1stProtect Emerges From Stealth With $20 Million in Funding

Endpoint security startup 1stProtect today emerged from stealth mode with $20 million in funding from Andra Capital and All Blue Capital. San Francisco-based 1stProtect has built an endpoint security platform that monitors system behavior and user intent to prevent cyberattacks in real time. The pre-emptive solution enforces security policies at runtime, blocking malicious behavior at the operating system level, instead of relying on a cloud architecture for decision-making. 1stProtect analyzes the attack’s destination and intent, operating as a self-defending system even in disconnected or restricted environments. The platform includes nearly two dozen protection modules covering credential and session theft, ransomware, data exfiltration, application and browser security, runtime behavior, and identity and Active Directory attacks. The unified architecture enables organizations to monitor and enforce policies across access, systems, and data flows. 1stProtect also relies on an AI investigator for local forensic analysis, enabling investigation and remediation directly on the system, even when no internet connection is available. The startup’s chief executive officer, Kervin Pillay, previously served as chief technology officer of Automation at Cisco, while its chief technology officer, Rafel Ivgi, held senior leadership positions at SentinelOne, CrowdStrike, Symantec, and Forcepoint. “We built this company around a simple idea: by the time most existing security tools detect an attack, the data is already gone. Instead of trying to identify malware after the fact, we verify every critical data access in real time and stop unauthorized activity before it becomes a breach,” Pillay said. Related: Raven Emerges From Stealth With $20 Million in Funding Related: Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation Related: Manifold Raises $8 Million for AI Detection and Response Related: Tech Giants Invest $12.5 Million in Open Source Security WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Raven Emerges From Stealth With $20 Million in Funding ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations Manifold Raises $8 Million for AI Detection and Response Apple Debuts Background Security Improvements With Fresh WebKit Patches Tech Giants Invest $12.5 Million in Open Source Security Robotic Surgery Giant Intuitive Discloses Cyberattack 174 Vulnerabilities Targeted by RondoDox Botnet Latest News Oasis Security Raises $120 Million for Agentic Access Management Critical ScreenConnect Vulnerability Exposes Machine Keys Privacy Platform Cloaked Raises $375M to Expand Enterprise Reach Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury Marquis Data Breach Affects 672,000 Individuals Security Firm Aura Discloses Data Breach Impacting 900,000 Records Hacker Conversations: Ben Harris, From Unintentional Young Hacker to Intentional Adult CEO Russian APT Exploits Zimbra Vulnerability Against Ukraine Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move SecurityBridge has promoted Holger Hügel to Chief Technology Officer. Armis has appointed Simon Mouyal as Chief Marketing Officer. Omada has named Jakob H. Kraglund as Chief Executive Officer. More People On The Move Expert Insights The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat As Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How To Eliminate The Technical Debt Of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Flipboard Reddit Whatsapp Email