Nebulock Raises $25 Million for AI-Native Contextual Security

Cybersecurity startup Nebulock has announced raising $25 million in a Series A funding round that brings the total raised by the company to over $33 million. The new investment round was led by FirstMark, with additional support from previous backers Bain Capital Ventures, Decibel, Step Function, and Zetta Venture Partners. Boston, Massachusetts-based Nebulock emerged from stealth mode a year ago, focused on autonomous, vendor-agnostic threat hunting across endpoint, cloud, and identity. Since then, the startup has expanded its AI-powered solution to deliver proactive detection engineering and behavioral security analytics. [ Read: Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed ] To help defenders understand behavior, the platform hunts for and correlates human and AI accounts, identities, and hosts, delivering detection rules to test, edit, and fine-tune. Nebulock turns enterprise context into a behavioral system of record, providing visibility into activities across endpoint, identity, cloud, network, and SaaS ecosystems, and surfacing seemingly unremarkable actions that point towards potential compromise. The startup will use the new funding to expand its platform’s capabilities, deepen cross-telemetry correlation and behavioral context graph, and hire new talent across engineering and go-to-market teams. “The attacker has become more agentic faster than defenders have become proactive. Breaches used to take months; now they take tokens. That’s why Nebulock was built to help security teams move beyond reactive-by-default workflows and toward context-rich, always-on protection that shows them what their stack can’t see,” Nebulock founder and CEO Damien Lewke said. Related: Runlayer Raises $30 Million in Series A Funding Related: Dream Raises $260 Million at $3 Billion Valuation Related: Tenet Security Emerges From Stealth With $6 Million Seed Funding Related: Magnitude Emerges From Stealth Mode With $10 Million in Funding WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Runlayer Raises $30 Million in Series A Funding GitLab Patches Code Execution, Information Disclosure Vulnerabilities 25-Year-Old Vulnerability Patched in Curl NIST Opens Updated IoT Security Guidance to Public Review Chrome 149 Update Resolves 18 Severe Vulnerabilities Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs New ‘Mistic’ RAT Opens Door to Several Ransomware Families Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking Latest News Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories More Klue Breach Victims Identified as Hackers Get Hacked In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs Linux Foundation Unveils New Open Source Security Project Akrites $3 Million Reportedly Stolen in Polymarket Hack Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild New Enterprise-Ready MCP Specification Brings New Security Challenges Trending Webinar: Why Email Security Keeps Failing (And What Has To Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the Move Mark Carter has been appointed Chief Information Security Officer at Socure. Spektrum Labs has named Mark Cravotta Chief Operating Officer. Philip Martin has joined Uber as Chief Information Security Officer. More People On The Move Expert Insights When Information Becomes The Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What The Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told The Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) Flipboard Reddit Whatsapp Email