In this Cyber Security Leaders segment from theCUBE + NYSE Wired, Gemma Allen sits down with Lior Div, chief executive officer and co-founder of 7AI, to examine how AI is reshaping the threat landscape – and why fighting AI-powered adversaries requires AI-powered defenses. Div unpacks 7AI’s mission to augment enterprise security operations through a swarm of intelligent agents that can automate detection and response in near real time. He outlines how the company’s PLAID approach – people-led, AI-driven – is empowering defenders to shift their focus from repetitive alert triage to high-value, strategic work.
The conversation also explores the risks posed by well-funded, state-sponsored attackers leveraging AI for persistent and scalable cyber operations. Div issues a stark warning about the industrialization of cyberattacks, from reconnaissance to exploitation, and why the traditional SOC model is insufficient in the AI era. He shares insight into how 7AI is building trust with CISOs through transparency, auditability and a federated approach to data. From redefining software architecture to accelerating team productivity, this discussion offers a compelling look at what it takes to defend in a world where AI is both the threat and the solution.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Zero Trust Cyber Series. If you don’t think you received an email check your
spam folder.
Sign in to theCUBE + NYSE Wired: Zero Trust Cyber Series.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For theCUBE + NYSE Wired: Zero Trust Cyber Series
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for theCUBE + NYSE Wired: Zero Trust Cyber Series.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Zero Trust Cyber Series. If you don’t think you received an email check your
spam folder.
Sign in to theCUBE + NYSE Wired: Zero Trust Cyber Series.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to theCUBE + NYSE Wired: Zero Trust Cyber Series
Please sign in with LinkedIn to continue to theCUBE + NYSE Wired: Zero Trust Cyber Series. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Lior Div, 7AI
Inna Tokarev Sela is the CEO and founder of Illumex. The platform enables companies to extract value from structured data, creating a virtual semantic graph for users to interact with in natural language. Illumex focuses on contextualizing data in real-time and offers built-in governance features. By partnering with major data platform providers, Illumex has increased data usage for customers. The company has raised $13 million and has a diverse workforce. Inna's leadership style is described as empathetic. Illumex envisions a future where data interactions are seamless and efficient. Overall, the company aims to lead the industry towards a more streamlined application-free future.
In this Cyber Security Leaders segment from theCUBE + NYSE Wired, Gemma Allen sits down with Lior Div, chief executive officer and co-founder of 7AI, to examine how AI is reshaping the threat landscape – and why fighting AI-powered adversaries requires AI-powered defenses. Div unpacks 7AI’s mission to augment enterprise security operations through a swarm of intelligent agents that can automate detection and response in near real time. He outlines how the company’s PLAID approach – people-led, AI-driven – is empowering defenders to shift their focus from repe...Read more
exploreKeep Exploring
What was Lior Div's background and journey that led him to co-found 7AI, and what is his perspective on the current state of investment in cybersecurity?add
What experiences led to the founding of this company and how does it address future threats in cybersecurity?add
What factors are driving changes in the cybersecurity industry?add
What are the anticipated trends in the ecosystem regarding vendor consolidation and the approach to building security stacks?add
What are the anticipated developments for the team at 7AI over the next 12 to 18 months?add
>> I'm Gemma Allen coming to you from theCUBE Studio at the New York Stock Exchange as part of our program with NYSC Wired. This is our Cybersecurity Leader series. And today I am joined by Lior Div, CEO and co-founder of 7AI. Lior, welcome to theCUBE.
Lior Div
>> Thank you so much.
Gemma Allen
>> So you have raised the largest Series A in cyber history. Let's start there. What a place to start, right? Tell me a little bit about you, your own journey, what brought you to 7AI, and I guess the investment thesis in cyber as a whole at this mad moment we seem to be living in.
Lior Div
>> Yeah, this is actually a great moment for us and thank you for having me on the show. For me, cybersecurity, this is something that I was doing all my life. So I'm used to joke and say I'm an expert in a very, very narrow field called cybersecurity that back in the day was not cool and suddenly it become a big thing for everybody.
Gemma Allen
>> For sure.
Lior Div
>> So basically this is not my first company. My previous company, we took it from an idea to a pre IPO company, so it was a big company.
Gemma Allen
>> Oh, congrats.
Lior Div
>> Thank you. And this company, we basically build a company under the thesis that the bad guys eventually going to use AI in order to attack us. And that will shift the way that people are thinking about cybersecurity in a completely different way to the point that the regular stack of technology that we have today basically is not going to work. So basically when you try to work with a technology stack with people versus AI that's warning us, those things are not going to match. And you will hear me saying a lot, we have to fight fire with fire. And right now I believe this is kind of the moment of inflection point that we see those two come together.
Gemma Allen
>> So it's based on this idea of a swarm of agents that can perform a whole load of tasks for you that perhaps will free up the human capability to work on more strategic tasks, right?
Lior Div
>> Yeah.
Gemma Allen
>> But tell me, in I guess basic terms, is this an idea that AI will run your SOC for you? This will be fully AI owned?
Lior Div
>> Yes.
Gemma Allen
>> Or it's a little bit more complicated than that.
Lior Div
>> No, it's actually very simple. The way that people used to build their security operation center is actually having people doing twenty four seven. Sometimes it can be your people doing it. Sometimes it can be a service provider that's doing it for us. But the basic terms is alert is coming, people need to decide if that thing imposing threat to my organization or not, and if yes, to respond to it. So right now we're talking about in a good day, it's half an hour, sometimes it's hours to deal with those alerts and usually you're bound with the capacity that you have, how many people you have on shift to do those type of things. But when the amount of alerts will grow, then we don't have enough people to deal with it. So just a simple term, when the AI agent is doing kind of the same amount of work that the human is doing, they're doing it in minutes, not in hours. The time that it's take us to scale, it's immediately as we see more alert, the system can scale itself. So suddenly we can consume the just massive amount of information in real time and make a determination, "Hey, this is not an attack. This is an attack and now we can deal with it in almost semi-real time."
Gemma Allen
>> Well, let's talk about the threat landscape because we spoke off camera about the news today around China's Moonshot Kimmy 2.5, creating this, what seems like from an outsider, a wonderful opportunity for AI to triangulate tasks for you, right?
Lior Div
>> Yeah.
Gemma Allen
>> A swarm of agents that can connect different parts of your workflow and automate things together in a cohesive way. Of course, there's also a lot of risk in plight in that, right? Talk to me about what sorts of threats you're seeing. You've been talking about the threat of China and outside actors for a while now. What's changing in rapid time?
Lior Div
>> Yeah. So the cybersecurity industry is a fascinating industry because the one that dictate where this industry is going, actually this is the bad guys. And when we're thinking about bad guys, sometimes we're thinking about a few kids in the garage, but this is not true anymore for many, many years. We're talking about well-funded organization. Sometimes it's a ransomware organization and sometimes it's government funded organization that they have millions and sometimes billions to run a real proper, basically attacks against us. So if you think about it, there is a new technology name AI. They're going to use it. They're going to be the first one to use it. So when we are thinking about security operation, not just a single attack, it's think about it almost as a factory. Identify the target, weaponize the tools, hack going in, and basically decide the next target and the next target. So all of this operation used to be done by people for many, many years. Now you can have an agent to choose the target, then another agent to weaponize the relevant tools. Then another agent to run the different steps. So you create a factory, and this is the swarm of agent that actually start attacking us. But this is just the beginning, and I'm not here to scare anybody. But once this machine is starting to work, it's like the cadence of attack and the ability for them to leverage and weaponize different tools in order to go against us. This is like endless.
Gemma Allen
>> So I think we're all familiar with cybersecurity from the perspective of email phishing, malware, social engineering, right? Are you seeing cases whereby live examples of somebody having perhaps their identity, their access hacked, and then you can... In this world of SaaS that we live in, where there's so much plug and play across enterprise, if somebody was to take your login credentials for your systems, you can access so many different parts of the stack. How broad spread is the threat? I think we think about it from the perspective of OneSpace. Are you seeing it happen in a very fluid way?
Lior Div
>> Yeah. So we have to think about, okay, what is the best situation for attacker? The best situation for attacker is to have a legitimized credentials, basically your email and your two factor authentication and all of this and going into a system as a regular user and basically better situation if you're the administrator just going there with a credential that this is the administrator. So it's very hard to distinguish between a regular user or somebody that needs using somebody else a stolen credential. But this is just the beginning. We're not talking about our cars that they are connected by now. Our refrigerator that is connected. So if you zoom out for a second and see kind of the lifestyle that we have, everything is connected. We're relying more and more on technology and it's our job is to protect this new world that we're living in. And it's not new anymore, to be honest, it's happening in the past 25 years. Because if we're not going to protect it's like the basic thing that we're doing on a daily basis, it's going to feel the simple term, try to leave one day without your phone. It's almost impossible for people.
Gemma Allen
>> I mean, you connect your phone to a satanal that has line of business applications for... You're so right, right? The connectivity in terms of the parameters of professional and personal from a risk perspective are higher than ever before. We see people asking ChatGPT to answer work emails for them, et cetera, right?
Lior Div
>> So everything is interconnected. And I think that some people are talking about, "Hey, can we balance it? Can we..." I think that the trend left the station. Basically, it's about integrating it and integrating it in a safe way.
Gemma Allen
>> So in your dialogue around how you see the future and how your company partners with large enterprise, you talk a lot about human led though, right? About keeping humans in this decision making process in the ownership cycle around cyber. Talk to me a little bit about places where you think humans can operate more strategically if you have 7AI doing some of the grunt work for you. What sort of case studies do you have of folks saying, "Like a year ago, I had to spend my time on this and now I'm spending my time on this."
Lior Div
>> This is actually a fascinating conversation because it's not just about, "Hey, we're a new company. We have this feature used..." This is not the right conversation. It's really about looking at what people are doing with their time in big enterprises. And you will hear us talking a lot about human work versus non-human work. And our approach is we're saying, "Hey, we're not the company that's saying, Hey, we don't need human in order to do a security operation. That's not the right angle. It's actually we believe that we do need human, but we really need to think about what is the human brain is the best to do and what the human brand should not do."
And I'll explain. If it's toil, repeatable, but very necessary and maybe boring for security, you still have to do it, but probably there is an AI agent that we can build that can do that job. And if it's strategic, require creativity, actually understanding the full gamut of the situation, this is human are very good of doing that. So we're really talking about how can we split the work between human work and the non-human work and basically elevating the human to be much more strategic. We call it shifting up the people. So people are supervising the AI, they're not in the loop, they're on the loop.
Gemma Allen
>> And as we see more and more connectivity, more convergence across the SaaS stack broadly, right? Where you see a lot of plugin applications, running line of business workflows, et cetera, what are you seeing from the perspective of the ownership of those risks? Is that evolving conversation?
Lior Div
>> So the way that we used to buy SaaS product is a vendor will say, "Hey, this is all the features that I built. Here you go, customer." And the customer responsible to actually use it and implemented it and hope that it's suitable to whatever they have. So think about it, we as vendors, what we did is created one thing that fits everybody and if it's not fitting you, it's your job to basically tailor it and making that thing work in your environment. This is the security software as a service for many, many years. We came with a new approach in the AI era that we call it Plaid. It's an acronym for people led, AI driven. And the whole idea is big enterprise, they need to customize it to their need, but instead of them doing it, we're taking responsibility and we're saying, "Look, you're going to consume our AI capability. We're going to customize it to whatever you need and we are responsible for the thing to work in your environment to the way that you want." So literally meet the customer where they are instead of trying to force them to do what we are used to do as vendors, to be honest.
Gemma Allen
>> So tell me a little bit about the vendor landscape broadly. There's certainly a sense or a narrative that we're going to see mass consolidation and cybersecurity. There's some very large players who have a large incumbent ecosystem, I guess. And this is cybersecurity leader series. We have folks across the gamut on here, but certainly I think the impression is that it's a tough industry to cut your teeth in as a newbie, which understandably so. What are your thoughts on the consolidation? Because my impression is there is still a very taxing element to being a CISO, to managing relationships with multiple vendors, to even understanding what you have deployed from a cyber perspective across your ecosystem in stock. How do you think things are going to go?
Lior Div
>> Yeah, two things will happen, and they're already happening right now. So one is the big vendors will consolidate whatever they can. And I think that this is good for the industry, it's not bad. They're going to consolidate and then a CISO can basically buy one platform that can have multiple different things for them. But in parallel to this motion, there is people like us that actually rethinking about how to build some of the stack that we used to do in the past 30 years in a completely different way. Think about it as a AI native company, true native company that coming, was built in the AI era, not adding it as rethinking the full architecture from scratch. And we're basically disrupting a lot of kind of the wisdom and the way that we used to think about solving the problem. For example, a basic idea is, "Hey, I have to consolidate all the data to one place in order to do basically a very good security practice in a specific company." We believe that the future is federated. We believe that AI can go to the data where the data was born. This is a fundamental change in the way that we're thinking about approaching data. So this is kind of the AI native approach versus the traditional approach. And I think that CISO will need to choose or basically not choose evolve, they're going to start there and eventually evolve to the new type of architecture that's coming.
Gemma Allen
>> But in this world where AI lives where the data is born, when we're talking about agentic workflows and connecting different parts of your business and practice area broadly for mass cohesion, that also creates a certain amount of risk of environment to environment within an enterprise client, for example, where you have AI agents accessing database information, client information, customer financial data, for example, and also accessing your email. Again, it seems as though the risk side of that in terms of one entry point and the damage, the downstream damage that can cause is huge. So do you think that we're going to see an increased kind of modular approach to cyber where people rely on certain cyber vendors for email, certain cyber vendors for GP activity? What are your thoughts?
Lior Div
>> Yeah, so the way that we think about it is a security from the core. So we as a security vendor first, that our job is to protect organization, we cannot introduce a new risk. Our job is to reduce risk. So now when you think about it, the way that we design the technology from day zero, it's really think about security from day zero. So for example, what our agent can do or cannot do, this is very controlled. Our agent cannot go wrong. It's like there is a very clear hardcore boundaries that preventing them, for example, to do things. When the agent is doing any query in the system, this is documented in an auditable way that basically if somebody knocking on your door and saying, "Hey, how did you reach to this conclusion on this event on this date?" There is a full audit trail that's showing our customers what AI did step by step, including role request, raw response that they can take. To be honest, it's a little bit more accurate than what people are documenting. So I believe that if you are doing it right, you can put us in a much more secure place, but hey, it's a lot of work to do it right.
Gemma Allen
>> It's an administrative burden above all else, right? In terms of the documentation. So tell me about the conversation you're having with CISOs. There is also an impression perhaps that a lot of folks are really not aware of just how severe the threats are. What's your impression? Do you think the industry broadly is catching up to fear versus reality?
Lior Div
>> Yeah. So what I like about conversation with CISOs specifically in a big organization, we're talking about super smart people. They're usually in the cutting edge of what's going on. You don't need to educate them about, "Hey, China is coming after you." They see it on a daily basis. So basically the conversation is evolving to, okay, what should we do and how fast we should do it because everybody understand that this future is inevitable. It will happen and it's happening right now. So this is, by the way, the reason that we created the PLAID, the people led AI driven in order to have a real conversation with those CSOs and to be honest, more importantly, sometimes with their team of saying, "Look, you're here right now in the AI maturation of the SOC and this is the step that we're going to do with you in order to make your team and basically your technology stack much more mature."
And by the way, we're not just going to throw a stack of technology and say, "Hey, good luck, use it, and it's going to replace your people." No, no, no. It's not going to replace anybody. It's like it's going to give you superpower to your analyst and eventually as you develop trust in the technology, it will enable you to be faster and faster and faster. So this is a very healthy conversation that we have with them, but I think that you as a vendor have to understand the psychological effect of inserting AI that need to be trusted and trust is earned. It's not giving in day one.
Gemma Allen
>> Talk to me about the partnership strategy and landscape for 7AI. 10 years ago, 15 years ago, cybersecurity and risk was somewhat of an outsourced problem, right? You have signed somewhere, at least created some interesting partnerships of companies like GXC and others. How are you thinking about that in terms of the next three to five years?
Lior Div
>> Yeah, partnerships, I think that they're critical, specifically in our industry. The bad guys, it's out there. They're not in the house. So partnering with the CISO community, this is super important for us. It's like something that we learn is actually to listen very carefully instead of trying to tell them what is the risk, to meet them where they are. Because if you're not going to meet those teams where they are, they're not going to embrace your technology and they know that they need to do that. So it's like, okay, instead of being a vendor versus a CISO or versus a security team, actually we are flipping it on its head and it's like we're saying, "Hey, this is the technology that we have. This is what the technology you can do. By the way, this is what the technology cannot do." Sometimes it's refreshing because sometimes it's not meeting all the...
Gemma Allen
>> A very important part of a partnership, right? Transparency.
Lior Div
>> Exactly. And building those trusted relationship over time.
Gemma Allen
>> So raise 150 million, they raise. What's ahead? What does the next 12 to 18 months look like for you and the team at 7AI?
Lior Div
>> Yeah. To be honest, it's really about the customers. It's not about us. It's not about the new feature that we can build. It's really about how can we take the maximum amount of those teams and give them those superpowers to fight against the bad guys. And how to do it in the way that they can consume it and use it on a daily basis. And they will say that, "Hey, this is actually improving the ROI of how much time it's take us to detect, how much time it's take us to response. And we were there a year ago and now we're here." We have one customer that said, "Look, we started with 25% of my alert done by 7AI. By the end of the year, we're going to reach you 95% and now all the people that we had doing it manually, now they become the supervisor of the AI and their job is basically going on the offense and doing kind of hunting and incident response." So we triple our team capacity without changing anything in terms of the amount of people.
Gemma Allen
>> Wow. And just in terms of a closing message to listeners, folks that might want to learn more about the product, or even want to maybe come work with you, right? You're hiring some great minds. Close us out. What have you got to say to anyone listening who might be interested to engage more?
Lior Div
>> Yeah, we are on a mission, to be honest, and I'm driven by the mission to help those defenders. This is something that I'm super passionate about it, and I think that people can see that I'm leaning in. And I think that it's inevitable and that's the future. So our basically job is to build those capability for the defenders in order to have a brighter future for all of us.
Gemma Allen
>> Well, you're wonderful to have you on theCUBE. Congrats on the success so far and we'll be watching. Maybe see what RSA.
Lior Div
>> Yeah. We're going to be there.
Gemma Allen
>> Us too. Thanks so much. I'm Gemma Allen coming to you from theCUBE Studio here at the New York Stock Exchange. This is our Cybersecurity Leaders Program with NYSC Wired. Thanks so much for watching.
Gemma Allen