The silent corridors of the digital world are now home to a relentless arms race, where attackers deploy artificial intelligence to dismantle defenses with unprecedented speed and scale. This seismic shift in cyber warfare has exposed a critical vulnerability in enterprise security: the outdated reliance on human-scale defenses against machine-scale threats. For companies still depending on periodic penetration tests and conventional automated scanning, the gap between detecting a threat and mitigating it has widened into a chasm of risk, creating an urgent market need for a new, more dynamic defensive paradigm.
The New Frontier of Cyber Warfare: An AI Arms Race
In this new frontier, adversaries are no longer just lone actors but sophisticated operators leveraging AI to automate every stage of an attack, from reconnaissance to exploitation. They can probe millions of assets simultaneously, discover zero-day vulnerabilities in minutes, and weaponize them almost instantly. This automation has fundamentally changed the economics and speed of cybercrime, overwhelming security teams who are still operating on manual timelines.
The traditional security playbook is proving woefully inadequate. Annual or quarterly penetration tests create a false sense of security, offering only a snapshot in time while production environments change by the second. Likewise, standard automated scanners, while useful for catching low-hanging fruit, lack the contextual understanding and creativity to uncover the complex, multi-step vulnerabilities that a skilled human attacker—or a sophisticated AI—can find. This disparity has left countless organizations exposed, defending against tomorrow’s AI-driven attacks with yesterday’s tools.
From Stealth to Spotlight: The Genesis of Novee
Answering this call is Novee, a Tel Aviv-based cybersecurity company that has just emerged from stealth mode with a bold vision and formidable backing. The company is not another incremental improvement on existing technology but a ground-up reimagining of offensive security designed for the AI era. It represents a direct response to the escalating threat landscape, built by a team that understands the attacker’s mindset because they have lived it.
At the helm are co-founders Ido Geffen (CEO), Gon Chalamish (CPO), and Omer Ninburg (CTO). Their credibility is forged not in corporate boardrooms but in the crucible of Israel’s most elite military cyber units. As veterans of nation-state–level offensive security operations, they bring an unparalleled depth of experience in how real-world attackers think, strategize, and execute. This intimate knowledge of offensive tradecraft is the foundational DNA of Novee, differentiating it from purely defensive-minded solutions.
The AI Hacker: Novee’s Automated Penetration Testing Platform
Novee’s flagship product is a continuous and automated penetration testing platform powered by a proprietary AI dubbed the “AI Hacker.” The platform’s core mission is to transform the esoteric, manual art of elite hacking into a scalable, repeatable, and autonomous capability that works around the clock. By deploying this AI Hacker within a company’s production environment, Novee allows security teams to proactively discover and validate critical weaknesses before malicious actors can exploit them.
This approach marks a significant departure from passive scanning. Instead of merely cataloging potential issues, Novee’s platform actively engages with an organization’s systems, continuously probing for exploitable pathways and providing high-fidelity, actionable intelligence. It gives defenders the ultimate advantage: the ability to see their own environment through the eyes of their most sophisticated adversaries.
Simulating Real-World Attackers
The true innovation of the AI Hacker lies in its ability to emulate the cognitive processes of a human adversary. It was not trained to simply match patterns; it was designed to reason, strategize, and adapt. The AI formulates hypotheses about potential weaknesses, chains together seemingly minor vulnerabilities to create significant exploits, and pivots its tactics based on the responses it receives from the target system. This dynamic, context-aware approach allows it to simulate the creative and unpredictable nature of a real-world attack campaign.
By thinking like an attacker, the platform moves beyond the limitations of predefined scripts and checklists. It explores uncharted territory within an application’s logic and infrastructure, seeking out the subtle misconfigurations and design flaws that a human expert would hunt for. This simulation provides a far more realistic assessment of an organization’s security posture than any conventional tool can offer.
Uncovering Complex Vulnerabilities
The practical result of this sophisticated simulation is the discovery of vulnerabilities that typically fly under the radar of standard security tools. Novee’s platform excels at identifying novel and intricate flaws, such as complex business logic errors that allow for unauthorized actions or server-side request forgery (SSRF) vulnerabilities that can be used to pivot deep inside a network. These are the types of high-impact findings that often require days or weeks of work by a senior penetration tester to uncover.
For customers, this means moving beyond the noise of low-priority alerts that plague many security teams. Novee delivers proven, exploitable findings that represent genuine risk to the business. Robert Kugler, Head of Security, IT and Compliance at Cresta, confirmed this value, stating that the platform successfully identified complex vulnerabilities that their traditional DAST tools had completely missed, filling a critical gap in their defensive strategy.
Closing the Security Loop
Identifying a vulnerability is only half the battle. Novee’s platform provides a comprehensive, end-to-end workflow that guides security teams from discovery to remediation. Once the AI Hacker identifies a potential flaw, it proceeds to validate the initial exploit, providing concrete proof of its impact. This eliminates false positives and enables developers to prioritize fixes based on verified risk.
Furthermore, the platform automates the final, crucial step: retesting. After a patch is deployed, the AI Hacker automatically reruns its attack sequence to confirm that the vulnerability has been successfully and permanently closed. This continuous feedback loop ensures that security gaps are not just identified but truly resolved, hardening the organization’s defenses over time.
A Purpose-Built AI for Offensive Security
In a market increasingly flooded with “AI-powered” solutions, Novee distinguishes itself with a proprietary, purpose-trained AI model built specifically for the complex domain of offensive security. The company consciously avoided relying on generic Large Language Models (LLMs), recognizing that the adversarial and environment-driven nature of penetration testing requires a specialized intelligence. Novee’s model was trained on a massive, curated dataset of real-world exploitation techniques and attacker methodologies.
The performance data validates this focused approach. In constrained web exploitation challenges, Novee’s model achieved an accuracy of up to 90%, outperforming frontier LLMs like Gemini 2.5 Pro by more than 55%. As Dr. Tal Shapira, CTO at Reco AI, noted, purpose-trained models will consistently outperform general-purpose ones in this domain because their success is measured by live exploit execution, not just theoretical analysis.
Securing a $51.5M Vote of Confidence
The strength of Novee’s technology and the expertise of its founding team have attracted significant attention from the investment community. The company has secured a total of $51.5 million in a funding round led by prominent venture capital firms YL Ventures, Canaan Partners, and Zeev Ventures. This substantial financial backing, raised with remarkable speed, serves as a powerful vote of confidence in Novee’s vision and its potential to define a new category in cybersecurity.
Investor validation underscores the market’s urgency for a solution like Novee. Joydeep Bhattacharyya, General Partner at Canaan Partners, highlighted the company’s rapid customer adoption across finance, healthcare, and technology as a key driver for the investment. He framed Novee as an essential tool for enterprises navigating the AI-driven threat landscape, positioning the company to become a leader in the continuous penetration testing space.
Reflection and Broader Impacts
The launch of Novee is more than just the debut of a new product; it signals a critical inflection point for the cybersecurity industry. The company’s approach addresses the core asymmetry of modern cyber warfare, where automated attackers have long held the advantage over human-led defense teams.
Reflection
Novee’s primary strengths lie in the powerful synergy of its specialized AI, the founders’ deep offensive expertise, and its robust investor backing. This combination gives it a formidable head start in a burgeoning market. However, the company will face the challenge of navigating a rapidly evolving technological landscape where both attackers and defenders are constantly innovating. Maintaining its performance edge and educating a market accustomed to traditional security cycles will be crucial for its long-term success.
The company’s focus on delivering high-signal, proven-exploitable findings is a significant advantage. By cutting through the noise of false positives, Novee enables security teams to focus their limited resources on mitigating the most critical risks. This practical, results-oriented approach is likely to resonate strongly with security leaders facing alert fatigue and pressure to demonstrate tangible improvements in their organization’s security posture.
Broader Impact
On a broader scale, Novee’s technology represents a fundamental shift in security philosophy—from a periodic, compliance-driven activity to a continuous, proactive, and autonomous function. By embedding an AI-powered adversary within an organization’s own environment, companies can move from a reactive posture of incident response to a proactive stance of continuous hardening and risk reduction. This is a necessary evolution for survival in an era of AI-driven threats.
This move toward autonomous offensive security democratizes access to elite security talent. Not every organization can afford to hire teams of world-class penetration testers, but with a platform like Novee, they can leverage the codified knowledge and tradecraft of the best in the business. This levels the playing field, allowing a wider range of enterprises to mount a more sophisticated defense against advanced adversaries.
The Future of Automated Threat Hunting
Novee’s emergence from stealth did more than just introduce a new company; it crystallized the industry’s response to an undeniable reality. As artificial intelligence became the weapon of choice for attackers, the need for an equally sophisticated, AI-driven defense became paramount. Novee’s platform provided a direct and compelling answer, promising to restore balance to the cybersecurity ecosystem.
The launch of its “AI Hacker” marked a pivotal moment when continuous, automated penetration testing transitioned from a theoretical concept to an essential component of modern enterprise security. The platform’s success demonstrated that the only effective way to defend against an autonomous attacker was with an autonomous defender, forever changing the way organizations approached the hunt for digital threats.
