
At Brightmind Partners we look for founders with lived experiences that drive them to take on large, complex problems. Onit Security founder, Ofer Amitai , experienced the significant consequences of an unmanageable vulnerability backlog that resulted in the compromise of his prior company, Portnox. With the weight of that experience, the Onit team aggressively pursued a new approach to exposure management, utilizing AI to unify true business context with risk signals across the enterprise and close the gap at unprecedented speed and scale.
A Challenge Built for the AI-era
Traditional vulnerability and exposure management has been focused on silos, utilizing scanners to identify risk within domains. In talking with operators, we saw a significant trend towards homegrown solutions to tackle the unification challenge. Despite the presence of tools in RBVM and UVM over the past half decade, we found considerable levels of supplementation to engineer a business process compatible with the needs of the enterprises. With enormous tool sprawl and increasing IT complexity. No two customer environments truly look the same. Efforts to manage the holistic vulnerability pipeline historically have been nearly impossible due to three primary factors 1) limited business context regarding the underlying assets 2) the ability to define prioritization consistently 3) the ability to take action seamlessly without generating unintended consequences.

AI has fundamentally shifted this paradigm, enabling business context and reasoning to drive each decision in the vulnerability management lifecycle at machine speed.
The Onit platform enables customers to embed their feedback into the engine, ensuring that the actions that are driven by the platform align to their unique concept of risk. This is a decision-based architecture, an AI-native approach that allows operators to autonomously respond to threats as they emerge, closing the gaps as they open. With adversaries driving breakout times in as little as 27 seconds using AI, it is critical that we build the foundation for autonomous vulnerability management today.

Beyond the risk profile, there are also significant productivity gains to be realized by automation in this domain, and we expect that forward-looking operators will heavily value the time and focus their IT and engineering teams recover as a result.
We could not be happier to partner with Elad Ben Meir , Ofer Amitai , Tom Winter and the Onit Security team! Their relentless desire to reshape this market motivated us from day one to be a part of their journey.
Let's Secure Tomorrow, Together.
We're always looking for the next generation of cybersecurity innovators. Reach out to our team to start the conversation.
Other Articles
Pi: Building Zero Recurrence Code Security for the AI CodeGen Era
Pi Security is defining a new category, Zero Recurrence Code Security, built on the premise that the industry no longer has a vulnerability discovery problem but a vulnerability recurrence problem. Rather than generating more findings, Pi learns how an organization builds, breaks, fixes, and secures software, then turns that institutional security knowledge into preventative guardrails enforced across the software development lifecycle at design time, IDE time, and pull request time. The platform ingests context from prior incidents, tickets, pull requests, repositories, architecture decisions, and developer workflows to drive root cause analysis, variant discovery, contextual remediation, and ownership mapping, becoming a living security intelligence layer for developers, AI coding agents, and security teams. Founded by Guy Arazi, an offensive security operator and former CISO with roots at Palo Alto Networks and Microsoft, and Yonatan Ramon, who built safety-critical systems at Tesla, Pi raised a $35 million Series A alongside Third Point Ventures and angels including George Kurtz, Yevgeny Dibrov, and Nadir Izrael. Brightmind led Pi's Seed round in early 2025 and is continuing its support through the Series A.
Aryon: Building the Proactive Cloud Security Policy Enforcement Platform
Brightmind invested in Aryon, founded by Ron Arbel, Ariel Litmanovich, and Yair Ladizhensky, with the founders' firsthand experience securing complex cloud control planes on Project Nimbus as members of Matzov, the IDF's elite cybersecurity unit, serving as the driving force behind a proactive approach to policy enforcement. Traditional cloud security has been reactive and fragmented, catching misconfigurations only after they reach production and consistently failing enterprises due to native enforcement tools that are hard to configure, risky to enforce, brittle in production, and easily bypassed. Aryon's proactive, preventative platform enforces policy before misconfigurations ever ship, embedding safe enforcement directly into the cloud control plane to ensure context-aware governance that holds across Azure, AWS, and GCP and extends toward AI, SaaS, M365, identity, and data security. With AI-generated code and offensive AI introducing vulnerabilities at machine speed while patching and remediation still operate at human speed, Brightmind sees Aryon as the foundational layer for proactive cloud policy enforcement while also reducing operational friction for the IT and platform teams responsible for governance at scale.
