Nebulock has raised $25 million in Series A financing to accelerate development of its AI-native cybersecurity platform, as enterprises seek new tools to detect increasingly sophisticated threats driven by artificial intelligence and credential-based attacks.
The financing was led by FirstMark, with participation from existing investors Bain Capital Ventures, Decibel, Zetta Venture Partners and Step Function. The funding comes less than a year after Nebulock emerged from stealth and will support product development, expansion of its engineering organization and growth of its go-to-market team.
The company is positioning its platform around proactive threat hunting rather than traditional alert-driven security operations. By correlating telemetry across endpoint, identity, cloud, network and software-as-a-service environments, Nebulock aims to help security teams identify subtle behavioral patterns that may indicate compromised accounts or malicious activity before conventional security tools generate alerts.
The investment reflects growing demand for security technologies capable of addressing a rapidly evolving threat landscape in which attackers increasingly use artificial intelligence, legitimate credentials and automated techniques to evade detection. As AI-powered attacks become more difficult to distinguish from routine user activity, enterprises are placing greater emphasis on behavioral analytics and contextual security.
Since launching publicly, Nebulock said it has secured customers ranging from Fortune 500 enterprises to organizations in highly regulated industries, including financial services and healthcare, as well as technology companies such as Cribl, HealthEdge and Bain Capital. According to the company, its platform has completed more than 300 million autonomous investigations and generated more than 4,000 high-confidence findings designed to prevent security incidents.
Among the threats identified by the platform were a long-running compromise involving a remote attacker at a digital retailer, unauthorized copying of 748 source code files to a USB device at a Fortune 1000 retailer, exposed credentials within command-line arguments at a healthcare technology company and a malicious browser extension discovered inside a Fortune 500 food and beverage company.
Nebulock also said it has observed increasing security risks associated with the rapid adoption of AI applications in the workplace. Earlier this year, after the OpenClaw AI tool gained widespread attention, the company detected more than 50,000 related events across approximately 40% of its customer base within a week as employees experimented with the software outside approved corporate controls. Nebulock responded by deploying new detection capabilities designed to help customers identify and mitigate the emerging category of agentic AI-related threats.
“Security teams need to understand not just what looks suspicious, but what looks ordinary for the wrong reasons,” said Myke Lyons, chief information security officer at Cribl. “When threat intel hits our feeds, the window between awareness and evidence used to be the hardest part to manage. Now that the hunt is run, we have a clear read on exposure and can remediate before our other tools send us an alert.”
Founded by former security and product leaders from CrowdStrike, Palo Alto Networks and Arctic Wolf, Nebulock initially focused on autonomous threat hunting across endpoint, cloud and identity environments. Since its seed financing, the company has expanded its platform to include behavioral analytics and proactive detection engineering that helps organizations identify malicious activity hidden within otherwise legitimate user behavior.
“AI is changing both sides of the security equation,” said Damien Lewke, founder and chief executive officer of Nebulock. “The attacker has become more agentic faster than defenders have become proactive. Breaches used to take months; now they take tokens. Nebulock was built to help security teams move beyond reactive-by-default workflows and toward context-rich, always-on protection.”
FirstMark Partner David Waltcher said the cybersecurity industry is entering a new phase in which organizations require security platforms built around continuous behavioral analysis rather than static alerts and signatures. He said Nebulock’s combination of contextual analytics, autonomous investigations and experienced security leadership positions the company to redefine how enterprises approach threat hunting and security operations.
The Series A funding will be used to expand Nebulock’s contextual security platform, strengthen its cross-telemetry behavioral graph and accelerate product development as enterprise customers continue adopting AI-powered security operations. Headquartered in the United States, the company is building a platform designed to help organizations proactively identify, investigate and respond to threats across increasingly complex IT environments before they develop into material security incidents.
Click Here For The Original Source.
