- Orion Security has emerged from stealth with $6 million in seed funding to use AI for stopping data leaks
- Their AI system learns normal data flows in a company to spot unusual activity that might be data theft
- Data breaches with exfiltration now cost companies $5.21 million per incident on average
- Orion uses proprietary AI models, not third-party LLMs like ChatGPT, for better security
- The platform works like "EDR for data" - similar to what CrowdStrike does for endpoints
- Orion's founders have experience solving security challenges for major companies like T-Mobile and BlackRock
- The system can detect all three main causes of data leaks: malicious insiders, human errors, and external attackers
- Companies can choose whether Orion blocks leaks in real-time or just sends alerts
Introduction to Orion Security and the Data Leak Crisis
Every day, companies lose valuable data. Sometimes it's hackers, sometimes it's their own workers, and sometimes it's just mistakes. This stuff happens all the time, and it costs tons of money to fix.
Orion Security, a new company that just came out of hiding (what tech folks call "stealth mode"), thinks AI can solve this big problem. They've built a system that watches how data moves around in companies and stops it from leaking out when something looks fishy.
The company was started by two tech experts - Nitay Milner as CEO and Yonatan Kreiner as CTO. They've already got $6 million from investors who think they're onto something important.
Microsoft's new AI agents could change how we handle many tasks, but Orion is focused on one critical job: keeping company secrets from walking out the door. Their approach is different because they use AI to understand normal business processes before trying to stop threats.
"I spent a lot of years as a product leader in several companies solving very complicated challenges around observability and security in cloud environments," says Milner. "I experienced firsthand that the main problem in data security is understanding the business context of how sensitive data is being used in a company."
The Rising Threat of Data Exfiltration
Data leaks are getting more expensive and more common. IBM's research shows that when data gets stolen (what experts call "exfiltration"), it costs companies about $5.21 million each time it happens.
There are three main ways data leaks out of companies:
- Malicious insiders - workers who take data on purpose
- Human errors - oops, someone sent the wrong file to the wrong person
- External attackers - hackers who break in and steal stuff
The scariest stories involve spies pretending to be remote workers or hackers who find ways into company systems. But even regular mistakes can cost millions when they involve customer data or company secrets.
Mark Zuckerberg's FTC trial testimony shows how seriously regulators take data protection issues now. Companies face huge fines when they mess up, on top of the damage to their reputation.
The old ways of protecting data don't work well anymore. Most security tools use rules that someone has to write by hand. Milner explains why this is a problem: "Most security solutions rely on manual policies, but policies don't scale. There are new applications and workflows that make them obsolete pretty often."
He adds: "Security teams are stuck writing endless policies over and over again, getting hit by false positives, and still, data keeps leaking from enterprises. It's a really bad situation."
With so many cloud services, apps, and devices in use, it's nearly impossible to write rules for every situation. That's where Orion thinks AI can help.
How Orion's AI-Powered System Works
Orion's system is like a smart security guard for your data. It looks at how information normally moves around in your company and notices when something unusual happens.
The heart of their system is what they call the "Indicators of Leakage (IOL) engine." This uses AI to figure out if data movement is normal business or a possible leak.
Unlike other security tools, Orion built their own AI models instead of using services like ChatGPT. "All our AI is something that we developed… we're not using a third party," Milner says. "We developed our AI internally, so it's all our IP."
Their system has two main AI models:
- A classification model that identifies sensitive data based on context
- A business reasoning model that understands user roles and typical workflows
OpenAI launches API for ChatGPT's image capabilities show how advanced AI is getting, but Orion has chosen to build their own specialized models for security purposes.
Interestingly, Orion does use some open-source large language models (LLMs) that they've fine-tuned for specific tasks. Milner notes how effective these can be: "LLMs that are open source… have a lot of context, and you wouldn't believe the level they give you just by throwing sensitive data on them."
The platform connects to cloud services, web browsers, and devices to map where data goes. When it spots something risky, it can either block the action or alert security teams, depending on how the company wants to handle it.
Milner compares their approach to endpoint security: "We act as an EDR for data—think of it like a CrowdStrike for your data. If something anomalous happens, we catch and prevent it in real-time, even if there wasn't a predefined policy."
Contextual Data Protection: A New Approach
The big idea behind Orion is something they call AI-powered Contextual Data Protection (AI CDP). This means the system knows what normal looks like before it tries to spot problems.
Most data protection tools work by keywords or strict rules. For example, they might block any file with a credit card number from leaving the company. But this causes tons of false alarms when people need to use that data for legitimate work.
How Swirl is making case for expert inputs shows how important specialized knowledge is in complex fields. Orion brings this expert-level understanding to data security through AI.
Here's how their contextual approach is different:
Traditional Data Protection:
- Uses fixed rules and policies
- Blocks specific file types or keywords
- Generates many false alarms
- Requires constant manual updates
- Doesn't understand business context
Orion's Contextual Protection:
- Learns normal business processes
- Understands who usually accesses what data
- Spots unusual patterns, not just banned keywords
- Adapts as business workflows change
- Knows the difference between normal work and threats
For example, if marketing teams regularly share design files with an outside agency, Orion learns this pattern. But if someone in engineering suddenly sends code to an external email at 2 AM, that looks suspicious.
Orion's system can classify many types of sensitive data:
- Personal information (PII)
- Trade secrets
- Payroll details
- Financial data
- Source code
- Customer lists
- Marketing materials
The system assigns risk scores to different activities, helping security teams focus on the most important issues. This cuts down on "alert fatigue" where security staff get so many warnings they start ignoring them.
Tracking Data Flow in Real-Time
One of the coolest things about Orion is how it shows data movement in real time. Their dashboard gives a bird's-eye view of what's happening with sensitive information.
Milner describes it as: "Imagine having a dynamic map of all the sensitive data movement in your company—between people, devices, and applications—and making sure it doesn't leave your organization."
The system organizes data flows by risk level:
- Critical risk (red)
- High risk (orange)
- Medium risk (yellow)
- Low risk (green)
This helps security teams know where to focus first. The dashboard also shows:
- Which types of data are moving (PII, source code, etc.)
- Which platforms data is going to (email, cloud storage, etc.)
- Which business processes involve the most risk
- Specific activities that might indicate data theft
Google's Gemini 2.5 Flash slashes AI costs shows how AI is becoming more efficient, and Orion is applying similar advances to make data protection more practical and affordable.
When onboarding new customers, Orion analyzes three months of historical data. This gives the AI a good understanding of normal patterns from day one, so companies see value immediately.
Privacy is also a key concern. "We don't store any sensitive data—only metadata," Milner explains. "If a company prefers, they can even install our classifier in their own environment so nothing leaves their systems."
This approach means companies can get better security without exposing their sensitive data to yet another vendor.
Orion Security's Investment Backing
Investors have put $6 million into Orion so far. That's a good amount for a seed round, showing they have confidence in the team and technology.
The funding was led by Pico Partners and FXP, with additional money from Underscore VC. Several well-known cybersecurity experts also invested, including the founders of Perimeter 81 and the Chief Information Security Officer (CISO) of Elastic.
Nvidia takes $55 billion hit from US restrictions reminds us how important technology investment is, and how quickly things can change in the tech world.
Gil Zimmermann, Partner at FXP, who previously co-founded CloudLock (which Cisco bought), sees Orion's approach as something the industry has needed for a long time. He said: "AI is creating a watershed moment for data protection, and Orion Security is at the forefront of this transformation."
He added: "Orion's AI-powered approach solves the core challenges we faced for years — the lack of business context and overwhelming manual work. This is the future of data security we envisioned but which couldn't be built a decade ago."
The investors' backgrounds in cybersecurity lend credibility to Orion's approach. These are people who understand the problems with current data protection methods and see Orion's AI-based solution as the way forward.
Orion is already working with several technology companies, though they can't name them due to confidentiality agreements. This early customer traction, combined with the funding, puts them in a good position to grow.
The Future of AI-Powered Data Protection
As data becomes more valuable and moves around more freely, protecting it gets harder. Orion's approach points to where data security is headed.
The old model of building walls around data is breaking down. With cloud services, remote work, and countless apps, data needs to flow to be useful. Security that blocks legitimate work just pushes people to find workarounds.
Thousands unable to join meetings as shows how disruptions to digital workflows can paralyze businesses today. Security needs to protect data without stopping people from doing their jobs.
Orion's flexible response options show this new thinking. "Some companies want us to block data exfiltration in real-time, while others prefer just getting notifications or educating employees on security policies. We let them decide how aggressive the approach should be," Milner said.
Looking ahead, we can expect several trends in AI-powered data protection:
More context-aware security Systems will continue getting better at understanding the "why" behind data movement, not just the "what" and "where."
Reduced manual configuration The days of security teams spending weeks setting up data protection rules are ending. AI will handle most of the setup automatically.
Integration with employee training When unusual data handling is detected, systems might provide immediate coaching rather than just blocking actions.
Better breach prediction AI models will spot patterns that might lead to breaches before they happen, allowing preventive action.
Personalized data protection Security will adapt to individual work styles and roles, rather than applying the same rules to everyone.
Orion is already working to refine their AI models based on early customer feedback. As they gather more data on how different industries handle information, their detection will become even more accurate.
The biggest challenge for companies like Orion isn't just building good technology - it's changing how organizations think about data protection. Moving from rigid rules to AI-based context requires a shift in security mindset.
But with data breaches costing millions and happening more frequently, that change might come faster than expected.
Frequently Asked Questions
What exactly is data exfiltration?
Data exfiltration is when sensitive information leaves your company without permission. This can happen when hackers break in, employees steal data, or even when someone accidentally sends confidential files to the wrong person.
How does Orion's system differ from traditional DLP (Data Loss Prevention)?
Traditional DLP uses fixed rules and keywords to block data movement. Orion uses AI to learn normal business processes and spot unusual patterns, which reduces false alarms and catches more genuine threats.
Can Orion protect against all types of data leaks?
Orion can detect the three main types of data leaks: malicious insiders, human errors, and external attackers. However, no security system is 100% perfect, which is why they offer different response options depending on a company's risk tolerance.
Does Orion store my company's sensitive data?
No. Orion says they only store metadata about data movement, not the actual sensitive information. Companies can even install Orion's classifier in their own environment if they prefer nothing leaves their systems.
How long does it take to set up Orion's system?
Orion analyzes three months of historical data when onboarding new customers. This gives the AI enough information to understand normal patterns and provide value from day one.
Will Orion's system block legitimate business activities?
The goal of Orion's contextual approach is to reduce false positives that interfere with normal work. Companies can also choose whether the system blocks activities in real-time or simply alerts security teams.
How much does data exfiltration cost companies?
According to IBM's 2024 Cost of a Data Breach Report, incidents involving data exfiltration now average around $5.21 million per incident.
Who founded Orion Security?
Orion Security was founded by Nitay Milner (CEO) and Yonatan Kreiner (CTO), who have experience solving security challenges for major companies like T-Mobile and BlackRock.