Ocean emerges from stealth with $28M to fight AI phishing
A high-tension enterprise inbox war room where AI-generated phishing messages are being intercepted as layered defensive shields form around email threads.📷 AI-generated image / TECH&SPACE
- ★Ocean has raised $28 million in total for agentic email security.
- ★Founder Shay Shwartz previously worked on Israel's Iron Dome project and in cybersecurity.
- ★The platform targets AI phishing that automates attack creation and personalization.
Ocean has emerged from stealth with $28 million in total funding and a blunt pitch for the market: email security is no longer just about filters catching bad links, but about defending against an automated attack process. The startup, founded by Shay Shwartz, is building an agentic email security platform that, according to TechCrunch, is already reviewing billions of emails each month for customers. The funding round was led by Lightspeed Venture Partners.
The central point is not that phishing is new. It is not. What has changed is that generative AI lowers the cost of writing, localizing, varying and targeting messages at scale. Shwartz framed the shift directly: AI has made the entire process automatic, so the scale is much bigger now. In practical terms, employees are less likely to receive clumsy messages with obvious language mistakes and more likely to receive a convincing request in the right tone, with enough context to slip past older warning signs.
Shay Shwartz's startup wants to review billions of emails each month and stop phishing that generative AI has turned into an industrial process.
A close operational view of suspicious email threads being evaluated by an agentic security system, with sender behavior, link risk and request anomaly signals separated into visual layers.📷 AI-generated image / TECH&SPACE
Ocean is therefore positioning itself around continuous email review rather than occasional scanning. The supplied research brief says the platform is reviewing billions of emails each month, which matters because phishing defense breaks on volume, latency and decision quality. If the system is slow, the message has already been opened. If it blocks too aggressively, business work stalls. If it is too permissive, an AI-written message can move through the edge of the network as normal communication.
Shwartz's background adds context, but it does not replace product proof. The source notes that he previously worked on Israel's Iron Dome project and held other cybersecurity roles before founding Ocean. The implied analogy is layered defense, translated from physical interception into the inbox. In cyber terms, that means a chain of quiet judgments: who sent the message, what it asks for, whether the request is unusual, where the link points, what relationship exists between sender and recipient, and whether the content looks like part of an automated campaign.
The broader risk is already familiar to security teams. CISA's phishing guidance describes phishing as social engineering designed to push users into revealing information or taking harmful actions, while the FBI IC3 tracks the financial damage caused by internet-enabled fraud. Ocean is entering that same defensive territory with the claim that protection has to work like a guard at every door, not a single checkpoint at the front gate.
The market question is whether Ocean can show measurable results: fewer successful compromises, fewer false-positive blocks and clear explanations for why a message was stopped. The $28 million buys time and access to larger customers, but it does not solve the hard part by itself. In the AI phishing era, the winning system will not be the one with the loudest promise. It will be the one that can detect the thin line between an urgent business request and a well-written attack inside real mailboxes.
