Cyata raises $8.5M to secure rogue AI agents threatening enterprise systems
Cyata secures seed funding to address the growing risk of autonomous AI agents causing chaos in corporate environments by rewriting code, leaking data, and moving funds undetected.
Tel Aviv-based cybersecurity startup Cyata has emerged from stealth with $8.5 million in seed funding to address the escalating risks posed by autonomous AI agents in enterprise environments. The round was led by TLV Partners, with backing from former Cellebrite CEOs Ron Serber and Yossi Carmil.
The Rising Threat of Unsupervised AI Agents
- Autonomous agents are increasingly operating without oversight, executing code, querying sensitive databases, and initiating transactions—often outside traditional identity frameworks.
- Cyata CEO Shahar Tal describes these agents as a "self-scaling, sleepless workforce" capable of causing havoc by:
- Rewriting application code
- Sharing confidential data
- Moving money between accounts
- Leaving no audit trails
Cyata’s Solution: A Control Plane for Agentic Identities
The startup’s platform offers:
- Automated discovery of AI agents across cloud/SaaS environments
- Permission mapping to human owners
- Real-time risk assessment and forensic tracking
- Justification requirements for agent actions
- Lockdown protocols for unauthorized agents
Tal emphasizes that Cyata focuses on the agents themselves rather than the underlying LLMs: "Agents, not models, are the ones making the decisions and triggering risk."
Industry Warnings Amplify Urgency
A Transmit Security white paper reveals alarming trends:
- Over 60% of retail web traffic is already bot-generated
- Expected to surpass 90% as consumer AI agents proliferate
- Fraud teams may face 2-3x more workload to maintain protections
"Behavioral biometrics fail when there are no human signals," notes the report, highlighting how traditional fraud detection is becoming obsolete.
Emerging Vulnerabilities: IdentityMesh and CAPTCHA Failures
Security researchers identified critical weaknesses:
- IdentityMesh: Exploits how agents merge identities across systems using Model Context Protocol
- Creates security boundary collapses
- Enables cross-system attacks
Related News
CometJacking Attack Hijacks Perplexity AI Browser to Steal User Data
A malicious URL exploit turns Perplexity's Comet AI browser into a data thief, exfiltrating emails, calendar, and memory via encoded payloads.
Zero Trust Auditing Essential for AI Era Cybersecurity
Exploring how Zero Trust Auditing is redefining enterprise assurance in the AI era by continuously verifying trust across devices, networks, and AI systems.
About the Author
Alex Thompson
AI Technology Editor
Senior technology editor specializing in AI and machine learning content creation for 8 years. Former technical editor at AI Magazine, now provides technical documentation and content strategy services for multiple AI companies. Excels at transforming complex AI technical concepts into accessible content.