Capsule Security's $7M Bet on the Runtime Layer for AI Agents

The Tel Aviv startup, founded by Israeli security veterans, is building a deterministic control plane for autonomous AI workflows.

By

About Capsule Security

Published

When an AI agent decides to exfiltrate a customer database or execute a risky API call, the security team needs to know before the action completes. This is the runtime problem Capsule Security is trying to solve, and a group of cybersecurity-focused investors just wrote a $7 million check to back the attempt [The SaaS News, April 2026]. The Tel Aviv-based startup, which exited stealth in April, is building a platform that monitors, detects, and blocks rogue AI agent behavior in real time, positioning itself as a deterministic security layer for an increasingly agentic enterprise [Business Wire, April 2026].

The runtime wedge

Capsule’s bet is that traditional security guardrails, built for human-driven workflows, are insufficient for autonomous AI agents. Its platform is designed to sit in-path, continuously monitoring agent reasoning, tool calls, and action execution [Capsule Security, 2026]. The goal is to detect anomalies like prompt injection or data exfiltration and intervene to block unsafe actions before they are finalized, all without requiring changes to the underlying agent code or architecture [Capsule Security, 2026]. This positions the product as a control plane for AI agents, whether they are third-party platforms like GitHub Copilot or custom-built workflows on major cloud AI services.

Founders with a security-first pedigree

The company’s credibility rests on its founding team, which brings deep enterprise security and research backgrounds from Israel’s tight-knit cybersecurity community. Co-founder and CEO Naor Paz was previously a senior product manager at F5, leading its Web Application Firewall product, and served in Israel’s elite Unit 8200 intelligence unit [Talking Serverless podcast, 2026]. Co-founder and CTO Lidan Hazout was VP of R&D at behavioral biometrics company SecuredTouch and at identity platform Transmit Security [Ynet News, 2026]. Their experience suggests a focus on building for the procurement and operational realities of large security teams, not just the developer experience.

Founder Role Key Prior Experience
Naor Paz Co-founder & CEO F5 (WAF product lead), Unit 8200, Israeli Prime Minister’s Office [Talking Serverless podcast, 2026]
Lidan Hazout Co-founder & CTO SecuredTouch (VP R&D), Transmit Security (VP R&D), Ping Identity [Ynet News, 2026] [ZoomInfo, 2026]

The pre-traction risk

Despite the compelling founder narrative and seed funding, Capsule is operating in a pre-revenue, pre-customer disclosure phase. No named enterprise deployments, customer logos, or significant partnerships have been announced alongside its funding. The competitive field is also taking shape, with early movers like Prompt Security and Zenity already establishing positions in the broader AI security and governance space. For a runtime security product, proving efficacy at scale in complex, multi-agent production environments is the ultimate test. The seed capital provides runway to build and sell, but the next milestone will be landing and publicly referencing those first few flagship customers.

Capsule’s ideal customer is a security leader at a company that has moved beyond piloting individual AI chatbots to deploying interconnected, autonomous agents that can perform actions. Think a financial services firm using agents for fraud analysis that can trigger account locks, or a healthcare provider using agents to summarize patient records and schedule follow-ups. For that buyer, the competitive set isn’t just other AI security startups. It includes:

  • Dedicated AI security platforms like Prompt Security, which focus on the broader secure AI development lifecycle.
  • Agent governance tools such as Zenity, which manage permissions and audit trails for low-code/no-code and AI automation.
  • Extended capabilities from existing vendors, where incumbent security or observability players eventually build or buy similar runtime controls into their suites. Capsule’s differentiation will hinge on proving its runtime intervention is more deterministic, performant, and seamlessly integrated than what these alternatives can offer.

Sources

  1. [The SaaS News, April 2026] Capsule Security Bags $7M Seed Round | https://www.thesaasnews.com/news/capsule-security-bags-7m-seed-round
  2. [Business Wire, April 2026] Capsule Security Exits Stealth With $7M to Stop AI Agents From Going Rogue at Runtime | https://www.businesswire.com/news/home/20260415670902/en/Capsule-Security-Exits-Stealth-With-$7M-to-Stop-AI-Agents-From-Going-Rogue-at-Runtime
  3. [Capsule Security, 2026] Capsule Security | AI Agent Runtime Security Platform | https://www.capsulesecurity.io/
  4. [Talking Serverless podcast, 2026] #60 - Naor Paz: Busting Myths and Misconceptions: IaC and Serverless Workflows | https://open.spotify.com/episode/2sCph2RFf5FERWpGsyWd2k?si=2d38b82a27b74f72
  5. [Ynet News, 2026] Capsule Security targets fast-growing AI agent security gap with real-time runtime control platform | https://www.ynetnews.com/tech-and-digital/article/hkhq11qp2wl
  6. [ZoomInfo, 2026] Lidan Hazout profile | https://data-lead.com/person/name/Lidan+Hazout/id/539574206/v/c4c2d

Read on Startuply.vc