Israeli AI security platform Noma secures $25 million in Series A funding

Noma, an Israeli startup dedicated to AI security, has successfully raised $25 million in a Series A funding round led by Ballistic Ventures. This follows a $7 million Seed round less than a year ago, led by Glilot Capital Partners and supported by Cyber Club London. The rounds attracted numerous strategic angel investors, including current and former Chief Information Security Officers (CISOs) from major companies such as McDonald's, Google DeepMind, Twitter, Atlassian, BNP Paribas, T-Mobile, and Nielsen. Notable investors also include security experts like Zohar Alon, founder of Dome9 Security; Ofer Ben-Noon and Ohad Bobrov of Talon Cyber Security; Guy Nizan, CEO of IntSights; former IntSights CTO Gal Ben-David; Ronen Zoran, ex-CRO of CyberArk; Varun Badhwar, who established Prisma Cloud; and Manoj Apte, former CSO of Zscaler.

Simultaneously, Noma has launched a comprehensive security platform tailored for application development within the AI and data domains. The platform provides an end-to-end solution for AI discovery, security, protection, and compliance across all stages of AI and data development. This includes shielding against supply chain risks such as vulnerabilities in data pipelines, unscanned code, misconfigurations in MLOps tools, and the handling of sensitive data used in model training. It also mitigates threats from susceptible or malicious AI models, runtime prompt injection, and other emerging security challenges.

Founded in 2023 by CEO Niv Braun and CTO Alon Tron, who both served in Israel's renowned 8200 intelligence unit, Noma is actively shaping industry standards for AI security as a member of the OWASP AI Exchange and is contributing to U.S. government policies on AI security. Currently, Noma employs a team of 20 across Israel and the U.S. and has plans to double its workforce over the next year.

CEO Niv Braun emphasized the unique challenges posed by the Data & AI Lifecycle, which is fundamentally different from traditional software development lifecycles.

"The Data & AI lifecycle introduces a distinct supply chain with open source components and runtime artifacts that standard security tools don't cover," Braun explained.

"Organizations are already facing compromises from misconfigured data pipelines, MLOps tools, and vulnerable open-source models. It's only a matter of time before we face an AI security incident on the scale of SolarWinds or Log4Shell. There's a critical need for a security framework that fully addresses the entire Data & AI Lifecycle."