Ocean Shows AI Phishing Defense Is Becoming an Agent-vs-Agent Market

Ocean Security processes a billion emails a month. The number sounds impressive until you notice it is protecting a few hundred thousand mailboxes. Do the math and you get roughly ten thousand emails per mailbox per month, which is about three hundred per workday. That is not a platform at scale. That is a company running on a small number of very large enterprise accounts, any one of which is big enough to make or break a Series A round.

Ocean emerged from stealth on May 19, 2026 with $28 million in total funding — an $8 million seed in 2024 followed by a $20 million Series A led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners. The company was founded in 2024 by Shay Shwartz and Oran Moyal, both veterans of elite units in the Israel Defense Forces Intelligence Corps who went on to work on joint IDF and Shin Bet projects, including work connected to Iron Dome. Shwartz spent time as a teenage hacker before redirecting his skills into defense. Moyal later worked at Microsoft identifying security weaknesses in Azure. They are Forbes 30 Under 30 alumni and they have built something that looks structurally different from the email security tools enterprises have been buying for a decade.

At the center of Ocean's platform is Ray, an autonomous investigation engine. Where traditional email security tools flag suspicious patterns — a malformed header, a known malicious domain, a spoofed display name — Ray does something closer to what a human analyst would do: it checks the sender's actual identity, cross-references the email's content against the recipient's organizational context, examines links and infrastructure, and follows the evidence through conversation threads. The goal is intent verification: determining whether a message is trying to do harm rather than whether it merely looks unusual. Ocean says the system reviews every incoming email in real time and automates the full triage and response workflow without requiring a human in the loop for standard cases.

The company claims it is already reviewing billions of emails monthly for customers including KAYAK, Kingston Technology, and Headspace. The $28 million round brought in angels including Assaf Rappaport, CEO of Wiz, and the co-founders of Armis, the security startup that sold to ServiceNow for $7.75 billion. Mike Fey, a general partner at Picture Capital and CEO of Island, described the investment thesis plainly: AI broke email security and handed attackers an unfair advantage overnight, and what drew his firm to Ocean was that the founders came from the offensive side. They know how these attacks work because they used to run them.

That background is not just marketing. The claim that AI has transformed phishing from a labor-intensive targeted operation into something automatable at scale is well-supported by the experience of people who worked on the offensive side. Moyal, speaking to Calcalist, described how building a detailed profile of a target used to take weeks of manual research. AI has compressed that to minutes. The entire process of data collection and attack generation has become automated, and attacks that were once rare are now routine. Spear-phishing — once the exclusive tool of nation-state actors and sophisticated criminal groups — now requires nothing more than a well-crafted prompt.

The market Ocean is entering is not empty. Abnormal Security has built a substantial business using behavioral AI to detect business email compromise and sophisticated phishing. Proofpoint and Mimecast remain the established vendors for enterprises that want a secure email gateway. All three have been adding AI capabilities. The question is whether an autonomous investigation engine represents a qualitative shift in capability or whether it is a different marketing framing for the same underlying detection logic.

What makes Ocean interesting is not the familiar arms-race framing — attackers get AI, defenders get AI, everyone buys new software — but the concentration question that its own numbers raise. A billion emails a month sounds like scale until you notice the denominator. Proofpoint and Mimecast each protect tens of millions of mailboxes. Abnormal Security has publicly disclosed coverage across thousands of enterprise customers. If Ocean is processing a billion emails monthly against a few hundred thousand mailboxes, the implied average is roughly three hundred emails per mailbox per workday. For a company at Series A with $28 million raised, that math is consistent with a customer base that is both small and lumpy: a handful of large enterprise accounts, each generating enough volume to move the numbers, each representing a churn risk that matters.

One head-to-head test was described on Ocean's website by Ryan Clarque, CSO, who said Ocean ran live in production against two leading email security platforms already in place and outperformed across the board, including on business email compromise. The names of those platforms are not disclosed. The outcome metrics are not specified. It is a reference that validates that Ocean can compete in a bake-off but does not establish a meaningful benchmark.

The broader context matters. Exaforce, a startup building an autonomous security operations center platform, raised $125 million in Series B funding on May 14 — five days before Ocean's announcement. The same investors, the same thesis: agents will eat security operations. The crowded market for agentic security platforms suggests that the architectural pattern Ocean is pioneering will face competition from multiple directions before it achieves the distribution needed to survive the enterprise buying cycle.

The 90 percent figure Ocean cites — that more than 90 percent of successful cyberattacks start with phishing — comes from the company's own press release and is consistent with industry estimates that have circulated for years. It is directionally accurate and it is useful framing, but it is not independent data. Nobody has published a third-party benchmark showing that Ocean catches threats that Proofpoint, Mimecast, or Abnormal Security miss at a rate that justifies replacing any of them.

Ocean is not a story about whether AI-powered phishing is real. It is. The question is whether a two-year-old company with vague customer concentration language, no independent efficacy validation, and a handful of large accounts can build a durable business before the incumbents it is betting against decide to build the same thing. The math on its current numbers says that question is not answered yet. The founders have the background. The architecture is real. The product appears to work. Whether the company is built to last or to be acquired by one of the vendors it is disrupting is the actual bet that $28 million buys.