Above Security lands $50M for AI-driven insider risk

Above Security, an AI-native managed insider threat platform, has emerged from stealth with $50 million in funding led by Ballistic Ventures, Merlin Ventures, and Norwest. The company aims to tackle the escalating challenge of insider risk, a problem that traditional tools like DLP and UEBA have struggled to solve.

The funding comes as organizations grapple with the implications of AI agents operating autonomously within enterprise systems, significantly expanding the definition of an 'insider'. This new landscape, often referred to as the agentic era, demands novel security approaches.

AI Agents Complicate Insider Risk

Insider threat has historically been a persistent cybersecurity blind spot. With the rise of AI agents, the complexity is set to skyrocket. These AI entities, acting on behalf of employees, gain access to sensitive systems and data, creating new vectors for potential breaches.

Above Security's platform utilizes specialized AI investigators to continuously analyze behavior across identity, endpoint, SaaS, and AI environments. Unlike traditional anomaly detection, its 'Arbiter' engine correlates behavioral signals to determine intent, mirroring the process of a human investigator.

Reducing False Positives, Increasing Efficiency

This approach promises a drastic reduction in false positives and manual investigation efforts, delivering actionable timelines for security, legal, and HR teams. "Most insider incidents we see are negligence, not malicious activity, so Above's coaching-first approach fits perfectly," stated Matt Wilmot, CISO at Merlin Entertainments.

IBM data suggests 45% of breaches stem from non-malicious human or system errors, highlighting that negligence, not malice, is often the primary driver of insider risk. Above Security's platform addresses both negligent and deliberate insider actions, making it relevant across multiple departments.

Redefining the 'Insider' for the Agentic Era

"AI agents are becoming insiders in everything but name. They have access, they take action, and they operate at machine speed, yet they're largely invisible to existing insider risk programs," said Aviv Nahum, Co-Founder and CEO of Above Security. The company emphasizes that AI systems with growing autonomous roles are effectively de facto insiders requiring new oversight.

The platform's design accommodates both human and machine actors, a crucial design choice for the agentic era. "You can't secure tomorrow's organization if your definition of 'insider' stops at employees," added Amir Boldo, Co-Founder and CPTO.

Above Security, selected for the 2026 Cybersecurity Startup Accelerator, has already integrated with CrowdStrike and targets organizations with over 1,000 employees. The platform is available now, with demonstrations and sample reports offered via their website.

The company's focus on proactive threat detection and prevention is timely, as Insider Risk remains a critical and under-addressed cybersecurity challenge.