It usually takes startups years to establish the kind of war chest Act Security has assembled in just four months. The Israeli cybersecurity firm has secured a $40 million Series A led by U.S.-based Notable Capital, bringing its total funding to $60 million shortly after emerging from stealth. The round follows a $20 million Seed injection just months prior from Team8 and Bessemer Venture Partners, signaling an aggressive push into a saturated market.
The speed of the capital injection suggests investors are betting on the jockey rather than just the horse. Act Security is helmed by CEO Jonathan Langer and CTO Itay Kirshenbaum, the duo behind Medigate, a healthcare IoT security startup acquired by Claroty for a reported $400 million. They have reassembled key parts of that leadership team, including Chief Product Officer Stephen Goldberg—formerly a senior executive at Claroty—and cyber veteran Ilai Fallach.
From hospital networks to the hybrid cloud
At Medigate, the founding team focused on the fragility of connected devices in hospitals, from infusion pumps to CT scanners. Their pivot to Act Security applies that same critical infrastructure mindset to the cloud. While enterprises today have no shortage of dashboards and visibility tools, security teams often struggle to translate that visibility into risk reduction across sprawling hybrid environments.
“The cloud made everything faster, including attackers. We realized security teams didn’t need more alerts. They needed something that tells them what to do next — and does it safely at scale.”
Langer’s premise is that the industry has over-indexed on detection. Security operations centers (SOCs) are drowning in findings, but they lack the tools to remediate them without fear of breaking production environments.
Operationalizing the fix
Act Security is positioning itself against the “dashboard fatigue” common in the Cloud Security Posture Management (CSPM) and Cloud Native Application Protection Platform (CNAPP) spaces. Rather than generating lists of vulnerabilities, the platform focuses on identifying immediate, real-world risks and orchestrating the necessary fixes.
This “action-first” approach is designed to function like an autopilot for security operations. The goal is to prioritize threats and automate the remediation process across data centers and cloud services, validating that the controls actually work once implemented.
One investor familiar with the deal noted the distinct shift in strategy: “Most platforms tell you what’s wrong. Act’s mandate is to help you fix it, in the right order, before it becomes a breach.”
The backers
Raising a Series A of this magnitude in the current venture climate is an outlier event. Notable Capital, which has previously backed infrastructure and security heavyweights like HashiCorp, Drata, and Orca Security, led the round. The cap table now includes a mix of new and returning backers:
- Lead Investor: Notable Capital
- New Participants: Startpoint Capital, Claltech, and the tech arm of Access
- Returning Seed Investors: Bessemer Venture Partners, Team8, Hetz Ventures, and Brightmind
With $60 million in fresh capital, the company has a significant runway to scale its engineering team and refine its go-to-market strategy without the immediate pressure to return to the fundraising circuit. For the founders, however, the challenge shifts from securing capital to proving that their “active defense” thesis can survive contact with complex, real-world enterprise environments.
As a partner at Notable Capital put it, the next decade of threats will likely center on control over cloud and data center infrastructure. “Act’s team uniquely understands how to protect life-or-death systems at scale,” they stated, betting that the team’s experience securing hospital networks will translate effectively to the financial and tech sectors.
