Ido Geffen spent twenty years breaking into systems for Israel's intelligence services. So did Gon Chalamish. So did Omer Ninburg. In May 2025, they decided to automate themselves. Not because the work was boring. Because the defenders were losing and nobody could hire enough humans to catch up.

The gap wasn't intelligence or budget. It was time. Software ships continuously. Attackers probe continuously. Penetration tests happen twice a year. That math creates a permanent vulnerability window. Novee built an AI to close it.

Eight months later, the company emerged from stealth with $51.5 million, dozens of enterprise customers, and a proprietary model that outperforms frontier LLMs on exploitation tasks by 55%. Investors don't move this fast for incremental improvements. They move this fast when the ground is shifting.

The asymmetry problem

You know how pen testing actually works. You hire specialists to attack your own systems. They show up, poke around for a few weeks, map the attack surface. Hunt for misconfigurations. Unpatched holes. Eventually they hand over a 200-page PDF that nobody reads past the executive summary. The security team picks the three fires that look biggest, files a Jira ticket for the rest. Six months later, everyone does it again.

The model made sense when software moved slowly. Companies deployed quarterly. Attack surfaces changed incrementally. A thorough test could reasonably capture the state of the system.

That world is gone. Modern enterprises push code daily. AI coding assistants accelerate the pace. Cloud infrastructure scales and shifts. The attack surface mutates faster than humans can map it.

Meanwhile, attackers upgraded. Nation-states and criminal groups now use AI to automate reconnaissance. They're probing for weaknesses at machine speed. Thousands of variations, tested in hours, that human testers would need months to try. A Stanford and OpenAI study from late 2025 put it bluntly: AI models could soon outperform human hackers on routine exploitation. Not "might." Could.

Here's what keeps CISOs awake: they no longer know the shape of their own perimeter. Their developers ship AI-generated code nobody fully reviewed. Cloud configs drift overnight. The attackers getting smarter is bad enough. The blindness is worse. And the old testing cadence can't cure it.

Human expertise doesn't scale. Elite pen testers are expensive and scarce. The best ones command six-figure day rates. Most companies can't afford continuous human testing, so they settle for episodic assessments that leave gaps.

Novee's thesis: AI can perform the reconnaissance and exploitation work that human testers do, but continuously and at scale. Machine-speed defense against machine-speed offense.

The model that thinks like an attacker

The technical challenge isn't obvious. General-purpose AI models can write code and answer questions, but they struggle with adversarial reasoning. Security testing requires something different. You need to chain observations into attack paths. Spot the moment when a small misconfiguration becomes a catastrophic vulnerability.

A scanner is a security guard checking ID cards against a list. Novee's AI is the burglar who notices the door is locked but the loading dock gate has a broken latch.

Novee built a specialized 4-billion-parameter model trained on offensive tradecraft. The company claims 90% accuracy on web exploitation benchmarks where frontier models like Gemini 2.5 Pro and Claude 4 Sonnet plateau around 65%. In constrained exploit challenges, Novee's model outperforms those systems by more than 55%. Translated into English: the AI finds the vulnerability that would have let an attacker drain the database. General-purpose models miss it.

The numbers matter because accuracy determines utility. A system that generates 90% false positives wastes more time than it saves. Security teams already drown in alerts from scanners that cry wolf. They need findings they can trust.

Novee's platform operates in three modes. Black-box testing starts with nothing, simulating an external attacker with no credentials and no documentation. Gray-box adds limited access. White-box provides full visibility. Once inside, the AI maps attack surfaces, hunts for vulnerabilities, then chains them into full attack paths. Every finding comes with a proof-of-concept exploit. Reproducible. Verifiable.

The remediation piece differentiates Novee from scanners. The platform doesn't just flag problems. It explains how to fix them, generating step-by-step instructions tailored to the specific architecture and tech stack. After engineers patch, the system retests to verify the fix worked.

"We don't just identify problems, we help solve them," Geffen told Calcalist. "That combination is difficult to replicate."

The credentials behind the code

The founders' backgrounds explain why investors moved fast. All three spent formative years in Israel's cybersecurity apparatus. The pipeline that produces a disproportionate share of the industry's talent.

Geffen ran strategic cyber operations within the Israeli Security Agency, the domestic intelligence service. He later held senior roles at CyberMDX, Orca Security, and Oasis Security. Chalamish led the national Red Team, simulating attacks against Israel's critical infrastructure. Ninburg led a cyber and AI team within a special unit of the Prime Minister's Office.

The team claims more than 20 years of combined experience in offensive operations. They've run the kinds of attacks that Novee's AI now automates.

"They understand how real attackers think because they have done this work themselves, at scale and under real-world constraints," said Yoav Leitersdorf, Managing Partner at YL Ventures.

The pedigree matters for a specific reason. Penetration testing is an exercise in trust. Companies give testers access to their most sensitive systems. They need confidence that the tool won't miss critical vulnerabilities or create new ones. Novee's team can point to a track record of operating at the highest classification levels.

The competitive pressure

Novee enters a crowded field with entrenched players. Some of them are paying attention.

Pentera got there first. Founded in 2015, the company built the category for automated security validation. Thousands of organizations use it. Pentera proved that enterprises will pay for automated offensive testing. But Pentera's automation follows predetermined playbooks. It validates known vulnerabilities rather than discovering novel ones. Good at checking whether patches were applied. Less good at finding the zero-day hiding in custom code. Pentera's leadership isn't panicking about Novee yet. But they're watching.

Then there's the bug bounty crowd. HackerOne, Bugcrowd. They pay freelance hackers to find vulnerabilities, sometimes thousands of hunters on a single program. Scales well. Consistency suffers.

Tenzai raised $75 million in 2025 chasing similar territory to Novee. Geffen acknowledges the competition but argues that Novee's model achieves higher accuracy on exploitation tasks.

Larger players loom. Palo Alto Networks, CrowdStrike, and other security giants offer offensive capabilities within their platforms. If Novee proves the market, incumbents will respond. They have the distribution, the sales teams, and the existing customer relationships. The question is whether they can build the AI before Novee builds the customer base.

Geffen frames the ambition in terms of market creation, not capture. He wants to build a full penetration-testing solution across the entire organization. The implicit comparison: Wiz redefined cloud security and hit a $12 billion valuation in three years. Novee wants to do the same for offensive testing.

The money and the moment

YL Ventures and Canaan Partners led the seed round in May. The Series A came just four months later, $33 million. Then $10 million in venture debt by December. Add it up and you get $51.5 million before the company's first birthday.

That velocity tells a story. Israel's cybersecurity sector raised $4.4 billion last year, more than ever before. Investors aren't just excited. They're nervous. The same anxiety that keeps CISOs awake keeps VCs writing checks. AI-powered attacks are accelerating. The old defenses can't keep up. The funding isn't confidence. It's fear, deployed as capital.

"What convinced us wasn't just the vision; it was the urgency of the moment and the speed of real-world adoption," said Joydeep Bhattacharyya, General Partner at Canaan Partners. "As cybersecurity enters an AI-driven arms race, enterprises need continuous penetration testing, and Novee is delivering exactly that."

Customers include K Health, HiBob, JetBrains, Telit, Reco, and Cresta. A mix of healthcare, HR tech, developer tools, and IoT. Several signed within months of the company's founding.

"Novee found vulnerabilities immediately that our pen tests took weeks to miss," said John Barrow, a CISO quoted in company materials.

The trust problem

Security tools require trust. Companies hand penetration testers the keys to their systems. A compromised or incompetent tool creates catastrophic risk.

Human testers earn trust through reputation and contracts. They carry insurance. They sign NDAs. Their incentives align with the customer's.

AI systems operate differently. They don't have reputations. They can't be sued. If Novee's model makes a mistake, missing a critical vulnerability or triggering an outage, the consequences fall on the customer.

The company addresses this through transparency and validation. Findings come with proof-of-concept exploits that security teams can verify. The platform explains its reasoning. Customers can review attack paths before remediation.

But the fundamental question remains: how much do you trust an AI that learned to break into systems?

The answer will determine adoption. Early renewals will test whether customers found real value or bought a demo. Competitive response from Pentera and CrowdStrike will test defensibility. And the broader AI threat landscape will determine whether continuous testing becomes essential or merely fashionable.

The founders spent their careers learning how systems break. They've built a company that does the same thing, faster, and never sleeps.

FAQ Section

❓ Frequently Asked Questions

Q: How does Novee's AI compare to human penetration testers?

A: Novee claims its 4B-parameter model achieves 90% accuracy on web exploitation benchmarks, outperforming general AI models by 55%. The platform runs continuously rather than episodically, but it complements rather than replaces human judgment on complex attack scenarios.

Q: How much funding has Novee raised?

A: $51.5 million across three rounds in eight months: $8.5M seed (May 2025), $33M Series A (September 2025), and $10M venture debt (December 2025). YL Ventures, Canaan Partners, and Zeev Ventures led the rounds.

Q: Who are Novee's competitors?

A: Pentera leads automated security validation. Cobalt and HackerOne offer crowdsourced testing. Tenzai raised $75M for AI pen testing. Larger players like CrowdStrike and Palo Alto Networks have offensive security offerings. Novee differentiates on AI accuracy for finding novel vulnerabilities.

Q: What companies use Novee?

A: Customers include K Health (healthcare), HiBob (HR tech), JetBrains (developer tools), Telit (IoT), Reco (security), and Cresta (AI). Several signed within months of the company's founding in May 2025.

Q: What makes Novee's founders notable?

A: CEO Ido Geffen ran cyber operations for Israel's Security Agency. CPO Gon Chalamish led the national Red Team. CTO Omer Ninburg led AI/cyber work in the Prime Minister's Office. All three are Unit 8200 and Talpiot alumni with 20+ years in offensive operations.

Funding

San Francisco

Editor-in-Chief and founder of Implicator.ai. Former ARD correspondent and senior broadcast journalist with 10+ years covering tech. Writes daily briefings on policy and market developments. Based in San Francisco. E-mail: [email protected]