Israeli agentic artificial intelligence security startup Capsule Security Ltd. today launched with $7 million in new funding to expand go-to-market efforts and accelerate product development across its runtime platform.

The company was founded in 2025 by Naor Paz, formerly of F5 Inc. and the Israeli military’s Unit 8200, and Lidan Hazout, formerly vice president of research and development at SecuredTouch Ltd. and Transmit Security Ltd. It monitors AI agent actions in real time and enforces guardrails on behavior before those actions complete.

The company targets what it describes as the runtime gap: the window between when an AI agent receives a prompt and when it executes an action, during which it can be manipulated, misbehave or silently exfiltrate data.

“AI agents are quickly becoming a new class of privileged user in the enterprise, except they can act at machine speed and they do not behave like deterministic software,” said co-founder and Chief Executive Naor Paz. “That creates a dangerous gap between what security teams can govern today and what agents can do in production.”

Capsule’s platform requires no proxies, gateways or software development kits and supports Cursor, Claude Code, Microsoft Copilot Studio, ServiceNow Inc. and Salesforce Agentforce.

Before formally launching, Capsule was also named one of six finalists in the CrowdStrike Holdings Inc., Amazon Web Services Inc. and Nvidia Corp. Startup Accelerator at the recent RSAC security conference. It beat out nearly 1,000 startups to pitch Capsule’s AI-native innovation to celebrity investor and Shark Tank Executive Producer Robert Herjavec.

The seed funding round was led by Lama Partners, with Forgepoint Capital International Management Ltd. also participating.

“Security leaders understand that legacy tools were never designed to interpret intent, context and real-time behavior, which are essential for securing dynamic agentic environments,” said Ron Zalkind, founding general partner at Lama Partners and board member at Capsule Security.

The company launches with an advisory board that includes Chris Krebs, the first director of the Cybersecurity and Infrastructure Security Agency, Omer Grossman, former global chief information officer at CyberArk Software Ltd., and Jim Routh, former chief information security officer across multiple Fortune 500 enterprises.

Alongside the launch, Capsule today also disclosed two zero-day or previously unknown vulnerabilities it discovered in major agent platforms.

The first vulnerability, dubbed “ShareLeak,” is a critical-severity indirect prompt injection vulnerability in Microsoft Copilot Studio, which has been patched and assigned CVE-2026-21520. The second, “PipeLeak,” is a prompt injection vulnerability in Salesforce Agentforce that can be triggered through untrusted lead-form inputs to influence agent behavior and drive unsafe downstream actions.

In an email to SiliconANGLE, Salesforce advised that it was aware of the prompt injection vulnerability identified by Capsule Security and that it had addressed the issue.

Image: Capsule Security