Onit Security Raises $11M for Exposure Management

Onit Security, an agentic exposure management firm, has raised $11 million in seed funding. The round was led by Hetz Ventures and Brightmind Partners, with angel investor participation.

The company emerges from stealth to tackle the overwhelming backlog of vulnerabilities that plague organizations. This backlog, often exceeding 100,000 issues, allows critical exposures to remain unaddressed for months.

The impetus for Onit Security's founding stemmed from a real-world incident where a state-sponsored Iranian attack exploited a known vulnerability in co-founder Ofer Amitai's previous company. This vulnerability was lost within a massive backlog, highlighting the critical failure of existing prioritization systems.

Traditional vulnerability management is a losing battle. Attackers can exploit flaws almost instantly, while security teams average 32 days for remediation, with nearly half of vulnerabilities unresolved after a year. With the projected surge in Common Vulnerabilities and Exposures (CVEs) to over 1 million by 2030, this problem is set to intensify.

This delay is largely due to manual processes involved in identifying asset ownership, assessing business context, and coordinating fixes across disparate teams. These bottlenecks create blind spots that attackers readily exploit.

Onit Security’s agentic exposure management platform aims to bridge the gap between exposure discovery and remediation. Unlike tools that merely generate tickets, Onit utilizes AI agents to prioritize exposures based on actual business context, moving beyond generic CVSS scores. The platform automatically identifies asset ownership by leveraging fragmented institutional data and executes remediation workflows without manual handoffs. This allows for the automation of remediation, similar to advancements seen with vulnerability management automation and AI agents.

"Vulnerability management has been broken for 30 years," said Elad Ben Meir, CEO and Co-founder of Onit Security. "Security teams are weighed down by countless alerts, while attackers exploit the smallest window of inaction. Onit brings a potent mix of intelligence with speed, currently unmatched."

Gur Talpaz, General Partner at Brightmind Partners, noted, "Exposure management has been a fundamentally challenging problem for decades. Onit Security changes that equation. Its agentic architecture lets defenders respond at the speed of attackers, turning millions of unmanaged exposures into a problem that actually gets smaller over time." This approach to agentic exposure management platform development is crucial for modern cybersecurity.

The founding team comprises serial entrepreneurs with a history of successful exits, including SCADAfence (acquired by Honeywell), Portnox (sold to private equity), and For-Each (acquired by Autodesk). Onit Security is already working with Fortune 1000 clients, reportedly reducing mean time to remediation by up to 87%. The new funding will fuel product development and expand go-to-market efforts.