In a milestone for AI-native security, Capsule Security has launched from stealth with a $7 million seed round led by Lama Partners and Forgepoint Capital International. The Tel Aviv-based startup is addressing the most volatile element of the modern tech stack: the AI agent.
Unlike deterministic software, AI agents operate as a new class of privileged users, capable of executing complex workflows at machine speed. Capsule’s platform provides the missing trust layer, enforcing security at the point of execution without the need for cumbersome proxies, gateways, or SDKs.
The launch comes as major platforms face emerging threats. Capsule’s research team recently disclosed two critical zero-day vulnerabilities:
- ShareLeak (CVE-2026-21520): A critical indirect prompt injection vulnerability in Microsoft Copilot Studio.
- PipeLeak: A prompt injection vulnerability in Salesforce Agentforce that uses untrusted lead-form inputs to hijack agent goals.
These disclosures prove that the risk of agents going rogue, whether through manipulation or silent data exfiltration, is no longer theoretical. As Chris Krebs, former Director of CISA and Capsule advisor, noted: “Legacy tools weren’t built to monitor what happens between prompt and action. Capsule closes that gap.”
Capsule’s innovation lies in its use of Small Language Models (SLMs) to create a multi-agent system of Guardian Agents. This architecture allows for:
- Context-Aware Evaluation: Assessing the intent of an agent’s action in real-time.
- Pre-Invocation Checkpoints: Using tools like the open-source ClawGuard to block unsafe tool calls before they complete.
- Infrastructure-Free Deployment: Supporting platforms like Cursor, Claude Code, and ServiceNow without adding latency or complex integration layers.
Recognized by Gartner as a representative vendor in the Guardian Agent category, Capsule is shifting the focus of Governance, Risk, and Compliance from historical auditing to real-time telemetry. For the 80% of Fortune 500 companies already deploying AI agents, the ability to generate auditable telemetry for every agent-driven action is becoming a prerequisite for scale.
