Onit Security, a cybersecurity startup, has raised $11 million in a seed funding round led by Hetz Ventures and Brightmind Partners, as it looks to address one of the industry’s most persistent challenges—closing the gap between identifying vulnerabilities and actually fixing them.
Founded in 2025 and based in Tel Aviv, the company offers an AI-powered “agentic exposure management” platform designed to automate the entire vulnerability lifecycle—from detection and prioritization to remediation.
Unlike traditional tools that rely on generic severity scores and often stop at generating alerts or tickets, Onit’s platform uses AI agents to analyze vulnerabilities in real business context. It aggregates data from multiple sources, identifies asset ownership, prioritizes risks, and executes remediation workflows with minimal manual intervention.
A key innovation lies in its ability to convert security decisions into enforceable policies. Once a resolution strategy is defined, the platform can automatically apply it to similar future exposures, enabling continuous and scalable remediation over time.
The startup was founded following a real-world cyberattack experienced by co-founder Ofer Amitai, where a known vulnerability—lost within a backlog—was exploited. This incident highlighted systemic flaws in vulnerability management, where security teams can take weeks to respond while attackers act within minutes.
Industry data underscores the urgency of the problem, with organizations taking an average of over 30 days to remediate vulnerabilities, while nearly half remain unresolved after a year. As the number of vulnerabilities continues to rise rapidly, the gap between detection and resolution is becoming increasingly difficult to manage.
Commenting on the company’s approach, CEO Elad Ben-Meir stated that “vulnerability management has been broken for 30 years,” emphasizing the need for faster, automated, and context-aware solutions to keep pace with evolving cyber threats.
With the newly raised capital, Onit Security plans to accelerate product development and expand its go-to-market efforts across new sectors. The company is already working with enterprise clients and claims to significantly reduce the time required to fix vulnerabilities, positioning itself as a key player in the next generation of AI-driven cybersecurity solutions.
