Estimated reading time: 7 minutes
A Tel Aviv-based cybersecurity startup emerged from stealth this week with a platform that replaces manual cloud security workflows with AI agents (agentic cloud security). Copperhelm is backed by $7 million in seed funding. TLV Partners led the round. Participants included toDay Ventures, ICON, and SaaS Ventures Israel. Notable angel investors included Kfir Tishbi, Or Hiltch, Guy Zipori, and Ephraim Yarmak. The company already works with paying customers, including Fortune 500 enterprises.
The Problem Copperhelm Is Solving
Cloud environments have grown too large for manual security review. Most enterprises now operate across hundreds of cloud accounts. General-purpose AI tools cannot handle that complexity without deep architectural context. Security teams spend an enormous amount of time triaging alerts. Most of those alerts turn out to be low-priority noise.
Copperhelm‘s founding team includes Co-founders Shimon Tolts, Eyar Zilberman, and Roman Labunsky. Their backgrounds span Unity, McAfee, and RSA. Tolts holds recognition as an AWS Hero and CNCF Ambassador. Zilberman is a GitHub Star. The team built cloud infrastructure and security products at enterprise scale before founding Copperhelm.
The Context Lake: A Real-Time Decision Layer
The company’s core technology is the Context Lake. It structures cloud data across environments and connects it in real time. AI agents use this unified view to investigate threats and execute remediation. They do not wait for a human to triage each alert before acting.
The platform deploys purpose-built agents across four disciplines: network analysis, system behavior, adversary simulation, and automated remediation. Agents connect to live workloads. They inspect active processes and container images. They map cloud network topology. And they deploy targeted protections, including WAF rules, without causing service downtime. Each action happens continuously, not in response to a quarterly review cycle.
From Six Million Findings To A Short List
One Fortune 500 customer began with six million raw security findings. Copperhelm’s agents condensed those into a few hundred evidence-backed, validated risks. Engineering teams then focused only on the exposures that carried real impact. The reduction in noise translated directly into faster action on the threats that mattered.
That outcome matters beyond business efficiency. A company operating with validated, prioritized risks carries a fundamentally different loss profile than one buried under millions of unreviewed alerts. That distinction will eventually reach the underwriting table.
The Exploitation Window Has Already Broken Legacy Assumptions
Cyber insurers have not yet fully priced the speed at which the threat environment now moves. Attackers exploit many vulnerabilities within one day of public disclosure. Many cyber policies still reflect response assumptions built around 2020-era human workflows.
Asked whether carriers engage seriously with that timeline, Tolts said legacy carriers still price against outdated human-response times. He added that “machine-speed defense will soon be mandatory to qualify for top-tier coverage.” That is a direct challenge to the current pricing model. If Tolts is right, underwriters who base terms on manual response assumptions are accepting risk that no longer matches their models. Enterprises using AI-driven remediation may soon warrant different treatment at renewal.
Autonomous Agents And The Liability Gap
Autonomous remediation raises questions that cyber policies have not yet answered. When an AI agent disrupts a business process while mitigating a threat, who absorbs the loss? That question will reach policy language before long.
Copperhelm operates on what Tolts describes as an autonomy dial. The platform immediately executes highly reversible actions. Deploying a WAF rule falls into that category. For major architectural changes, agents compile the full runtime evidence and surface a single-click approval to a human operator. Speed and control operate in parallel rather than in conflict.
The liability position is clear and worth quoting for legal and risk teams. If an organization explicitly authorizes the agent to take specific actions, and the agent causes downtime while strictly following those rules, the liability rests with the organization. That corresponds with existing software liability doctrine, but the operational context is new.
Tolts also offered a direct view on how policy language should evolve. Insurers should cover automated actions taken within approved guardrails. A temporary, agent-driven disruption is far cheaper than an unmitigated breach. Policy language should evolve to audit machine logic, not just human decisions.
What Copperhelm Does Not Yet Offer Insurers
The company was direct about current limitations. Copperhelm does not yet track dwell time reduction or blast radius metrics from customer deployments in a format useful for actuarial conversations. No carrier or MGA currently integrates Copperhelm data into underwriting or loss prevention workflows. Those gaps are common at the seed stage, but they matter for anyone evaluating the platform’s near-term role in the insurance ecosystem.
The data trail will develop. Platforms that automate remediation generate the kind of evidence that carriers will eventually demand. Loss frequency, severity reduction, and dwell time compression are the metrics underwriters need to price AI-assisted risk accurately. Copperhelm is generating that data at the customer level now. The actuarial packaging is the next step.
Funding And Leadership
Copperhelm will use the $7 million to accelerate product development, expand go-to-market efforts, and grow its engineering team. Shay Michel, Managing Partner at Merlin Ventures, will join the board of directors. TLV Partners co-founder and managing partner Rona Segev described the founding team as requiring deep architectural expertise, not just generic models with integrations.
The company is headquartered in Tel Aviv and serves global enterprises.
The Insurance Market Takeaway
Cyber insurance has moved steadily toward pre-loss controls as an underwriting lever. Platforms that document and automate remediation represent the next stage in that shift. A company that reduces six million findings to a few hundred validated risks carries a measurably different risk profile. Brokers and underwriters who track this space should monitor how agentic security vendors build out their evidence layers. The first platforms to offer actuarially coherent data will shape how carriers price AI-assisted enterprise risk. The companies that do not will leave that question open, and that gap will cost someone, eventually.
FAQ – Agentic Cloud Security
Copperhelm is a Tel Aviv-based cybersecurity company that uses AI agents to automate cloud security. Its platform continuously monitors cloud environments, investigates threats, and executes remediation without waiting for manual review. It launched from stealth in April 2026 with $7 million in seed funding.
The Context Lake is Copperhelm’s real-time decision layer. It structures and connects cloud data across environments, giving AI agents the context they need to investigate threats and take remediation actions accurately across hundreds of cloud accounts.
Copperhelm operates on an adjustable autonomy model. The platform executes highly reversible actions such as deploying WAF rules immediately. For major architectural changes, its agents compile the full runtime evidence and present a single-click approval to a human operator.
Agentic security platforms challenge several assumptions in current cyber policy design. Exploitation windows have compressed to under one day, rendering 2020-era response assumptions obsolete. Autonomous remediation also raises new liability questions around who bears loss if an AI agent causes collateral disruption while following authorized instructions.
According to CEO Shimon Tolts, liability follows authorization. If an organization explicitly authorizes the agent to take specific actions and the agent causes downtime while following those instructions, the liability rests with the organization. Copperhelm executes non-destructive mitigations with single-click rollback capability.
No. As of its April 2026 launch, no cyber insurer or MGA integrates Copperhelm data into underwriting or loss prevention workflows. The company also does not yet produce dwell time reduction or blast radius metrics in a format suited to actuarial analysis.
Related Cyber Insurance Posts
- Artificial Intelligence Report: Only 44% Ready to Support Secure AI, Delinea Finds(Opens in a new browser tab)
- Critical Vulnerabilities: Why Context Matters More Than Labels(Opens in a new browser tab)
- Cybersecurity Vulnerability: Companies Risk Governance Woes Over Delayed Security Fixes(Opens in a new browser tab)
- Agents Recognize Cyber Risks—Clients Remain Skeptical About Personal Cyber Insurance(Opens in a new browser tab)
- Credential Theft Cyber Insurance: What 2.86 Billion Stolen Credentials Mean For Underwriters(Opens in a new browser tab)
