Ent Security raises $100M to refocus on cyber prevention

For the better part of a decade, cybersecurity largely surrendered to the inevitability of breaches. The industry funneled resources into detection and remediation, accepting that stopping an attack before it started was a lost cause. Now, two veterans of that era are betting that artificial intelligence can revive cyber prevention, and they have secured $100 million to make their case.

The startup, Ent, emerged from stealth on June 16, backed by a massive seed round led by Decibel. Participating investors include Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel, the CIA’s venture arm. SiliconANGLE has called this one of the largest seed rounds in cybersecurity history.

Founders Elias “Lou” Manousos and Brandon Dixon know the industry intimately. They previously built RiskIQ, which Microsoft acquired in 2021 for over $500 million, and later helped create Microsoft Security Copilot. Their new venture represents a direct challenge to the prevailing model that most of the industry, including Microsoft, currently operates on.

Why prevention is now viable

The industry’s shift toward detection was rooted in a practical limitation. To block a threat in real time, you need to process data at the moment of decision, but the heavy computation was stuck in the cloud. The latency between device and cloud made it too slow, so tools like endpoint detection and response (EDR) settled for identifying problems after the fact.

Ent’s core argument is that small AI models can now run locally on the endpoint, performing reasoning at the edge without that round trip. The company claims a decision can be made in under a second, before an action completes, turning a potential incident into a blocked one rather than a report.

“We have entered a new era defined by AI-powered attacks, one that demands a return to prevention and resilience,” said Greg Clark, co-founder and managing partner at Crosspoint Capital Partners. “The level of inference required to stop threats before they materialise must now live directly on the endpoint.”

Monitoring the workspace, not just the network

Ent also argues that traditional tools focus on the wrong layer. Modern work does not happen primarily at the levels monitored by EDR and SIEM systems. Instead, it unfolds across apps, browsers, chat tools, and AI assistants, alongside AI agents that now act on behalf of users.

The company positions itself as a workspace security control plane on the endpoint, building what it calls a complete record of work. It infers the intent behind an action and intervenes at the moment of decision. The examples are telling, such as a user handing remote control of their machine to an outsider or pasting sensitive data into an unsanctioned AI tool.

The timing is deliberate. As Manousos put it, “offence is going to be all AI,” and the attack surface he describes is the same one generating fresh incidents, from AI agents tricked into leaking cloud keys to chatbots manipulated into resetting passwords. This is also the gap a wave of startups is racing to fill, including NewCore, which raised $66 million to give AI agents a corporate identity.

A large check in a crowded market

Ent says it is already deployed with Global 2000 customers across hospitality, financial services, and defense, using the platform to flag insider risk, govern AI use, and stop data loss. One anonymous insider-threat lead at a public financial institution said it was “the first tool where I felt like an expert on day one.” That production traction, rather than a demo, is what a seed round this size is paying for.

The caveats are worth noting. “Prevention is back” is no longer a contrarian claim; it is quickly becoming the industry’s standard pitch. A system that intervenes based on inferred intent must be accurate enough not to block legitimate work or train staff to ignore it. The capability claims, including sub-second on-device inference, come from the company itself without independent benchmarks yet.

And $100 million at the seed stage sets a punishing bar. Ent is entering a market defended by CrowdStrike and Microsoft, the very company whose security tool its founders built, at a moment when appetite for anything labeled AI security is feverish. The pedigree, the customers, and the In-Q-Tel stamp make the bet credible. Whether prevention can finally outrun the attack, rather than just promise to, is the question the money is meant to answer.