The Wiz of GenAI security? “Lasso has the potential to be a once-in-a-decade company in cyber”

On the night of October 1 earlier this year, Elad Schulman, CEO of the startup Lasso Security, was on a phone call with a major international client. “Suddenly, I started receiving notifications, and then alarms sounded because of a ballistic missile attack from Iran,” he recalls. “I told the client, ‘Excuse me, I’m experiencing a technical issue with communications.’ I went into the safe room with my family, asked everyone to remain quiet, and then went back upstairs to continue the call. We kept talking like that for the entire hour of the attack. I did it because, as a principle, no one outside should know what’s happening here, and it shouldn’t concern the client. Honestly, even in retrospect, I’m not sure the client made the connection between the attack and the brief interruption.”

Founded in June 2023, the story of Lasso Security—a startup at war—extends beyond the usual battles young companies face for the attention of investors, customers, or employees. “On October 7, we were just starting development with only eight employees besides the founders,” says Schulman, one of Lasso's four co-founders. “As the war broke out, Ophir, one of our co-founders and the Chief Product Officer, was drafted into the reserves in an elite unit. He disappeared for four months, and after he returned, he was drafted again for another round. Our first developer was also called up for reserve duty, along with several other employees. Within weeks, we found ourselves operating with only five team members.

Elad Schulman, CEO Lasso Security.

“In response to these challenges, we decided to divide little Lasso into two parallel efforts: one focused on continuing product development and the other operating as a sort of auxiliary company dedicated to raising funds and transporting military equipment to soldiers. Yuval, our CPO, and I handled our contribution to the war effort, while Lior, our CTO, led the remaining employees to continue building the product. We stretched ourselves in every direction to meet the demands of both tasks.”

The impact of the war didn’t stop there. Lasso came out of stealth a year ago, in late November 2023, when it announced its first funding round of $6 million—a relatively high amount for its early stage. However, one of the prominent investors was Paddy Cosgrave, founder of Web Summit, one of the world’s leading technology conferences. Around that time, Cosgrave made controversial statements on social media accusing Israel of violating international law and committing war crimes. The backlash was immediate, with Israeli entrepreneurs and major international tech companies boycotting the conference, ultimately forcing Cosgrave to resign.

In light of the controversy, Schulman and his partners decided not to accept Cosgrave’s investment, leaving an unanticipated gap in their budget. "It delayed us," Schulman admits, "but it also forced us to sharpen our focus and figure out what really needed to be done."

Perhaps to offset the lack of prominent backers, former Prime Minister Naftali Bennett joined Lasso’s board of directors shortly after the fundraising round. His addition was initiated by Entrée Capital, Lasso’s largest investor, to help shape the company’s strategy and open doors for the young startup. Entrée Capital often brings influential figures onto the boards of its portfolio companies, and Bennett was seen as a strong fit, particularly given his experience in the cyber field as the founder of Cyota, an information security company sold in 2005 for $145 million.

Beyond the big name, what does Bennett contribute to your business?

"In my first conversation with him, he started discussing AI and machine learning (ML) as if he’d been in the field for years. He’s exceptionally sharp and has past experience as a cyber entrepreneur. Of course, he’s also well-connected and has been instrumental in introducing us to key people and bringing in new customers."

Does he actively work with you?

"Naftali has become an integral part of our work and planning. He attends board meetings and dedicates time to us, even outside of formal meetings through numerous discussions."

And if he returns to politics soon, as many expect?

"I assume he would then need to cut ties with us, but we’ve planned for that possibility. On a personal level, I deeply respect him—his intentions are sincere, and his actions align with his words."

"We know how to define the boundaries for bots"

Naftali Bennett seems particularly enthusiastic about startups operating in innovative fields with the potential to cause a paradigm shift. This is precisely the promise of Lasso Security—and also the inherent risk. The company is developing dedicated cybersecurity solutions for the burgeoning field of artificial intelligence tools, such as OpenAI’s ChatGPT, Google’s Gemini, and Anthropic’s Claude. Schulman envisions Lasso becoming for generative AI (GenAI) security what Israel’s Wiz has become for cloud security. However, he is fully aware of the stakes. If unsuccessful, Lasso could join the ranks of Israeli tech companies that were ahead of their time, paved the way for others, but ultimately failed to survive.

When Lasso was founded, only two other companies were working in AI-focused cybersecurity. Today, the field has expanded dramatically, with dozens of competitors entering the market—and the competition is only intensifying.

Lasso founders <span style="font-weight: normal;">(from left)</span> Elad Schulman, Lior Ziv, Ophir Dror, and Yuval Abadi

Elad Schulman, 45, is a seasoned entrepreneur who sold his previous startup at the end of 2019. After that, he started investing as an angel and thought he had entered a comfortable post-exit retirement. That changed when he caught the GenAI "bug." He convinced Ophir Dror, Lior Ziv, and Yuval Abadi, colleagues who had worked with him throughout his career, to join him in founding a startup focused on cybersecurity for generative AI.

Just a year and a half after its establishment—and despite being founded amidst significant geopolitical challenges—Lasso already has a working product. The company has generated nearly $1 million in sales, with clients including major organizations and, critically, U.S. federal agencies. According to Schulman, these agencies are strategic customers that provide Lasso with a valuable seal of approval.

Where did the name Lasso come from?

"The name reflects the current environment of generative AI, which burst into our lives two years ago with ChatGPT. It’s still the Wild West, and we need a new sheriff to bring order."

Schulman fully embraces the sheriff analogy. At international conferences, he makes a point of wearing a cowboy hat and other themed merchandise, such as a lasso, to drive home the message. Observers might mistake Lasso for a cowboy-founded startup out of Texas, rather than a high-tech company headquartered in the heart of Tel Aviv.

Let’s talk about the Wild West—what is the AI risk you are trying to mitigate?

"Let’s start with the most basic risk: employees in organizations want to be more productive by using AI tools, which is completely understandable. owever, in doing so, they inadvertently expose their organizations to significant risks. We’ve seen it all—resume files containing sensitive personal details uploaded to ChatGPT; salary spreadsheets used to generate graphs; sales contracts and client data uploaded to analyze or compare information. In all these cases, critical data is exposed.

"Our solution identifies such files and blocks their upload, protecting organizations from these vulnerabilities. Artificial intelligence tools have suddenly become the most useful technology in the world. According to a Salesforce survey, nearly half of employees have used tools like ChatGPT or Gemini for work without any formal approval. People are feeding sensitive information into these applications without considering the implications. Unlike traditional software, it’s difficult to monitor this behavior using existing cybersecurity solutions because the AI ecosystem is conversational and context-dependent."

But aren’t there countless cybersecurity solutions already?

"True, but they aren’t equipped to handle how AI tools operate. For example, traditional tools flag credit card numbers entered into most software. However, if you input the same number into ChatGPT in written words, existing solutions don’t recognize it as a credit card number. When we started, we were told that conventional data leakage prevention solutions or firewalls could handle this issue. In practice, they don’t."

How do external attacks target AI tools?

"Cybersecurity in artificial intelligence applications extends beyond just protecting against attacks or hacks. Sometimes, the AI itself needs protection from misuse. These programs are designed to help and fulfill tasks and, as a result, will go to great lengths to execute the instructions they receive. Just this week, we saw an example of an attack where an AI tool was instructed to transfer money to a specific account—and it did."

Are hackers sophisticated enough to exploit AI models?

"Most attacks today involve inserting crafted prompts or instructions into a model to alter its intended purpose—this is called prompt injection. Such attacks often lead to information leaks but can also result in the deliberate delivery of incorrect or misleading results to users.

"These attacks can also waste company resources. For instance, an attacker might bombard a chatbot on an automobile company’s website with irrelevant questions, forcing it to answer topics unrelated to its core functions. While this may seem trivial or even humorous now, it’s a growing concern. Such misuse can harm a company's reputation if ridiculous or inaccurate outputs are publicized. Worse still, attackers could extract business-critical information, such as details about organizational structures, recent transactions, or the average size of deals, all by manipulating these AI-driven interfaces."

What does your solution offer in such scenarios?

"Our solution establishes clear boundaries for what an AI bot can and cannot do. Unlike traditional keyword-based approaches, which are outdated in the era of AI, our system defines these boundaries based on context. This ensures the bot remains focused on its intended purpose and avoids sensitive or inappropriate topics."

What poses a greater risk to organizations: employees innocently leaking information or external attacks via customer interfaces?

"The main threat is often internal: employees unintentionally disclosing sensitive information. For instance, many employees, before sending an email, upload their drafts to cloud-based AI tools with prompts like, 'Help me phrase this better.' Without realizing it, they’re sharing confidential information online.

"However, banning such tools outright comes with significant drawbacks. AI tools provide enormous productivity advantages, and blocking their use could hinder progress and efficiency. For example, when Samsung employees uploaded sensitive code to ChatGPT for work purposes, it raised concerns about a potential intellectual property leak. Samsung responded by prohibiting employees from using external AI tools while simultaneously developing an in-house language model to maintain competitiveness and safeguard data.

"In another case, users asked Amazon's chatbot for instructions on making a Molotov cocktail and received a detailed response, complete with suggestions on where to purchase the necessary components. Such incidents highlight the critical need for dedicated cybersecurity solutions for AI applications. It’s clear that we’re only scratching the surface, and even the brightest minds haven’t yet anticipated all potential misuse scenarios."

Are organizations willing to invest in AI-specific cybersecurity?

"Absolutely. As more organizations adopt AI technologies, the demand for protective measures is growing rapidly. Since mid-2024, we’ve seen a shift, with companies allocating specific budgets for generative AI (GenAI) protection. Dedicated budget lines are being defined for the coming year, and tenders for such solutions are being issued—not just by large corporations but also by smaller enterprises.

"In highly regulated sectors like finance and medicine, where sensitivity to data breaches is greater, there’s even stronger interest in these solutions. Organizations that implement AI-driven interfaces—like customer chatbots or automated claims processing at insurance companies—understand the potential risks. They also know that if these systems work well, they will inevitably attract attackers. The need for robust protection has become undeniable."

"I came back for the kids, not for more money"

Schulman’s dream of creating a new category in cybersecurity—one expected to grow the market by 15% by 2025—is what brought him back from his post-exit retirement with renewed determination. Born and raised in Petah Tikva, Schulman showed a passion for mathematics from an early age. He channeled this love into two distinct areas: stock trading and computer hacking, though never simultaneously.

During his military service, he worked in the research division of the Military Intelligence Directorate, followed by academic studies in computer science and mathematics, capped with a master’s degree in business administration. His career began at Mercury, which was later sold to HP. After two years, he moved to OpTier, which was acquired by SAP shortly thereafter. It was during this period that Schulman met Ophir Dror, and the two left to co-found Segasec, a startup focused on phishing prevention. Their first hire was Lior Ziv, who is now the CTO at Lasso.

Segasec was sold in 2019 to the American company Mimecast for $50 million—a modest exit in public terms, but a significant one considering the company had raised only a few million dollars. The proceeds largely benefited the founders and the 40 employees. "For me, it was a life-changing event. I was among the first to leave after the sale," Schulman recalls. With the onset of the coronavirus pandemic, he decided to take a break and recharge.

During this downtime, he began investing in Israeli startups. One of his early investments was in a small cyber startup called Dig, which was acquired in 2023 by Palo Alto Networks for approximately $300 million.

After two exits, why return to work?

"Even before Dig, I saw significant returns on my investments, but I realized that if my kids saw me just lying around at home, how could I teach them the value of hard work? My motivation now isn’t financial—it’s about sending a message to my children that I’m here to support them, but they don’t have a silver spoon. Especially now, when I’m rarely home again, they ask me, ‘When are you going to sell Lasso?’ because the last exit happened so quickly."

When do you expect the next exit?

"Lasso was accepted into a special accelerator run by AWS (Amazon’s cloud division) and Crowdstrike. I sat down with George Kurtz, the founder and CEO of Crowdstrike, and asked him whether solutions to the new cyber challenges posed by AI applications would come from major corporations or startups. He told me unequivocally, 'It will come from companies like yours. The big players will have to catch up through acquisitions.'”

So your kids aren’t wrong—the next exit may not be far off.

"This time, I want to aim for something bigger. I believe Lasso has the potential to be a once-in-a-decade company in cyber. We want to see how far we can take it."

Is there already a "Wiz" in this new field?

"I’d like to say it’s us, but it’s still early. We’ve only been around for a year and a half, but there’s already significant buzz about us among organizations and investors. No one has emerged as the clear leader yet, but we’re ahead of the curve, and it shows in the deals we’re closing. Securing six-figure contracts isn’t common in cyber for startups, and many organizations approach us even before we’ve launched formal marketing efforts. Since GenAI took off, I’ve seen the landscape of cybersecurity transform before my eyes. My first startup dealt with one of the most boring areas of cyber; now I’m in the most exciting one.”

What do you mean by "transform before my eyes"? The big players like Palo Alto or Check Point don’t seem to be panicking.

"The existing solutions from Palo Alto, Zscaler, Check Point, and others aren’t equipped to handle these new threats, even though they’ve announced product lines to address them."

“The market is huge, and for now, everyone is scrambling”

This emerging category is indeed booming. By 2024, revenues from AI cyber solutions had already reached $24 billion, with most of the earnings going to established players. However, research firms predict this niche will be one of the fastest-growing segments in cyber, with a 25% annual growth rate propelling it to $100 billion by 2030.

The big question is how much space the tech giants—Amazon, Google, and Microsoft—will leave for startups. These companies, which are behind many of the popular AI tools, are already developing their own cybersecurity solutions, just as they did with cloud security. This dual role—as competitors offering nearly free solutions and potential acquirers—creates a complex landscape for startups like Lasso.

You’re not the only startup in this field. Even in Israel, there are others, such as Aim Security and Prompt Security, which have raised $28 million and $23 million, respectively. Lasso has raised only $8.5 million.

"This is because my partners and I are cautious about dilution. However, given the strong investor interest, I expect Lasso will raise another round in early 2025. This field is both hot and new. While everyone in it is a competitor, the market is so vast that no one is permanently locked in direct competition yet."

Schulman highlights that Lasso’s unique selling point is its in-house language model, trained to detect intrusion attempts and malicious use without compromising software performance for users. "We’re already generating over seven figures in revenue, and we have major deals lined up for next year," he says.

So ultimately, will Palo Alto buy you for $500 million?

"I believe it will be more. If, at that moment, selling is the right move, we’ll consider it. But my ambition is to aim for something like Wiz—to be able to say no even to $23 billion."