From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing

Shay Shwartz spent his teenage years as a hacker earning money from illicit activities, but after getting caught at 16, he decided to redirect his skills toward preventing cyberattacks rather than launching them. He spent roughly a decade working in senior cybersecurity positions at Israel's elite defense and intelligence units, contributing to projects including the Iron Dome missile defense system, before moving to Axis, the startup that was later acquired by Hewlett Packard Enterprise. Two years ago, Shwartz finally launched his own venture.

His company Ocean emerged from stealth mode this week with $28 million in total funding to build an agentic email security platform specifically designed to counter AI-powered phishing attacks. Lightspeed Venture Partners led the investment round, with participation from Picture Capital, Cerca Partners, and several notable angel investors. These include Assaf Rappaport, CEO of cloud security firm Wiz, as well as Yevgeny Dibrov and Nadir Izrael, co-founders of asset tracking company Armis, which was acquired by ServiceNow earlier this year for $7.75 billion.

While established security vendors like Proofpoint and Mimecast, along with newer entrants such as Abnormal Security, focus on detecting conventional phishing attempts, Shwartz argues that AI-driven attacks require a fundamentally different defensive strategy. Previously, only highly sophisticated hackers could execute spear-phishing campaigns because of the extensive research, time, and manual effort required for targeted attacks. "AI just made the entire process automatic, so the scale is much, much bigger now," Shwartz told TechCrunch. He explained that bad actors can now instruct large language models to research specific individuals, gather public information, and craft highly personalized phishing emails at scale.

Ocean has developed a small language model specifically trained to analyze incoming emails, assess sender intent, and evaluate messages against each user's organizational context. The platform is currently processing billions of emails monthly for customers including Kayak, Kingston Technology, and Headspace. Shwartz described the approach as placing "a guard in every door" to maintain high email hygiene and protect inboxes from sophisticated fraud and impersonation attempts.