Runtime security startup Oligo Security Ltd. today unveiled Runtime Exploit Blocking, a new capability that stops exploit attempts at the application layer in real time without killing containers or processes or disrupting running applications.

The new release is seeking to address a fundamental gap in how organizations approach application security. It comes at a time when attackers rely on repeatable exploit techniques to infiltrate organizations. A recent Mandiant report said exploitation has remained the leading initial access vector for six consecutive years, and more recently, Anthropic PBC’s launch of Project Glasswing shows how AI-enabled attackers can find and exploit zero days with greater speed and precision than ever.

The company argues that most security programs rely on Common Vulnerabilities and Exposures prioritization and vulnerability backlogs rather than stopping attacks as they happen. Oligo’s new offering instead defends against classes of attack techniques rather than individual CVEs, meaning a single protection rule can cover entire categories of vulnerabilities, including zero days.

“Modern attacks are built on repeatable techniques that execute at runtime, which means the only way to stop them effectively is by observing code execution at runtime,” said co-founder and Chief Executive Nadav Czerninski. “With this capability, we’re enabling customers to stop advanced exploits with first-of-its-kind precision and without disrupting uptime.”

Runtime Exploit Blocking works by correlating application-layer function calls with system-level activity. Individual actions may appear normal, but specific sequences reveal an active exploit attempt. Once identified, Oligo blocks the underlying system call while allowing the rest of the application to continue running normally.

The new offering delivers four core functions. One set is runtime execution visibility through call stacks, function calls and data flows. Meanwhile, there’s runtime exploit detection by correlating application and system-level activity, as well as nondisruptive blocking that stops the attack while the application keeps running. Finally it delivers technique-based protection that covers vulnerability classes rather than individual CVEs.

The company says that approach closes the gap between theoretical exposure and real-world exploitation by making the application runtime the focal point for stopping modern attacks.

Oligo has raised approximately $80 million in funding, including rounds of $28 million in February 2023 and $50 million in January 2025. Investors in the company include Greenfield Partners Ltd., Red Dot Capital Partners LP, Strait Capital, Ballistic Ventures, Lightspeed Management Co., TLV Partners, Cyber Club London, Kmehin Ventures Ltd. and OperAngels.

Image: SiliconANGLE/Ideogram