to avoid drowning security teams in false positives — is itself a significant technical achievement, and a proof point that the architecture scales.
Section 4: The $28M Raise — Who Backed Ocean and Why It Matters:
Ocean's $28 million in total funding represents a strong vote of confidence from some of the most discerning investors in cybersecurity. The round was led by Lightspeed Venture Partners, one of the most active and respected venture firms in enterprise technology, with participation from Picture Capital and Cerca Partners. But it is the angel investor list that signals just how seriously the security community is taking Ocean's thesis.
Assaf Rappaport, co-founder and CEO of Wiz — the cloud security company that became one of the fastest-growing enterprise software businesses in history — joined the round. So did Yevgeny Dibrov and Nadir Izrael, the co-founders of Armis, the IoT and asset intelligence security company that recently sold to ServiceNow in a deal valued at $7.75 billion. These are not passive cheque writers. They are operators who have built, scaled, and successfully exited some of the most significant cybersecurity companies of the past decade — and they chose to back Ocean.
The composition of this investor group also reflects a broader trend in cybersecurity investment: the market is moving toward AI-native security platforms that are built specifically to counter AI-powered threats, rather than legacy vendors attempting to bolt AI onto architectures that were never designed for it. Ocean, emerging from stealth at this moment, is positioned squarely at that intersection.
Section 5: The Bigger Picture — AI Security in a Post-LLM Threat Landscape:
Ocean's launch is a signal about where the entire cybersecurity industry is heading. The proliferation of large language models has not just created new productivity tools for legitimate users — it has handed threat actors a force multiplier of unprecedented scale. Social engineering attacks, credential phishing, business email compromise (BEC), and executive impersonation are all being supercharged by the same AI capabilities that power everyday consumer applications.
The challenge for enterprise security teams is not just detecting attacks — it is detecting attacks that are indistinguishable from legitimate communication. An AI-generated phishing email that accurately references your recent company announcement, addresses you by your preferred name, and mimics the communication style of a vendor you regularly work with is an entirely different problem from the Nigerian prince scam of 2003. It requires an entirely different class of defence.
For CISOs, IT security leaders, and enterprise decision-makers evaluating their email security stack, Ocean's emergence represents a new category to consider: agentic, context-aware, AI-native email defence. The platform is not trying to be a replacement for every layer of an organisation's security posture. It is specifically targeting the inbox — the single most exploited entry point in corporate cyber attacks — and making it significantly harder to breach.
Conclusion: The Hacker Who Became the Guardian:
Shay Shwartz's journey from teenage hacker to Iron Dome researcher to venture-backed founder is more than a compelling personal story — it is a master class in adversarial thinking applied to defence. The best security systems are built by people who deeply understand how attackers think, what they look for, and how they adapt. Ocean is the product of that understanding, refined over two decades and now aimed at one of the most urgent threats in enterprise cybersecurity.
With $28 million in funding, a roster of elite investors, and billions of emails already processed monthly, Ocean is no longer just an idea emerging from stealth. It is an operational platform tackling a real and growing problem — and in a threat landscape where AI has made every inbox a potential entry point, the stakes could not be higher.
The inbox is the most exploited entry point in corporate cybersecurity. Ocean is building the guard at every door.
AI email security · agentic cybersecurity · phishing prevention · AI-powered attacks · startup funding 2026
