Capsule Security: Why We Invested

We’re excited to announce that Forgepoint Capital is co-leading Capsule Security’s $7 million Seed round alongside Lama Partners as the company emerges from stealth.

Every major platform shift in enterprise technology has created a new attack surface that incumbent security tooling couldn’t cover. AI agents are no different, except the blast radius is larger and the window to act is narrower.

Capsule Security co-founders Naor Paz and Lidan Hazout are building the definitive security layer for the agentic enterprise.

AI Agents Act Faster than Existing Security Tools

Copilot Studio, Salesforce Agentforce, AWS Bedrock, ServiceNow, and dozens of technical frameworks promise to accelerate the enterprise by democratizing automation with AI. These platforms are producing agents that do more than just retrieve information. They execute actions, call tools, read sensitive data, and chain operations across systems.

The security gap this creates is not theoretical. Coding agents have already deleted production databases and customer-facing support agents have hallucinated company policies and caused subscription cancellations.

In our diligence conversations with CISOs and security leaders, two pain points have surfaced consistently: fragmented visibility over agent sprawl and dangerous data exposure from over-permissive tool connections. Perimeter controls like access policies, prompt guardrails, and pre-deployment reviews are helpful but insufficient because agents are non-deterministic. An agent that passes every pre-deployment check can still be manipulated at runtime through prompt injection, tool abuse, or cascading agent-to-agent interactions that no static policy anticipated.

Securing Agents Where It Matters: At Runtime

Capsule Security addresses this gap by securing agents at runtime. Capsule’s technology directly integrates with agentic platforms to continuously monitor agent behavior and prevent unsafe actions, all without requiring code changes or additional infrastructure like proxies, gateways, or SDKs.

The Capsule team has done something rare for a seed-stage company: they published the receipts that prove their thesis. Concurrent with today’s launch, Capsule disclosed two zero-day vulnerabilities from original research: ShareLeak (CVE-2026-21520), a now patched critical-severity prompt injection in Microsoft Copilot Studio, and PipeLeak, a similar vulnerability in Salesforce Agentforce. This research is concrete proof that they understand the runtime attack surface more deeply than anyone else building in their category.

A Team Purpose-Built to Solve the Problem

Capsule’s expert founding team is uniquely positioned to innovate agentic AI security. CEO Naor Paz served in Unit 8200 and led security research at Israel’s Prime Minister’s Office, where he received the Prime Minister’s Prize and the Israel Defense Prize. He subsequently led the WAF product line at F5 and oversaw runtime enforcement at enterprise scale. CTO Lidan Hazout led R&D at SecuredTouch (acq. Ping Identity) and later built an identity threat detection platform from scratch at Transmit Security. His deep experience applying behavioral ML to low-latency, high-volume signals has directly fueled Capsule’s runtime SLM architecture.

Capsule’s advisory bench also reflects the depth of the problem. Chris Krebs, the first Director of CISA, chose Capsule for one of his first advisory roles after leaving the US government. Omer Grossman, former Global CIO at CyberArk and Deputy Chief of Cyber Defense in the IDF Reserves, Michael Dolinsky, former CTO of Ermetic, and seasoned Fortune 500 CISOs Jim Routh and Yonesy Núñez round out a group of advisors that understands what causes enterprise security to fail at the highest levels. Their support shows that Capsule has the right approach to solving agentic runtime security.

Looking Ahead to the Future of Agentic AI Security

Capsule Security is defining runtime agent security at the exact moment enterprises need it most. Industry analysts have taken notice. Gartner recently recognized Capsule as a representative vendor in its inaugural market guide for “guardian agents,” AI designed to oversee and protect other AI agents in production.

The team’s research credibility, robust platform integration, and world-class network of support all point in the same direction: up and to the right. We look forward to building alongside Naor, Lidan, and the Capsule team as they set the standard for how enterprises keep AI agents in check.