Platform identifies exploitable vulnerability paths and shuts them down before they’re used in an attack

TEL AVIV, Israel & NEW YORK: #AICyberAttacks--Dux, an agentic exposure management platform built for the speed of AI-driven cyberattacks, today emerged from stealth with a $9 million seed round led by Redpoint, TLV Partners and Maple Capital, with participation from leading cybersecurity executives from CrowdStrike, Okta and Armis.

Dux was created to eliminate exposures before they become attacks - by uncovering what's actually exploitable and finding the fastest path to safety. Already supporting major U.S. enterprises, the company was founded by Or Latovitz, Amit Nir and Nadav Geva, all graduates of the IDF’s elite Talpiot program who led large-scale offensive and defensive cybersecurity and AI initiatives for national agencies. Their work earned multiple national innovation awards and involved building operational systems deployed at a national scale.

This significant seed financing will support the expansion of Dux’s R&D team in Tel Aviv, grow its U.S. go-to-market organization, and accelerate development of the platform’s agentic capabilities across exploitability analysis, lightweight mitigation and continuous exposure management.

The Problem: Exploitation Now Moves Faster Than Remediation

Enterprises have long struggled with an increasing volume of assets, scanners and vulnerabilities - more than teams can realistically triage. AI has exacerbated this problem by dramatically increasing the speed at which vulnerabilities are exploited. Mandiant reports that, in just two years, the average time-to-exploit has collapsed from 32 days to just 5 days. Earlier this year, Anthropic documented the first real-world, AI-orchestrated cyber-espionage campaign where attackers used agentic AI not just for guidance but to execute attacks autonomously.

“These attacks don’t wait for patch cycles,” said Or Latovitz, co-founder and CEO of Dux. “Defenders need rapid insight into what’s actually exploitable and the means to reduce those exposures effectively, at the pace modern attacks demand.”

Dux’s Solution: An Agentic Approach Aligned to CTEM

Dux aligns with Gartner’s Continuous Threat Exposure Management (CTEM) framework, but applies it through agentic AI workers designed to reason like expert analysts at scale. Instead of generating more findings or another prioritization layer, Dux focuses on the essential question: What matters now, and what’s the fastest path to safety?

Dux’s AI-workers continuously analyze exploitability across the entire environment, determining whether existing controls already block a potential attack path, surfacing lightweight mitigations that can eliminate risk faster than a full patch and routing targeted remediation to identified owners only when necessary.

“Most scanner findings aren’t exploitable once you account for real context,” said Amit Nir, co-founder and CPO. “But discovering that manually takes expert judgment and deep knowledge of the environment. Agentic AI lets teams apply that level of reasoning across every vulnerability and asset, every time.”

The Shift: A New Operating Model for Vulnerability Management

“Attackers are moving faster than ever, and defenders need a platform built for that pace,” said Erica Brescia, managing director at Redpoint. “Dux puts vulnerabilities in the context of their actual threat to a business, and then uses AI agents exactly where speed and precision matter most to resolve them. At last, and with Dux, vulnerability management is something teams can finally get ahead of - overcoming what was an insurmountable hurdle during my time at GitHub.”

Dux represents a shift from periodic scans and manual triage to continuous, agentic investigation. The platform determines what’s viable for an attacker in a given environment and moves organizations toward the fastest safe fix, whether that’s a configuration change, a control update or a targeted patch. The result is a materially smaller attack surface and a far shorter path from vulnerability discovery to resolution.

“Every time a zero-day drops or a critical vulnerability hits the news, teams need answers fast. Our customers spin up AI-workers to investigate those vulnerabilities across their environment within minutes,” said Nadav Geva, co-founder and CTO. “That’s a level of rapid, environment-specific research that simply wasn’t possible before.”

“Most security tools show you what’s vulnerable. Dux shows you what attackers can actually use - and that’s a game changer,” said Rona Segev, co-founder and managing partner at TLV Partners. “Their AI agents bring a perspective that’s been missing from exposure management, and the Dux team has precisely the kind of experience you want steering a shift of this magnitude.”

About Dux

Dux is an agentic exposure management platform that rapidly uncovers what is truly exploitable in an environment and eliminates it fast. The platform uses AI-workers to perform continuous exploitability analysis, surface control-based mitigations and accelerate remediation across the entire environment. Founded by veterans of national-scale cyber and AI programs, Dux is backed by Redpoint, TLV Partners and Maple Capital and operates in the United States and Israel.

Learn more at https://dux.io/.

Fonte: Business Wire