Cyata

High-Level Overview

Cyata is an Israeli cybersecurity startup that builds a control plane for agentic identities, providing automated discovery, forensic observability, and granular access control for AI agents operating in enterprise environments.[1][2][4] Its platform scans desktop, SaaS, and cloud systems to identify AI copilots, chatbots, and autonomous agents, mapping their permissions to human owners, capturing their intent via real-time reasoning justification, and enforcing just-in-time permissions with human-in-the-loop approvals for sensitive actions.[1][3] Cyata serves security and identity teams at enterprises adopting AI agents for tasks like coding, data analysis, and financial operations, solving the critical gap where these agents access systems without traditional identity management, risking data leaks, code rewrites, or unauthorized actions.[2][3] Launched from stealth in July 2025 with $8.5M in seed funding led by TLV Partners, Cyata demonstrates strong early momentum backed by elite founders and investors like former Cellebrite CEOs.[1][2]

Origin Story

Cyata was founded in 2024 (emerging from stealth in 2025) by a team of cybersecurity veterans from Israel's Unit 8200, Cellebrite, and Check Point, driven by the realization that traditional identity tools fail against autonomous AI agents lacking governance.[1][2][5] CEO and co-founder Shahar Tal, a 20-year cybersecurity veteran, led malware and vulnerability research at Check Point and headed Cellebrite's research labs for eight years before business development.[1][2] VP R&D Dror Roth and CTO Baruch Weizman round out the core leadership, with 60% of the 12-person team being Cellebrite alumni skilled in reverse engineering vulnerabilities and digital forensics.[2][5] The idea emerged from a shared concern over AI agents' "silent revolution," replacing human labor without identity controls, starting as a vulnerability insight that evolved into a full platform.[4][5] Pivotal early traction includes $8.5M seed funding from TLV Partners and angels like ex-Cellebrite CEOs Ron Serber and Yossi Carmil, plus research disclosures on flaws like LangGrinch in LangChain and Cursor MCP vulnerabilities.[1][2][5]

Core Differentiators

Cyata stands out in AI security through its agent-focused controls, built by elite researchers for non-deterministic actors:

• Automated Discovery: Continuously scans environments to detect AI agents via behavioral patterns in API usage and tools, even those hiding behind tokens or ephemeral sessions, assessing risks and mapping to human owners.[1][3][4]
• Forensic Observability: Creates audit trails of agent activity, uniquely capturing real-time intent by forcing agents to justify reasoning, enabling detailed forensics beyond traditional logs.[1][3]
• Granular Access Control: Applies just-in-time permissions, least-privilege enforcement, and human-in-the-loop approvals for sensitive ops, linking agents to owners without static privileges.[1][2][3]
• Focus on Actors, Not Models: Secures decisions made by agents (e.g., code execution, data pulls) rather than LLMs, addressing gaps in legacy IAM systems.[1][4]
• Elite Team & Research Edge: Unit 8200/Cellebrite/Check Point alumni deliver purpose-built tools, validated by endorsements from Tenable, Okta, and TLV Partners.[2][4]

Role in the Broader Tech Landscape

Cyata rides the explosive trend of agentic AI—self-scaling "sleepless workforces" handling enterprise tasks like coding and finance—amid a cybersecurity market shift where AI agents evade traditional IAM due to instant emergence and independent action.[1][2][3] Timing is ideal post-2025 AI adoption surge, as enterprises face risks like data leaks or breaches from ungoverned agents, with no IAM platforms yet adapted; Cyata fills this "identity-grade" void first.[1][4][5] Market forces favoring it include rapid AI proliferation (e.g., copilots, autonomous bots) and regulatory pressures for accountability, positioning Cyata as a standard in a niche exploding alongside cloud-scale AI.[2][4] It influences the ecosystem by pioneering "control planes" for agentic identities, enabling safe innovation while publishing research on vulnerabilities (e.g., LangChain, Cursor), raising awareness and trust.[5]

Quick Take & Future Outlook

Cyata is primed to dominate AI agent security as enterprises scale deployments, leveraging its first-mover platform and battle-tested team to expand beyond discovery into full orchestration.[2][4] Upcoming trends like multi-agent systems and regulatory mandates for AI auditability will amplify demand, with funding fueling tech stack growth and global reach.[1][2] Its influence could evolve from niche innovator to infrastructure layer, much like early cloud security pioneers, securing the "AI workforce" revolution. This positions Cyata as essential for unlocking agentic AI's power without the control pitfalls that doomed early cloud expansions.[1][3]