Shay Shwartz has a deep understanding of email phishing. Having started as a teen hacker, a run-in with the law at 16 led him to pivot his talents toward cybersecurity defense. He spent the next decade in elite Israeli intelligence and defense units, contributing to critical projects like the Iron Dome, before joining Axis, a startup later acquired by HPE.
Two years ago, Shwartz launched Ocean, an agentic email security platform built to combat AI-powered threats. The startup recently emerged from stealth with $28 million in total funding. The round was led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners. Notable angel investors include Wiz CEO Assaf Rappaport and the co-founders of Armis, Yevgeny Dibrov and Nadir Izrael, whose company was recently acquired for $7.75 billion.
While established vendors like Proofpoint and newer players like Abnormal Security focus on standard phishing, Shwartz argues that generative AI necessitates a new defensive paradigm. Previously, sophisticated spear-phishing required immense manual labor. Now, AI automates the entire reconnaissance and content generation process, enabling high-scale, hyper-targeted attacks. "I can instruct an LLM to understand exactly who you are, harvest public information, and create targeted phishing attacks automatically," Shwartz told TechCrunch.
Ocean’s platform utilizes specialized AI to analyze the context of every incoming email to identify fraud and impersonation. The startup is already processing billions of emails monthly for enterprise clients like Kayak, Kingston Technology, and Headspace. Shwartz revealed that Ocean developed a custom Small Language Model (SLM) optimized to quickly evaluate sender intent against the specific organizational context of the recipient. "This is like having a guard at every door," Shwartz said, emphasizing their goal of making the inbox a secure environment through high hygiene standards.
