Shahar Peled of Terra Security, co-founder and chief executive officer, joins theCUBE Research hosts John Furrier and Gemma Allen to discuss Terra Security's agentic artificial intelligence, hereafter AI, approach to offensive security during the Cybersecurity Leaders session at the New York Stock Exchange. The conversation covers continuous penetration testing and red teaming, scaling ethical-hacker behaviors with AI agents, integration across web, application programming interface, network and AI system attack surfaces, and the operational challenges enterprises face when moving from episodic tests to always-on adversary emulation.
Peled explains that continuous agentic offensive security exposes exploitable business-impact vulnerabilities rather than only surface-level issues and requires human-in-the-loop guardrails to prevent autonomous harm. Peled recommends reallocating existing compliance budgets toward AI-native continuous testing, emphasizes platform integration and transparent target-based pricing, and stresses optimizing model selection to control token costs while enabling automated or human-approved remediation. The discussion addresses enterprise security priorities such as risk management, compliance, platform integration, model governance and operationalizing adversary emulation to improve security operations.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Zero Trust Cyber Series. If you don’t think you received an email check your
spam folder.
Sign in to theCUBE + NYSE Wired: Zero Trust Cyber Series.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For theCUBE + NYSE Wired: Zero Trust Cyber Series
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for theCUBE + NYSE Wired: Zero Trust Cyber Series.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Zero Trust Cyber Series. If you don’t think you received an email check your
spam folder.
Sign in to theCUBE + NYSE Wired: Zero Trust Cyber Series.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to theCUBE + NYSE Wired: Zero Trust Cyber Series
Please sign in with LinkedIn to continue to theCUBE + NYSE Wired: Zero Trust Cyber Series. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Shahar Peled, Terra
Inna Tokarev Sela is the CEO and founder of Illumex. The platform enables companies to extract value from structured data, creating a virtual semantic graph for users to interact with in natural language. Illumex focuses on contextualizing data in real-time and offers built-in governance features. By partnering with major data platform providers, Illumex has increased data usage for customers. The company has raised $13 million and has a diverse workforce. Inna's leadership style is described as empathetic. Illumex envisions a future where data interactions are seamless and efficient. Overall, the company aims to lead the industry towards a more streamlined application-free future.
>> Palo Alto Studio Connections, Silicon Valley and Wall Street. I'm John Furrier here with Dave Vellante, my co-host.
Gemma Allen
>> Welcome to theCUBE Studio here at the New York Stock Exchange. This is Cybersecurity Leaders, one of our programs with NYSE Wired and joining me now is Shahar Peled, co-founder and CEO of Terra Security. Welcome Shahar.
Shahar Peled
>> Thank you, Gemma. Great to be here.
Gemma Allen
>> So Terra Security, cyber player, interesting time in the cyber landscape. Seems like a lot of fear out there. Talk a little bit about the company and what's happening broadly for you guys in this industry.
Shahar Peled
>> Yeah, crazy times to be on. Terra is an agentic AI powered offensive security solution, which means we train AI agents to think and act like ethical hackers. They run continuous penetration testing and red teaming, practically mimicking adversaries at scale to test the security posture of enterprise environments, whether it's applications, AI systems, networks. In the world where AI adversaries move so fast and AI adoption moves so fast across defenders and developers and marketers and sales and practically everyone, the ability to know what adversaries can do today, not what adversaries can see but what can achieve is critical. But until the world of AI, everything that is adversarial emulation, penetration testing and red teaming was pretty much manual by service organizations and by manual it doesn't scale. It runs usually on an annual basis, on a very scoped part of the what we call attack surface. Now it is more important than ever, but also now it's the first time it's actually possible to do it at scale and that's exactly what Terra is here to solve.
Gemma Allen
>> So it seems though we've talked about cybersecurity and the risk of cyber for a very long time, but actually when we look underneath the hood at enterprise level, the cadence of red teaming and purple teaming and these one-off events that happen to give you a sense of perhaps false security were actually really not that regular, right? Like what is actually happening right now at enterprise? Are we seeing more cases whereby folks see this as a constant minute by minute event or are there still a number of enterprises that just do this kind of sporadically on a needs basis?
Shahar Peled
>> Unfortunately the vast majority of enterprises still do it sporadically on a project basis. They will choose a target, go on a week, two week, three week project and then go to the next one. But organizations and enterprises and systems, applications, networks, they change all the time. Adversary capabilities change all the time. So I do feel like there is some sort of a fake feeling of being safe. It doesn't make the point in time not relevant, but it's getting there because being safe right now doesn't mean you're safe five minutes from now. So we see on the other hand, a lot of demand and I think that's what makes our category agentic offensive security or continuous offensive security so hot right now is that the fact that so many large enterprises across the US and the entire world are actively looking for solutions to allow them to run these processes continuously and then Terra comes to play allowing them, and this is how we've been very successful in the large enterprise space. It doesn't mean though that the majority of the organizations are there, unfortunately. They'll get there.
Gemma Allen
>> With your help, I'm sure.
Shahar Peled
>> Yes.
Gemma Allen
>> So talk to me through some false assumptions that I think exist right now. We had an instance up until the onset of frontier models at enterprise whereby there was this understanding that some CISOs might have 80 different cyber players in their stack, right? There was almost like a meme at one point that you can't even control how many different technologies you have monitoring your environment, right? We're now at a point whereby there has to be some level of consolidation, but also some inbuilt assumption that if you're a cloud user at enterprise, for example, there is a level of protection and governance that comes with that model, right? Is that correct or is that incorrect? And what does it mean for your company when you think about the fragmentation, convergence and then perhaps security or non-security of these models that are now happening at the speed of sound?
Shahar Peled
>> That's a great question. Eventually, yes, the market is too fragmented. I think we're moving to the world of more platforms that eventually CISOs and security leaders would want to work with specific players they trust and they have a relationship with and they've seen continuous success with and these players will provide more and more capabilities that will evolve with the way enterprises evolve. Though we are still going to see new attack vectors and need for more startups because well, they always must be. How many of those startups will become platform players? I don't know. I don't think a lot because eventually there's so many categories in cybersecurity that can produce a platform player that can provide more than a few security capabilities. In our category, for example, this is the exact time to finally work with one vendor who can support adversarial emulation or continuous penetration testing or red teaming across every vector of attack. Web applications, APIs, mobile applications, networks, AI systems, all of these things are capabilities that Terra has that until now you had to work with five, six different vendors to provide this value, but to one that has all of the context in a single platform, this is how platforms are being created. On top of that, I would just say that yes, Anthropic and OpenAI and Google, these model providers are incredible and they do provide security capabilities as well. Some of the false assumptions that people make is that cybersecurity is dead because now everything is figured out. I think the opposite is the truth. Cybersecurity is more needed than ever and categories like agentic offensive security and others are just being strengthened by this because now the risks are so much greater. This allows us to understand that yes, AI hasn't solved everything and autonomous security is just not yet there. We still need the human capabilities working with AI to scale but keep control. So I think this is a false assumption that AI has now solved cybersecurity and everything else is done.
Gemma Allen
>> We've had some big players on the show here in the cyberspace. You had Palo Alto Networks, Proofpoint, different companies that have really kind of risen to the top of this stack. And one of their core value props is that it's fully integrated. It's seamless. It's happening anyway. They're already in so much of your stack. They talk about new entrants into this market and the fact that again, it's an additional P&L and additional spend, right? How do you respond to that? Is this something that like plugs and plays into a broader software or security operation center ecosystem or is this kind of a standalone platform play?
Shahar Peled
>> Yeah. So every enterprise on planet Earth has to spend budget on penetration testing or red teaming because it's also compliance driven. For compliance initiatives, you have to run at least an annual test on some of your systems. So it doesn't have to be a new category of spend. What we do see, and I think we're going to see much more than in the future, is that first all of this budget that is led by compliance or security or both is going to go to the AI native players because you don't have to run with the service company right now when you can have an AI native company give you both, a very robust security continuously on the entire attack surface that you want to support, but also provide you the compliance need that you need across the same budget. What we'll see there is that organizations will see that yes, offensive security, proactive security is so powerful because it's literally the only capability that can show you what adversaries can really do today. Not just what's vulnerable, but what is exploitable with business impact and as such, I believe we'll see more and more spend going into these umbrella of categories that is proactive. So it's not happening right now and let's be realistic here, but you don't have to come up with new budget. You already have this budget. Just reallocate it to proactive security and agentic AI continuous or red teaming and then people will see, and we start seeing it with our customers today, that this is one of the most effective capabilities they have in their stack and it will continue to grow. Lastly, across the integrations you discussed. Integrating with the entire continuous security life cycle is the exec player of a platform play. If you want to test applications and networks and AI systems, and if you want to collect context from the organizational contextual awareness, and if you want to send your output to where the managed vulnerabilities or fixes, remediation, or their SOC, you have to be integrated to all. It can't be as a standalone product or offering as it has been until the war of AI native offensive security. So it's becoming more integrated. It just wasn't there before.
Gemma Allen
>> Wow. Talk about some of the new attack vectors you're seeing, right? We spoke about these frontier models that are now broadly being used in some capacity and enterprise. We also know that there is a lot of things folks can't protect from like personas are on the rise. We hear about folks bringing technology home and potentially having an accidental breach per se, right? We're all guilty of sometimes ChatGPTing a work question. What are you seeing? Where do you think these risks are really rising that people might be somewhat blind to?
Shahar Peled
>> So I think it's a combination of two. What people are mostly scared of, which I think is false, is the new novel AI attacks that no one has seen before. These will come up and they will happen. But what we see at more scale is the same vulnerabilities we knew before just at a higher velocity, quicker, faster, continuously, and much easier to accomplish because now AI adversaries can work continuously. They're more hyper personalized. They don't have to sleep. They can do it all the time and attack, right? This is what to protect against. But now every human have hundreds of AI agents in their disposal. Each one of those can be a potential entry point for an adversary if not done right. And what we see with our customers, not many organizations have figured out how to really adopt AI safely across their entire organization. So we'll see more of the known attacks just at a different scale. On the other hand, we do see vulnerabilities that are unique to AI. We do see prompt injections and gel breaks and ability to use platform that are based on AI, whether it's cloud code or OpenCloud and others. Our teams have found meaningful vulnerabilities in these platforms, which we of course safely disclosed and they're now fixed. These weren't possible before because now it's not just about the vulnerability, it's about the intent. What was your intent when you created this AI system? What was your intent when you developed this code? Intent is much harder to explain to AI and as such, seeing the output of the intent that you created is very hard to test. So intent is the new attack vector. That's something we have to realize.
Gemma Allen
>> So you onboard a new customer, you have this constant iteration of security, I guess, offense that is regularly scanning environments all the time, right? It creates some sort of alert. What happens? Is that like a human intervention at that point or is that an automatic fix? How does that work?
Shahar Peled
>> Yeah. So I think that the premise of autonomous offensive security is not yet here. I have never met a security leader that is okay with a fully autonomous swarm of AI agents that are trained to attack you, running autonomously in their production or very sensitive environments because this can cause harm. So what we see today is that organizations create their own and we allow that configure guardrails, which are basically rules of what you're okay with AI agents do autonomously, what you're okay with AI agents, but they need a human approval to proceed because these are highly sensitive and dangerous acts and what you're not okay with whatsoever. When you configure this, you can actually scale. When AI is being blocked, there is a human, it doesn't matter who this human is, but currently is going to give the green light or red light of proceeding with the actions because who's going to take accountability when an AI system dropped your production environment. We're at the New York Stock Exchange. What happens here if the website that people trade with stop working? That is meaningful, right? I don't think security leaders will take the chance of something like that happening and AI sometimes can hallucinate, can make mistakes. So we prevent it using these guardrails, but if we don't act upon these guardrails and actually follow up with a human approval, we don't mimic adversaries. So we have to do some of these operations just in a safely manner. When you do validate an exploitable vulnerability, basically something you have to fix, it doesn't have to happen manually. There's also auto remediation. So we can generate the fix for the organization and they will choose that they want to fix it with a click of a button or autonomously or that they want to review it first. Just like the attacks, the remediation is the same thing. It's based on the appetite, based on the processes that are being placed in each organization of whether they want it to happen automatically, autonomously, or with a click of a button, but they don't have to sort of research and do it manually for sure. These days are gone. The question is, are you ready for autonomous or not? And that is hyper personalized for each organization.
Gemma Allen
>> Mythos, that got a lot of news, a lot of headlines. I feel like it was a great marketing effort by Anthropic, if anything else, right? But one thing we do know is that there is this at least collective belief that, yes, this has to be a collective fix, right? We need to work together as an industry to ensure that we have the right protections in place. What does that actually look like though in the field? We also heard that this week there was some conversations at government around who's going to get access to models when, how, what that's going to look like. You guys building a business on the other side of this to ensure that you can meet the protective demands of customers five years from now, how collaborative is this process? What's happening really day-to-day in your world?
Shahar Peled
>> Yeah. So Mythos or other models, I call it the new generational models. There is GPD 5.5 and there are others that will come. There are definitely more powerful models. But from what we have seen, it's not a world changing model, right? It is more powerful. It can uncover vulnerabilities that were missed before. It can multi-step reasoning and things are very, very impressive, but you still need to know how to use these models, orchestrate or what we call harness layer. So if you want to really have a robust security program or an area offensive security, you can't just tell Mythos, "Hey, go and run continuous red teaming for me." It's not going to work. There's so many things around it that have to be as part of the orchestration layer. So we use the best AI models out there for each agent that we have and we have hundreds based on the task at hand. Sometimes the answer is going to be Mythos. We're going to orchestrate it. Sometimes the answer is going to be a different model, a different provider, maybe even a different region of providers. Sometimes they want to run it in a different region of a cloud environment. Sometimes they want to run it based on models that they have trained. So I think this answer is yes, it is making everything more powerful, but what we see today, people are scared and they need cybersecurity or offensive security more than ever because Mythos is available for some organizations. I guess in the future it's going to be for everyone. There are some other models that could be slightly weaker, but still very powerful at the hands of adversaries. Adversaries don't have regulators stopping them. They don't have compliance around them. It's much easier for them to adopt. So I think enterprises today need organizations like Terra to know how to leverage Mythos and alike for them to have a robust security program and that's the only way to really fight back. I think when organizations try to build it themselves, sometimes they succeed, but sometimes they understand it's much more complicated, much more expensive. Someone needs to actually train and evaluate the new models that come out and maintain the system. Eventually there are organizations like us that this is what we do for a living 24/7 and it helps our category grow a lot. So I'm thankful.
Gemma Allen
>> Because you mentioned that each agent is trained on the best, most fearless model, right? To ensure that it is completely apprised of any risk vector. We also hear a lot about tokenomics and the cost of just running these agents. We were just in Vegas last week at Dell Tech World and we heard everything from enterprise to $100,000 to a year to run an agent to $40,000, right? But it sounds as though it's an expensive time and especially in the world you're in where you're trying to constantly stay apprised of the tech, right? How is that playing out for startups or for companies like yours that are, again, trying to build in this incumbent era?
Shahar Peled
>> Yeah, that's a great question because sometimes people forget about the token economy and AI inference. It is very expensive. If organizations, you said about Mythos... If enterprises will start to run Mythos and tell it to run across the entire offensive security lifecycle and for some reason they succeed, it is going to cost them much more than running with a vendor that what we do is not just choose the best model, but also the right model. You don't need a fully large multi-step reasoning model for every task related to cybersecurity. For small, some tasks you do, but sometimes you want a smaller model, maybe some machine learning, not AI, right? Maybe not gen AI. Maybe some things need to be scripted and more automated rather than autonomous. Having a vendor that can actually choose the right model for the right task and do a lot of things on top of it like keep the context because a lot of the tokens are used to provide more context to the models. If you have to start from scratch every time, you have to start with all the context and context for AI is literally everything. We, for example, I don't know what others are doing, but we have this very smart system. They can always continue from the last plate stop. So we always have the context. We call non-models like Mythos or 5.5 when we have them, when we need this kind of models, but we have hundreds of agents, maybe a small percentage of them actually need this very, very robust model. So I think we'll see a lot of organizations waste a lot of money on tokens and when you build a business around it, you have to know that it has to make sense. Unit economics and economies of scale have to make sense. It's something we spend a lot of efforts on. And our AI and research team, a lot of what they do is, as I said, match the right model to the right task and make sure we're not wasteful because it is very, very expensive.
Gemma Allen
>> So talk me through the new customer experience here, the onboarding, the deployment, how quickly all of this can happen, what it actually looks like in playing out in real life.
Shahar Peled
>> That's a great question. So it's a matter of minutes. Usually we do need more context than a service for penetration testing. It usually tells you get me the target, maybe it's a URL or a scope or whatever and credentials and I'll run from there. We do need more because agents need more context. So for example, our most robust offering is continuous white box penetration testing and red teaming, which means we need access to the source code. We do it very safely and we do it in a read-only access, but sometimes this adds another small step that we have to do. Once we have that and we collect the context, whether it's from code, it takes five minutes, right? Agents don't need more than just context, which can be collected from multiple sources. It doesn't only have to be source code, the more the merrier, but all you have to do is give it credentials a target and that's it. It starts running and it never stops. It runs all the time. When it finishes the first baseline of running a full and robust penetration testing or red team, it depends on the target and finds a security poster of today, we move to change based incremental testing, which means you don't have to retrigger it, you don't have to run it, you don't have to configure it. Once it's connected, it's just going to listen to changes to the attack surface, whether it's through code that's being merged and changed, new CVEs, misconfigurations, novel AI attacks. And when it happens, the AI agents will understand has it changed the attack surface or not? If not, they'll explain why and not do anything with the just reason and move it away because it's noise. If it has changed, we'll immediately trigger another test to always run this validation to always be ahead of adversaries.
Gemma Allen
>> So is this license, I guess on a user basis, is it like on an environmental instance basis? How does the model work?
Shahar Peled
>> It is on a target basis. It is much easier for us to say consumption. The more AI consumption, the more you're going to pay. But from what we see, security leaders don't want to pay this way because it's not transparent. It's not predictable. You start with X, you have zero idea what you're going to end up with in the end of the year. We also don't want them to think twice before using Terra. So we scope the target. It can be X amount of targets, web applications, networks, AI systems, MCPs. Each one is going to be sized and then there will be an annual subscription based on how large it is. But within this annual subscription, it's everything, 24/7 testing across every change. It doesn't matter how many times it changed, including the added station they will need for compliance so they don't have to pay multiple vendors and it's a very transparent pricing for the entire year based on the entire target and portfolio of targets of each enterprise.
Gemma Allen
>> Well, it's certainly a very attractive proposition. Last question, Shahar. Talk to me about the stage you guys are at. I know you've raised some money, you've got some interesting backers. Where are you at from a funding perspective? You've just moved to the US, I believe, to kind of land and grow the business here. Sounds as though the time is certainly to do that. What's ahead?
Shahar Peled
>> So yeah, we raised about $40 million from top tier VCs and cybersecurity VCs here in the US. What's ahead is to keep growing our customer base. We have incredible customers, lots of Fortune 500 organizations, financial organizations, even Fortune 10s and we need to grow this customer base grow offering. We just expanded from application and APIs to network and AI systems. We are going to raise more funding in the near future, of course, because we have to accelerate our growth. That's the exciting part ahead, providing more stable, better security and more robust offering and platform for our customer base, those that exist today, those that will come in the near future. Of course, grow the team here in the US for sales and marketing, grow the R&D center that we have in Tel Aviv and become a category defining company. We have an incredible opportunity ahead and maybe in two or three years we'll be here and ring the bell as we take the company public.
Gemma Allen
>> I don't doubt it. Grow jobs here in the US and keep the internet and enterprise safe. I love to hear it. Thanks so much for joining us on theCUBE.
Shahar Peled
>> Thank you for having me.
Gemma Allen
>> I'm Gemma Allen here at theCUBE Studio at the New York Stock Exchange. This is Cybersecurity Leaders, one of our programs with NYSE Wired. Thanks for watching.
>> Palo Alto Studio Connections, Silicon Valley and Wall Street. I'm John Furrier here with Dave Vellante, my co-host.
Gemma Allen
>> Welcome to theCUBE Studio here at the New York Stock Exchange. This is Cybersecurity Leaders, one of our programs with NYSE Wired and joining me now is Shahar Peled, co-founder and CEO of Terra Security. Welcome Shahar.
Shahar Peled
>> Thank you, Gemma. Great to be here.
Gemma Allen
>> So Terra Security, cyber player, interesting time in the cyber landscape. Seems like a lot of fear out there. Talk a little bit about the company and what's happening broadly for you guys in this industry.
Shahar Peled
>> Yeah, crazy times to be on. Terra is an agentic AI powered offensive security solution, which means we train AI agents to think and act like ethical hackers. They run continuous penetration testing and red teaming, practically mimicking adversaries at scale to test the security posture of enterprise environments, whether it's applications, AI systems, networks. In the world where AI adversaries move so fast and AI adoption moves so fast across defenders and developers and marketers and sales and practically everyone, the ability to know what adversaries can do today, not what adversaries can see but what can achieve is critical. But until the world of AI, everything that is adversarial emulation, penetration testing and red teaming was pretty much manual by service organizations and by manual it doesn't scale. It runs usually on an annual basis, on a very scoped part of the what we call attack surface. Now it is more important than ever, but also now it's the first time it's actually possible to do it at scale and that's exactly what Terra is here to solve.
Gemma Allen
>> So it seems though we've talked about cybersecurity and the risk of cyber for a very long time, but actually when we look underneath the hood at enterprise level, the cadence of red teaming and purple teaming and these one-off events that happen to give you a sense of perhaps false security were actually really not that regular, right? Like what is actually happening right now at enterprise? Are we seeing more cases whereby folks see this as a constant minute by minute event or are there still a number of enterprises that just do this kind of sporadically on a needs basis?
Shahar Peled
>> Unfortunately the vast majority of enterprises still do it sporadically on a project basis. They will choose a target, go on a week, two week, three week project and then go to the next one. But organizations and enterprises and systems, applications, networks, they change all the time. Adversary capabilities change all the time. So I do feel like there is some sort of a fake feeling of being safe. It doesn't make the point in time not relevant, but it's getting there because being safe right now doesn't mean you're safe five minutes from now. So we see on the other hand, a lot of demand and I think that's what makes our category agentic offensive security or continuous offensive security so hot right now is that the fact that so many large enterprises across the US and the entire world are actively looking for solutions to allow them to run these processes continuously and then Terra comes to play allowing them, and this is how we've been very successful in the large enterprise space. It doesn't mean though that the majority of the organizations are there, unfortunately. They'll get there.
Gemma Allen
>> With your help, I'm sure.
Shahar Peled
>> Yes.
Gemma Allen
>> So talk to me through some false assumptions that I think exist right now. We had an instance up until the onset of frontier models at enterprise whereby there was this understanding that some CISOs might have 80 different cyber players in their stack, right? There was almost like a meme at one point that you can't even control how many different technologies you have monitoring your environment, right? We're now at a point whereby there has to be some level of consolidation, but also some inbuilt assumption that if you're a cloud user at enterprise, for example, there is a level of protection and governance that comes with that model, right? Is that correct or is that incorrect? And what does it mean for your company when you think about the fragmentation, convergence and then perhaps security or non-security of these models that are now happening at the speed of sound?
Shahar Peled
>> That's a great question. Eventually, yes, the market is too fragmented. I think we're moving to the world of more platforms that eventually CISOs and security leaders would want to work with specific players they trust and they have a relationship with and they've seen continuous success with and these players will provide more and more capabilities that will evolve with the way enterprises evolve. Though we are still going to see new attack vectors and need for more startups because well, they always must be. How many of those startups will become platform players? I don't know. I don't think a lot because eventually there's so many categories in cybersecurity that can produce a platform player that can provide more than a few security capabilities. In our category, for example, this is the exact time to finally work with one vendor who can support adversarial emulation or continuous penetration testing or red teaming across every vector of attack. Web applications, APIs, mobile applications, networks, AI systems, all of these things are capabilities that Terra has that until now you had to work with five, six different vendors to provide this value, but to one that has all of the context in a single platform, this is how platforms are being created. On top of that, I would just say that yes, Anthropic and OpenAI and Google, these model providers are incredible and they do provide security capabilities as well. Some of the false assumptions that people make is that cybersecurity is dead because now everything is figured out. I think the opposite is the truth. Cybersecurity is more needed than ever and categories like agentic offensive security and others are just being strengthened by this because now the risks are so much greater. This allows us to understand that yes, AI hasn't solved everything and autonomous security is just not yet there. We still need the human capabilities working with AI to scale but keep control. So I think this is a false assumption that AI has now solved cybersecurity and everything else is done.
Gemma Allen
>> We've had some big players on the show here in the cyberspace. You had Palo Alto Networks, Proofpoint, different companies that have really kind of risen to the top of this stack. And one of their core value props is that it's fully integrated. It's seamless. It's happening anyway. They're already in so much of your stack. They talk about new entrants into this market and the fact that again, it's an additional P&L and additional spend, right? How do you respond to that? Is this something that like plugs and plays into a broader software or security operation center ecosystem or is this kind of a standalone platform play?
Shahar Peled
>> Yeah. So every enterprise on planet Earth has to spend budget on penetration testing or red teaming because it's also compliance driven. For compliance initiatives, you have to run at least an annual test on some of your systems. So it doesn't have to be a new category of spend. What we do see, and I think we're going to see much more than in the future, is that first all of this budget that is led by compliance or security or both is going to go to the AI native players because you don't have to run with the service company right now when you can have an AI native company give you both, a very robust security continuously on the entire attack surface that you want to support, but also provide you the compliance need that you need across the same budget. What we'll see there is that organizations will see that yes, offensive security, proactive security is so powerful because it's literally the only capability that can show you what adversaries can really do today. Not just what's vulnerable, but what is exploitable with business impact and as such, I believe we'll see more and more spend going into these umbrella of categories that is proactive. So it's not happening right now and let's be realistic here, but you don't have to come up with new budget. You already have this budget. Just reallocate it to proactive security and agentic AI continuous or red teaming and then people will see, and we start seeing it with our customers today, that this is one of the most effective capabilities they have in their stack and it will continue to grow. Lastly, across the integrations you discussed. Integrating with the entire continuous security life cycle is the exec player of a platform play. If you want to test applications and networks and AI systems, and if you want to collect context from the organizational contextual awareness, and if you want to send your output to where the managed vulnerabilities or fixes, remediation, or their SOC, you have to be integrated to all. It can't be as a standalone product or offering as it has been until the war of AI native offensive security. So it's becoming more integrated. It just wasn't there before.
Gemma Allen
>> Wow. Talk about some of the new attack vectors you're seeing, right? We spoke about these frontier models that are now broadly being used in some capacity and enterprise. We also know that there is a lot of things folks can't protect from like personas are on the rise. We hear about folks bringing technology home and potentially having an accidental breach per se, right? We're all guilty of sometimes ChatGPTing a work question. What are you seeing? Where do you think these risks are really rising that people might be somewhat blind to?
Shahar Peled
>> So I think it's a combination of two. What people are mostly scared of, which I think is false, is the new novel AI attacks that no one has seen before. These will come up and they will happen. But what we see at more scale is the same vulnerabilities we knew before just at a higher velocity, quicker, faster, continuously, and much easier to accomplish because now AI adversaries can work continuously. They're more hyper personalized. They don't have to sleep. They can do it all the time and attack, right? This is what to protect against. But now every human have hundreds of AI agents in their disposal. Each one of those can be a potential entry point for an adversary if not done right. And what we see with our customers, not many organizations have figured out how to really adopt AI safely across their entire organization. So we'll see more of the known attacks just at a different scale. On the other hand, we do see vulnerabilities that are unique to AI. We do see prompt injections and gel breaks and ability to use platform that are based on AI, whether it's cloud code or OpenCloud and others. Our teams have found meaningful vulnerabilities in these platforms, which we of course safely disclosed and they're now fixed. These weren't possible before because now it's not just about the vulnerability, it's about the intent. What was your intent when you created this AI system? What was your intent when you developed this code? Intent is much harder to explain to AI and as such, seeing the output of the intent that you created is very hard to test. So intent is the new attack vector. That's something we have to realize.
Gemma Allen
>> So you onboard a new customer, you have this constant iteration of security, I guess, offense that is regularly scanning environments all the time, right? It creates some sort of alert. What happens? Is that like a human intervention at that point or is that an automatic fix? How does that work?
Shahar Peled
>> Yeah. So I think that the premise of autonomous offensive security is not yet here. I have never met a security leader that is okay with a fully autonomous swarm of AI agents that are trained to attack you, running autonomously in their production or very sensitive environments because this can cause harm. So what we see today is that organizations create their own and we allow that configure guardrails, which are basically rules of what you're okay with AI agents do autonomously, what you're okay with AI agents, but they need a human approval to proceed because these are highly sensitive and dangerous acts and what you're not okay with whatsoever. When you configure this, you can actually scale. When AI is being blocked, there is a human, it doesn't matter who this human is, but currently is going to give the green light or red light of proceeding with the actions because who's going to take accountability when an AI system dropped your production environment. We're at the New York Stock Exchange. What happens here if the website that people trade with stop working? That is meaningful, right? I don't think security leaders will take the chance of something like that happening and AI sometimes can hallucinate, can make mistakes. So we prevent it using these guardrails, but if we don't act upon these guardrails and actually follow up with a human approval, we don't mimic adversaries. So we have to do some of these operations just in a safely manner. When you do validate an exploitable vulnerability, basically something you have to fix, it doesn't have to happen manually. There's also auto remediation. So we can generate the fix for the organization and they will choose that they want to fix it with a click of a button or autonomously or that they want to review it first. Just like the attacks, the remediation is the same thing. It's based on the appetite, based on the processes that are being placed in each organization of whether they want it to happen automatically, autonomously, or with a click of a button, but they don't have to sort of research and do it manually for sure. These days are gone. The question is, are you ready for autonomous or not? And that is hyper personalized for each organization.
Gemma Allen
>> Mythos, that got a lot of news, a lot of headlines. I feel like it was a great marketing effort by Anthropic, if anything else, right? But one thing we do know is that there is this at least collective belief that, yes, this has to be a collective fix, right? We need to work together as an industry to ensure that we have the right protections in place. What does that actually look like though in the field? We also heard that this week there was some conversations at government around who's going to get access to models when, how, what that's going to look like. You guys building a business on the other side of this to ensure that you can meet the protective demands of customers five years from now, how collaborative is this process? What's happening really day-to-day in your world?
Shahar Peled
>> Yeah. So Mythos or other models, I call it the new generational models. There is GPD 5.5 and there are others that will come. There are definitely more powerful models. But from what we have seen, it's not a world changing model, right? It is more powerful. It can uncover vulnerabilities that were missed before. It can multi-step reasoning and things are very, very impressive, but you still need to know how to use these models, orchestrate or what we call harness layer. So if you want to really have a robust security program or an area offensive security, you can't just tell Mythos, "Hey, go and run continuous red teaming for me." It's not going to work. There's so many things around it that have to be as part of the orchestration layer. So we use the best AI models out there for each agent that we have and we have hundreds based on the task at hand. Sometimes the answer is going to be Mythos. We're going to orchestrate it. Sometimes the answer is going to be a different model, a different provider, maybe even a different region of providers. Sometimes they want to run it in a different region of a cloud environment. Sometimes they want to run it based on models that they have trained. So I think this answer is yes, it is making everything more powerful, but what we see today, people are scared and they need cybersecurity or offensive security more than ever because Mythos is available for some organizations. I guess in the future it's going to be for everyone. There are some other models that could be slightly weaker, but still very powerful at the hands of adversaries. Adversaries don't have regulators stopping them. They don't have compliance around them. It's much easier for them to adopt. So I think enterprises today need organizations like Terra to know how to leverage Mythos and alike for them to have a robust security program and that's the only way to really fight back. I think when organizations try to build it themselves, sometimes they succeed, but sometimes they understand it's much more complicated, much more expensive. Someone needs to actually train and evaluate the new models that come out and maintain the system. Eventually there are organizations like us that this is what we do for a living 24/7 and it helps our category grow a lot. So I'm thankful.
Gemma Allen
>> Because you mentioned that each agent is trained on the best, most fearless model, right? To ensure that it is completely apprised of any risk vector. We also hear a lot about tokenomics and the cost of just running these agents. We were just in Vegas last week at Dell Tech World and we heard everything from enterprise to $100,000 to a year to run an agent to $40,000, right? But it sounds as though it's an expensive time and especially in the world you're in where you're trying to constantly stay apprised of the tech, right? How is that playing out for startups or for companies like yours that are, again, trying to build in this incumbent era?
Shahar Peled
>> Yeah, that's a great question because sometimes people forget about the token economy and AI inference. It is very expensive. If organizations, you said about Mythos... If enterprises will start to run Mythos and tell it to run across the entire offensive security lifecycle and for some reason they succeed, it is going to cost them much more than running with a vendor that what we do is not just choose the best model, but also the right model. You don't need a fully large multi-step reasoning model for every task related to cybersecurity. For small, some tasks you do, but sometimes you want a smaller model, maybe some machine learning, not AI, right? Maybe not gen AI. Maybe some things need to be scripted and more automated rather than autonomous. Having a vendor that can actually choose the right model for the right task and do a lot of things on top of it like keep the context because a lot of the tokens are used to provide more context to the models. If you have to start from scratch every time, you have to start with all the context and context for AI is literally everything. We, for example, I don't know what others are doing, but we have this very smart system. They can always continue from the last plate stop. So we always have the context. We call non-models like Mythos or 5.5 when we have them, when we need this kind of models, but we have hundreds of agents, maybe a small percentage of them actually need this very, very robust model. So I think we'll see a lot of organizations waste a lot of money on tokens and when you build a business around it, you have to know that it has to make sense. Unit economics and economies of scale have to make sense. It's something we spend a lot of efforts on. And our AI and research team, a lot of what they do is, as I said, match the right model to the right task and make sure we're not wasteful because it is very, very expensive.
Gemma Allen
>> So talk me through the new customer experience here, the onboarding, the deployment, how quickly all of this can happen, what it actually looks like in playing out in real life.
Shahar Peled
>> That's a great question. So it's a matter of minutes. Usually we do need more context than a service for penetration testing. It usually tells you get me the target, maybe it's a URL or a scope or whatever and credentials and I'll run from there. We do need more because agents need more context. So for example, our most robust offering is continuous white box penetration testing and red teaming, which means we need access to the source code. We do it very safely and we do it in a read-only access, but sometimes this adds another small step that we have to do. Once we have that and we collect the context, whether it's from code, it takes five minutes, right? Agents don't need more than just context, which can be collected from multiple sources. It doesn't only have to be source code, the more the merrier, but all you have to do is give it credentials a target and that's it. It starts running and it never stops. It runs all the time. When it finishes the first baseline of running a full and robust penetration testing or red team, it depends on the target and finds a security poster of today, we move to change based incremental testing, which means you don't have to retrigger it, you don't have to run it, you don't have to configure it. Once it's connected, it's just going to listen to changes to the attack surface, whether it's through code that's being merged and changed, new CVEs, misconfigurations, novel AI attacks. And when it happens, the AI agents will understand has it changed the attack surface or not? If not, they'll explain why and not do anything with the just reason and move it away because it's noise. If it has changed, we'll immediately trigger another test to always run this validation to always be ahead of adversaries.
Gemma Allen
>> So is this license, I guess on a user basis, is it like on an environmental instance basis? How does the model work?
Shahar Peled
>> It is on a target basis. It is much easier for us to say consumption. The more AI consumption, the more you're going to pay. But from what we see, security leaders don't want to pay this way because it's not transparent. It's not predictable. You start with X, you have zero idea what you're going to end up with in the end of the year. We also don't want them to think twice before using Terra. So we scope the target. It can be X amount of targets, web applications, networks, AI systems, MCPs. Each one is going to be sized and then there will be an annual subscription based on how large it is. But within this annual subscription, it's everything, 24/7 testing across every change. It doesn't matter how many times it changed, including the added station they will need for compliance so they don't have to pay multiple vendors and it's a very transparent pricing for the entire year based on the entire target and portfolio of targets of each enterprise.
Gemma Allen
>> Well, it's certainly a very attractive proposition. Last question, Shahar. Talk to me about the stage you guys are at. I know you've raised some money, you've got some interesting backers. Where are you at from a funding perspective? You've just moved to the US, I believe, to kind of land and grow the business here. Sounds as though the time is certainly to do that. What's ahead?
Shahar Peled
>> So yeah, we raised about $40 million from top tier VCs and cybersecurity VCs here in the US. What's ahead is to keep growing our customer base. We have incredible customers, lots of Fortune 500 organizations, financial organizations, even Fortune 10s and we need to grow this customer base grow offering. We just expanded from application and APIs to network and AI systems. We are going to raise more funding in the near future, of course, because we have to accelerate our growth. That's the exciting part ahead, providing more stable, better security and more robust offering and platform for our customer base, those that exist today, those that will come in the near future. Of course, grow the team here in the US for sales and marketing, grow the R&D center that we have in Tel Aviv and become a category defining company. We have an incredible opportunity ahead and maybe in two or three years we'll be here and ring the bell as we take the company public.
Gemma Allen
>> I don't doubt it. Grow jobs here in the US and keep the internet and enterprise safe. I love to hear it. Thanks so much for joining us on theCUBE.
Shahar Peled
>> Thank you for having me.
Gemma Allen
>> I'm Gemma Allen here at theCUBE Studio at the New York Stock Exchange. This is Cybersecurity Leaders, one of our programs with NYSE Wired. Thanks for watching.
John Furrier
Gemma Allen