Ocean builds agentic email security software that investigates incoming messages before employees act on them. The startup has now come out of stealth with $28 million in total funding as email fraud gets sharper, cheaper, and more personalized in the age of generative AI. Founded in 2024 by Shay Shwartz and Oran Moyal, Ocean is pitching a blunt idea: old email defenses were built to spot suspicious patterns, while newer attacks are designed to look perfectly normal.
That pitch has landed with investors. Lightspeed Venture Partners led the round, with Picture Capital and Cerca Partners joining in, plus an angel list that includes Wiz co-founder and CEO Assaf Rappaport and Armis co-founders Yevgeny Dibrov and Nadir Izrael. Ocean is already processing more than 1 billion emails a month and protecting hundreds of thousands of mailboxes.
What is Ocean's agentic email security platform?
Ocean’s agentic email security platform is built around an investigation engine called Ray. In practice, a customer plugs Ocean into Microsoft 365 or Google Workspace through an API, and the system starts reviewing inbound email in real time before the message becomes someone else’s problem. It doesn’t just score for spammy signals and checks sender identity and message content. It also reviews links, technical infrastructure, and the business context around the conversation to decide whether the email can actually be trusted.
The product is more specific than the usual “AI platform” pitch. Ray coordinates a set of purpose-built agents, including identity, link, file, infrastructure, financial, contact, quarantine, and abuse-mailbox agents, that follow evidence from different angles. The platform also builds what it calls a living memory of how an organization normally communicates. That’s meant to help it spot subtle impersonation, vendor fraud, and business email compromise that sail past standard filters.
That matters because Ocean isn’t only trying to block bad email at the front door. It also automates the follow-up work that burns security teams out: triaging employee-reported phishing emails and handling quarantine-release requests. It also runs deeper incident-response investigations without forcing analysts into endless manual review. Ocean’s framing is simple: employees get fast answers, while the SOC gets time back.
For customers, the pitch is less about another dashboard and more about replacing hand-built security operations around email. Before, a team might rely on a secure email gateway and a patchwork SOAR playbook. A lot still comes down to analyst judgment. After Ocean, the company wants each message to arrive with an explainable verdict instead of a vague risk score. That’s a strong promise. It only holds up if false positives stay low.
Who founded Ocean and why build it now?
The founding story
Ocean was founded in 2024 by CEO Shay Shwartz and CTO Oran Moyal. The two go way back — they first knew each other as teenagers and later reunited to help build a joint cyber unit serving the Israel Defense Forces and Shin Bet. They spent 4 years leading major projects there, won personal honors, and were part of work that earned the Israel Security Award.
Shwartz’s route into cybersecurity wasn’t exactly polished. He has said he made money as a teenage hacker, got caught at 16, and then decided to put the same skills to work on defense instead of offense. That turned into roughly a decade in elite cybersecurity roles, including work tied to the Iron Dome project, before he moved into the startup world. The backstory is messy. It’s more believable for it. This isn’t a founder who discovered phishing from a market map. He’s spent years thinking like an attacker.
Why these founders fit the problem
After military service, Shwartz joined Axis Security, the startup later acquired by HPE. Moyal took a different path: first VisibleRisk, which was later acquired by BitSight, and then Microsoft, where he helped create a group focused on finding security weaknesses in Azure cloud products. That’s a direct line into Ocean’s thesis. One founder understands offensive tradecraft and enterprise go-to-market from Axis. The other has deep platform and cloud security experience from Microsoft.
Both founders argue that AI broke the economics of spear phishing. Shwartz put it plainly: “AI just made the entire process automatic, so the scale is much, much bigger now.” He also described how an LLM can profile a target from public data and generate a highly tailored attack fast. That’s the company’s whole origin story in one sentence — once personalization becomes cheap, email defense has to shift from pattern matching to context analysis.
Traction, fundraising, and early execution
Ocean launched from stealth in May 2026, but it isn’t pre-product. The company is live, employs about 35 people, and already serves customers including KAYAK, Kingston Technology, and Headspace. It also works inside Fortune 500 environments. Public reporting says Ocean has reached seven-figure revenue, processed more than 1 billion emails in its first year, and now handles more than 1 billion each month.
The funding stack is more interesting than the headline suggests. The company has raised $28 million in total. CTech reported that the latest financing is a $20 million Series A, following an $8 million seed round in 2024 led by Picture Capital. Lightspeed led the new round, with Picture Capital and Cerca Partners participating, plus angels from Wiz, Armis, Axis, Island, and Transmit. Ocean plans to use the cash to expand AI research and speed up product development. It also plans to triple headcount within a year.
How Ocean's agentic email security compares with Proofpoint, Mimecast, and Abnormal
This is where Ocean is trying to wedge itself into a crowded category. Proofpoint and Mimecast still represent the legacy backbone for a lot of enterprise email security, often through secure email gateway deployments and layered threat protection. Abnormal Security, by contrast, built its name on cloud-native behavioral detection for business email compromise and impersonation attacks.
Ocean’s bet is that even those newer approaches aren’t enough once attackers use AI to mimic ordinary business traffic with almost no obvious anomalies. So instead of selling itself as better detection, it sells “autonomous investigation.” That’s the distinction investors seem to be buying: not another model that flags weird messages, but a system that tries to reason through whether a legitimate-looking email is asking for the wrong thing. It’s a subtle difference on paper. In production, it could be a real one.
Why does Ocean's $28M round matter?
Because this isn’t just a branding round.
Ocean is using the money to do 3 concrete things: add more AI research and build out the platform faster. It also plans to dramatically expand the team. For customers, that usually means one thing — the company is trying to move from “promising stealth startup” to a vendor that can survive procurement, scale support, and handle bigger enterprise rollouts.
The round also shows what investors think the next email security battle looks like. Lightspeed and Picture Capital didn’t back a compliance layer or a lightweight email add-on. They backed a team with offensive cyber experience that argues intent matters more than indicators. If that thesis is right, Ocean could become less of a phishing filter and more of an always-on investigation layer for enterprise communications.
There’s another signal here. Ocean already has recognizable customers, meaningful email volume, and live deployments while still young. That makes the round feel less like a speculative AI bet and more like acceleration capital for a product that has already found a wedge.
Why is agentic email security getting funded now?
The market backdrop is clear. Grand View Research estimates the global phishing protection market was worth $2.48 billion in 2024 and projects it will reach $7.16 billion by 2033, a 12.8% CAGR. Email-based phishing was the biggest sub-segment, and large enterprises accounted for 71.9% of revenue share in 2024. So yes, this is a real budget line, not a science project.
The loss data is even harsher. The FBI’s 2025 IC3 report logged 24,768 business email compromise complaints and $3.05 billion in reported losses in the U.S. alone. That’s why startups like Ocean can get attention fast: if attackers can now use AI to write clean, contextual, convincing messages, the cost of a miss climbs way past the cost of another security tool.
Ocean may be early, but the timing isn’t random. The broader industry is already shifting from static rules and reputation checks toward behavioral analysis, context, and real-time judgment. Agentic email security is basically the next version of that argument. Software doesn’t just detect risk. It investigates it.
Can Ocean's agentic email security actually break out?
It might.
The founders have the right scars for the problem, the early customer list is credible, and the product thesis feels sharper than the usual “AI for security” slogan. But email security is brutal. Buyers care about efficacy, false positives, deployment pain, and whether a new vendor can survive the grind of enterprise sales.
The next thing to watch is whether Ocean’s agentic email security can keep winning live replacements against entrenched tools once the pilots turn into annual contracts.
Read how Status AI raised $17M across seed and Series A to build an AI-powered social gaming app where users role-play inside simulated fandom-driven social networks.
FAQ
– What funding has Ocean raised?
Ocean has raised $28 million in total funding. The company emerged from stealth on May 19, 2026, and reporting around the launch says the latest round was a $20 million Series A led by Lightspeed Venture Partners after an $8 million seed in 2024.
– How does Ocean's agentic email security work?
Ocean plugs into Microsoft 365 and Google Workspace and investigates incoming messages in real time through an engine called Ray. It uses multiple AI agents to examine identity and links. It also reviews files, infrastructure, and business context, then returns an explainable verdict instead of a generic threat score.
– Who are Ocean’s founders?
Ocean was founded in 2024 by Shay Shwartz and Oran Moyal. Shwartz came from elite Israeli cyber and defense roles and later joined Axis Security, while Moyal worked at VisibleRisk and then Microsoft, where he focused on security gaps in Azure cloud products.
– Is Ocean in the email security market or the phishing protection market?
It sits in both, but its closest category is enterprise email security focused on phishing, impersonation, and business email compromise. That puts it inside a phishing protection market that Grand View Research sized at $2.48 billion in 2024, with growth expected through 2033.
