Above Security Secures $50M Funding to Revolutionize Insider Threat Management with AI-Driven Solutions
Above Security, an innovative AI-native platform focused on managing insider threats, has emerged from stealth mode with the announcement of $50 million in funding. This investment round was led by Ballistic Ventures, Merlin Ventures, and Norwest, with additional participation from Jump Capital and QPV Ventures.
Phil Venables, Partner at Ballistic Ventures, expressed enthusiasm about the investment, stating that the firm seeks to partner with companies that redefine industry categories rather than merely improve them. He highlighted the potential of Above Security under the leadership of CEO Aviv Nahum, emphasizing their commitment to advancing insider risk management.
Rapid Deployment and Revenue Generation
Founded by Aviv Nahum, a former member of Unit 81, and Amir Boldo, a veteran of Unit 49, Above Security has demonstrated significant revenue generation within just six months of operation. The platform allows enterprises to deploy its solutions rapidly, often without the need for creating policies, rules, or configurations. This capability positions Above Security as a game-changer in the cybersecurity landscape.
Despite decades of investment in Data Loss Prevention (DLP), User and Entity Behavior Analytics (UEBA), and behavioral analytics, organizations continue to struggle with effectively detecting and mitigating insider threats. The challenge is compounded as AI agents increasingly gain access to enterprise systems, acting autonomously on behalf of employees. This evolution expands the definition of who constitutes an insider, creating a pressing need for more sophisticated security measures.
Advanced AI Investigative Techniques
Above Security’s platform employs a fleet of specialized AI investigators that continuously analyze user behavior across various environments, including identity, endpoint, Software as a Service (SaaS), and AI systems. Unlike traditional DLP and UEBA tools that flag anomalies or enforce static data movement rules, Above’s Arbiter engine assesses intent by correlating behavioral signals similarly to a human investigator. This approach significantly reduces false positives, minimizes manual investigation time, and provides a clear evidentiary timeline for security, legal, and HR teams.
Matt Wilmot, Chief Information Security Officer at Merlin Entertainments, noted that most insider incidents stem from negligence rather than malicious intent. He praised Above’s coaching-first approach, which not only detects threats but also delivers comprehensive behavioral timelines, enabling organizations to surface critical incidents quickly.
Addressing Non-Malicious Insider Risks
According to IBM, 45% of security breaches are attributed to non-malicious human and system errors. This statistic underscores that the majority of insider risks are not intentional but arise from employees attempting to work more efficiently, inadvertently creating inappropriate access or exposing sensitive data. Above Security’s platform addresses both negligent and deliberate actions, making it relevant for security, HR, and legal teams alike.
Aviv Nahum emphasized that traditional insider risk management relies heavily on human investigation, a model that does not scale effectively. He pointed out that AI agents are becoming insiders in all but name, possessing access and acting at machine speed while remaining largely invisible to existing risk management programs.
The Evolving Landscape of Insider Threats
As AI systems take on more autonomous roles within organizations, their access levels continue to grow. Above Security argues that these systems effectively become de facto insiders without adequate oversight from current security frameworks. The platform’s investigative model is designed to apply equally to both human and machine actors, a critical feature that the founders believe is essential in the agentic era.
Amir Boldo remarked on the rapid adoption of AI over the past five years, which has introduced new risks that necessitate dedicated solutions. He asserted that organizations cannot secure their environments effectively if their definition of an “insider” is limited to human employees.
Shay Michel, Managing Partner at Merlin Ventures, highlighted the transformative potential of Above Security’s solutions. He noted that while humans will not disappear in an AI-driven future, they will need to adapt and manage automation effectively. The risks associated with human error or insider threats can escalate quickly, making it imperative to build protective layers that empower individuals and mitigate risks before they escalate into incidents.
Acknowledging the Insider Threat Challenge
Insider threats represent a significant and often under-addressed challenge in cybersecurity, accounting for nearly 30% of all security incidents. Dror Nahumi, General Partner at Norwest, commended the innovative approach taken by Above Security to transform how organizations detect and prevent these threats through real-time behavioral analysis and user education.
As one of the top five companies selected for the 2026 CrowdStrike, AWS, and NVIDIA Cybersecurity Startup Accelerator, Above Security has established integrations with major players like CrowdStrike across identity, endpoint, and SaaS environments. The platform specifically targets organizations with 1,000 or more employees, particularly those operating in SaaS-forward environments.
Source: securitymea.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
