Ent Security secures $100 million to reinstate prevention in cybersecurity.

      For the majority of the past decade, the security industry has largely abandoned the goal of prevention. Security breaches were deemed unavoidable, leading to investments focused on detection and post-incident cleanup. However, a new startup founded by two industry veterans claims that AI has made it feasible to prevent attacks from occurring in the first place, and investors have provided $100 million to validate this claim.

      Ent, established by Elias ‘Lou’ Manousos and Brandon Dixon, emerged from stealth mode on June 16, securing a $100 million seed round, primarily led by Decibel. Other participants included Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel, which is the CIA’s venture arm. SiliconANGLE noted that this marks one of the largest seed funding rounds in the history of cybersecurity.

      The founders are well-versed in the field; they developed RiskIQ, which was sold to Microsoft in 2021 for over $500 million, according to SiliconANGLE, and subsequently contributed to the creation of Microsoft Security Copilot. Their new venture essentially opposes the prevailing model that the rest of the industry, including Microsoft, currently employs.

      Ent's argument for renewed prevention

      The shift to detection in the industry has a practical rationale. To prevent an attack before it occurs, a real-time understanding of the situation is necessary, which previously relied heavily on cloud processing. The latency from the device back to the cloud was too great, resulting in tools like endpoint detection and response (EDR) mainly being effective after incidents occurred.

      Ent contends that small AI models can now operate locally on the endpoint, allowing for reasoning to occur at the edge without that round trip. According to the company, decisions can be made in under a second, enabling them to block incidents before actions are finalized, distinguishing between stopping an attack and documenting it afterward.

      "We have entered a new era characterized by AI-powered attacks, necessitating a return to prevention and resilience," stated Greg Clark, co-founder and managing partner at Crosspoint Capital Partners. "The level of inference required to preemptively stop threats must now reside directly on the endpoint."

      Focusing on the workspace rather than the network

      Another aspect of Ent's proposition regards monitoring locations. The company asserts that contemporary work does not occur within the layers that EDR and SIEM tools track. Instead, it spans the various applications, browsers, chat tools, and AI assistants individuals utilize throughout the day, alongside the AI agents operating on their behalf.

      The company aims to occupy this space: a "workspace security" control platform at the endpoint that constructs a comprehensive record of work, deduces the intent behind actions, and intervenes at decision-making moments. Notable examples include a user granting remote access to their machine to someone outside the organization or inputting sensitive information into an unsanctioned AI tool.

      The timing is notable. As Manousos remarked, "offense is going to be all AI," and the attack surface he describes continues to yield new incidents, from AI agents inadvertently revealing cloud keys to chatbots being manipulated to reset passwords. A wave of startups, including NewCore, which recently raised $66 million to provide AI agents with a corporate identity, is also racing to address this gap.

      A significant investment and a competitive landscape

      Ent claims it is already operational with Global 2000 clients in sectors such as hospitality, financial services, and defense, utilizing the platform to identify insider risks, oversee AI usage, and prevent data loss. One anonymous insider-threat lead from a public financial institution mentioned, “it was the first tool where I felt like an expert on day one.” This measurable activity, rather than just a demonstration, is what justifies such a large seed funding round.

      However, there are important considerations. The notion that "prevention is back" is quickly shifting from a contrarian viewpoint to the industry's mainstream selling point. A system that acts on inferred intent must frequently be correct to avoid obstructing legitimate work and causing staff to disregard it. The claims regarding capabilities, including sub-second on-device inference, are based on the company's assertions without independent validation.

      Moreover, $100 million at the seed stage sets a high standard. Ent is entering a market where established players like CrowdStrike and Microsoft—whose security tool its founders created—already dominate, at a time when there is a heightened demand for AI security solutions. With strong credentials, a solid customer base, and the backing of In-Q-Tel, the venture appears credible. Ultimately, it remains to be seen whether prevention can truly outpace attacks rather than merely promise to do so, which is what this investment aims to determine.