Agentic AI,
Artificial Intelligence & Machine Learning,
Cloud Security
Israeli Startup Plans to Enhance AI Agent Security Within Cloud Platforms
Sweet Security, an Israeli startup established by former Chief Information Security Officer of the Israel Defense Forces, has secured $75 million to enhance its Cloud-Native Application Protection Platform (CNAPP) with robust artificial intelligence security capabilities.
Related Reading: Agentic AI and the Future of Automated Threats
Based in Tel Aviv, Sweet Security aims to utilize its existing runtime CNAPP infrastructure, including eBPF sensors and its proprietary deviation detection engine, to monitor AI agent behavior effectively. Eyal Fisher, co-founder and chief product officer, emphasized that while AI agents operate in a non-deterministic manner, they can still be monitored and control measures established, ensuring companies maintain visibility over their systems.
“Our market research indicates a significant demand, and our proof of concept (POC) efforts have been highly successful,” Fisher stated. “As the adoption grows, we are scaling up our market outreach to capture more customers.” Since its inception in 2023, Sweet Security has expanded to 82 employees and raised a total of $120 million, with a notable $33 million Series A funding round concluded in March 2024, spearheaded by Evolution Equity Partners.
The Convergence of CNAPP and AI Security
With the growing integration of AI in cloud environments, the current CNAPP tools often fall short in addressing the new risks posed by autonomous AI operations. Fisher contends that security frameworks must evolve to encompass both the infrastructural protection of cloud environments and proactive monitoring of AI behavior. AI agents, he explained, require real-time behavioral oversight rather than mere static analysis.
Sweet’s approach involves employing AI technologies not only for enhancing security but also for protecting AI systems themselves. Fisher outlined, “Our platform is fundamentally built around AI, incorporating a large language model at its core.” He believes that the integration of AI security capabilities into CNAPP is essential as businesses increasingly deploy AI agents in their infrastructures.
Addressing existing gaps in AI security, Fisher highlighted three primary concerns: lack of visibility, comprehension of agent behavior, and the establishment of guidelines for agent operation. “Many of our clients express a sense of blindness regarding their environment,” he noted, indicating the urgent need for enhanced monitoring solutions.
Securing AI Agents Through Workload Monitoring
Sweet’s technology utilizes sensors positioned close to the kernel to provide profound insights into workload actions, facilitating swift assessments of usual workload behaviors and detecting significant deviations. Fisher explained that monitoring data access patterns of AI agents, especially those accessing sensitive directories or unfamiliar systems, allows for real-time anomaly detection.
Security architects and detection teams should remain central buyers of Sweet’s offerings, as dividing responsibilities between traditional cloud teams and AI-focused divisions could result in inefficiencies. While roles in AI adoption may extend to data scientists and engineers, securing these workloads fundamentally belongs to security professionals.
“Ultimately, the responsibility for AI security will fall on the security team,” Fisher stated. “Alerts should be managed through a unified process, or we risk creating fragmented communication between sub-teams.” Cloud-native organizations, while often knowledgeable about security, frequently find traditional tools inadequate, particularly in the context of advanced runtime protection and behavioral analytics. Sweet Security offers a solution that allows industries like banking and insurance to modernize their security posture while retaining the clarity and control they expect from established on-premises systems.
With the ongoing evolution of AI deployment, Chief Information Security Officers (CISOs) face the challenge of fostering innovation without compromising security. Fisher emphasized, “CISOs do not want to be perceived as impediments to AI adoption, which adds significant pressure to their roles.”
