The team that built Microsoft’s Security Copilot just raised $100M to stop attacks before they happen

For most of the past decade, the security industry quietly gave up on prevention. Breaches were treated as inevitable, and the money went into detecting and cleaning up the mess afterwards. A new startup from two veterans of that industry says AI has made stopping the attack in the first place possible again, and investors have handed it $100m to prove it.

Ent, founded by Elias ‘Lou’ Manousos and Brandon Dixon, came out of stealth on 16 June with a $100m seed round led by Decibel. Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel, the CIA’s venture arm, also took part, in what SiliconANGLE called one of the largest seed rounds in cybersecurity history.

The founders know the territory. The pair built RiskIQ, sold it to Microsoft in 2021 in a deal SiliconANGLE puts at more than $500m, and then helped create Microsoft Security Copilot. Their new company is, in effect, a bet against the model the rest of the industry, Microsoft included, currently runs on.

Why prevention is possible again, according to Ent

The industry’s pivot to detection had a practical cause. To stop something before it happens, you have to understand it in real time, at the moment of decision, and the heavy processing lived in the cloud. The round trip from the device and back was too slow, so tools like endpoint detection and response (EDR) settled for spotting trouble after the fact.

Ent’s pitch is that small AI models can now run locally on the endpoint, doing the reasoning at the edge without that round trip. The company says a decision can be made in under a second, before an action completes, which is the difference between blocking an incident and writing it up.

“We have entered a new era defined by AI-powered attacks, one that demands a return to prevention and resilience,” said Greg Clark, co-founder and managing partner at Crosspoint Capital Partners. “The level of inference required to stop threats before they materialise must now live directly on the endpoint.”

Watching the workspace, not the network

Ent’s other argument is about where to look. Modern work, it says, does not happen at the layers EDR and SIEM tools monitor. It is spread across the apps, browsers, chat tools, and AI assistants a person moves through in a day, alongside the AI agents now acting on their behalf.

That is where the company wants to sit: a “workspace security” control plane on the endpoint that builds what it calls a complete record of work, infers the intent behind an action, and intervenes at the moment of decision. The examples it gives are telling, such as a user handing remote control of their machine to someone outside the company, or pasting sensitive data into an unsanctioned AI tool.

The timing is not subtle. As Manousos put it, “offence is going to be all AI,” and the attack surface he is describing is the same one that keeps producing fresh incidents, from AI agents tricked into leaking cloud keys to chatbots talked into resetting passwords. It is also the gap a wave of startups is racing to fill, including NewCore, which raised $66m to give AI agents a corporate identity.

A big cheque, and a crowded bet

Ent says it is already deployed with Global 2000 customers across hospitality, financial services, and defence, using the platform to flag insider risk, govern AI use, and stop data loss. One customer, an insider-threat lead at a public financial institution quoted anonymously in the announcement, said it was “the first tool where I felt like an expert on day one.” That production traction, rather than a demo, is what a seed round this size is paying for.

The caveats are worth keeping in view. “Prevention is back” is no longer a contrarian line; it is fast becoming the whole industry’s pitch, and a system that intervenes on inferred intent has to be right often enough not to block legitimate work and train staff to ignore it. The capability claims, including sub-second on-device inference, are the company’s own, without independent benchmarks yet.

And $100m at the seed stage sets a punishing bar. Ent is wading into a market defended by CrowdStrike and Microsoft, the very company whose security tool its founders built, at a moment when the appetite for anything labelled AI security is feverish. The pedigree, the customers, and the In-Q-Tel stamp make the bet credible. Whether prevention can finally outrun the attack, rather than just promise to, is the thing the money is meant to settle.