- Ent, an endpoint security company created by the team behind RiskIQ and Microsoft Security Copilot, has emerged from stealth with $100 million in seed funding. The round was led by Decibel, with Sequoia, Crosspoint Capital, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel also investing.
- This is one of the biggest seed rounds in cybersecurity history. It shows that investors believe current detection tools are not built for a world in which AI agents operate autonomously across company networks.
- Ent says its product is already being used by Global 2000 companies in hospitality, financial services, and defence.
When Elias Manousos and Brandon Dixon left Microsoft, they had already achieved something rare in security: building a product that the whole industry was watching.
Manousos led RiskIQ from its early days to a $500 million-plus sale to Microsoft in 2021, then stayed on as a corporate vice president to launch Microsoft Security Copilot. Dixon co-founded PassiveTotal, which RiskIQ acquired, and led product strategy through both acquisitions before helping launch Copilot.
Their experience inside the industry convinced them that the problem still wasn’t solved. Now, they have launched Ent with $100 million in seed funding to build what they believe is the next step.
The market they are joining is growing quickly
The global endpoint detection and response market, which is also known as EDR, will be worth $7.23 billion in 2026 and could reach $45.95 billion by 2034, growing at 26% annually. This growth comes as organisations add more devices, cloud services, and AI agents to their networks, while threats continue to rise.
The problem is that current EDR tools were designed for older types of attacks. CrowdStrike, SentinelOne, and Microsoft Defender are good at spotting malicious code and suspicious behaviour. But now, many risks in companies don’t look like traditional threats.
A coding agent with access to production systems acts just like a developer doing real work. An employee moving sensitive data through an approved file-sharing app doesn’t trigger any malware alerts.
According to Ent, the real question is whether the person or agent should be doing what they’re doing.
How Ent works
Ent’s platform works as a lightweight agent on Windows, macOS, and Linux, and also as a browser extension. It monitors activity across apps, browsers, data transfers, and local AI systems, then checks whether the intent behind each action aligns with company policy before it happens.
If an employee starts moving sensitive files to an external location during normal browser use, Ent’s models assess intent and can step in right away, rather than sending an alert after the data is already gone.
The company calls this approach “intent-aware” prevention. They see it as an extra layer on top of current endpoint and identity tools, not a replacement.
The investor list suggests the framing landed
Decibel led the round, with participation from Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel.
“AI has been a killer app for hackers and offensive researchers, but the industry is waiting for a novel defensive solution that can keep up with the modern era of LLMs. Ent has reimagined what is possible to protect the endpoint by using specialised AI models and adaptive policy enforcement to detect and prevent malicious activity in real time. It’s a game changer for cybersecurity teams who need a paradigm shift to defend their workforce against LLM-based attacks,” says Jon Sakoda, founding partner at Decibel.
“For a decade, endpoint security has relied on signals that arrive after the user’s action is complete. By running AI reasoning directly on the device, Ent moves from detection to prevention at the moment of decision. That shift is where the next era of endpoint defence gets built,” adds Konstantin Buhler, Partner at Sequoia.
Ent says its product is already being used by Global 2000 companies in hospitality, financial services, and defence, though it hasn’t shared customer names. Its advisory board includes former chief information security officers from Google, Aetna, and MassMutual, the former NSA director, and the former corporate vice president of Microsoft Azure Cloud Security.
What comes next
This is the company’s first public funding round. The fresh capital will be used for engineering, hiring go-to-market teams, and developing what Ent calls “multimodal endpoint intelligence.”
A $100 million seed round in a crowded AI security market is a strong show of confidence from investors who know the space well. Time will tell if Ent’s intent-aware approach is a real technical breakthrough or just a new way to present existing behavioural analytics.
The founders bring rare credibility to the table. Now, their product needs to live up to it.
