Sometimes a press release reads like marketing, and sometimes it reads like a warning flare — this one feels closer to the second category. Oligo Security, a Tel-Aviv based cybersecurity company, just announced a major expansion of its platform to secure the fast-growing world of AI deployments — everything from basic AI-powered applications to large language models and increasingly autonomous agentic AI systems. There’s a certain confidence behind this announcement, the kind that comes from knowing you’re early to a problem others haven’t truly acknowledged yet.
Oligo’s CEO and co-founder, Nadav Czerninski, puts it plainly: businesses are deploying AI faster than they can protect it. That rings true; we see it across industries — companies shipping LLM-chatbots, workflow agents, AI-assisted code execution, and inference runtimes without having any real visibility into what’s happening behind the scenes. Once these systems enter production, they behave dynamically, sometimes unpredictably, with complex dependencies and real-time decision making. And the more autonomy companies give AI, the more that traditional security tools start to look painfully outdated.
This is where Oligo’s identity as an Israeli company matters. Israel tends to build cybersecurity differently — reactive, field-tested, tactical — because its innovation ecosystem was shaped by real-world threats, not academic abstractions. The company’s research already uncovered the first known live exploitation campaign targeting AI workloads, named ShadowRay, back in 2024. A year later, ShadowRay 2.0 evolved into something more alarming: a global self-replicating botnet created by exploiting AI infrastructure itself. That escalation demonstrates why runtime oversight isn’t just a nice-to-have; it’s the battleground.
Oligo’s new AI-focused modules — AI-SPM and AI-DR — are being positioned as the first meaningful tools that focus not on theoretical risk, but on securing AI where it actually runs. One module maps and governs everything AI touches: models, services, SDKs, agent frameworks. The other watches AI behavior in real time — intercepting jailbreak attempts, suspicious agent actions, rogue API calls, or unsafe model outputs — and allows automated response through SOC workflows. It’s tempting to compare this to classical application security, but the complexity is different: AI systems don’t behave deterministically, and the attack surface is defined by logic, intent and context rather than static code.
The customer testimonial included — from Cresta’s security and compliance lead — feels almost like a sigh of relief. There’s a distinct anxiety inside AI-driven companies: “We don’t fully understand what this system may do if pushed the wrong way.” If Oligo’s “runtime as source of truth” philosophy works the way they frame it, then this offering isn’t just a product extension; it’s the beginning of an entirely new category in security.
Right now, the new capabilities are only available in private preview. But it’s obvious the company is positioning itself as the first mover in runtime AI defense — not another compliance dashboard, not another perimeter filter, but real-time enforcement built for a world where machines decide things on the fly.
For Israel, this is one more example — maybe even a predictable one — of how its security mindset is evolving from classic cyber to defense of autonomous digital systems. And for the wider tech ecosystem racing ahead with AI: this announcement reads like a subtle message. Innovation is exciting. But innovation without guardrails? That’s how botnets learn to think.
It’ll be interesting to watch who adopts tools like this first — the cautious enterprises or the startups pushing AI into wild territory faster than anyone can regulate.
Either way, the timing isn’t accidental. The AI era just got its first serious runtime sheriff — and of course, it comes from Tel Aviv.
Leave a Reply