Israeli cybersecurity startup Reflectiz has raised $22 million in Series B funding led by Fulcrum Equity Partners, with participation from Capri Ventures, YYM Ventures, AFG Partners, and others. The Boston-based company plans to use the new capital to expand its AI-driven platform that helps enterprises secure their “digital front door” without touching a line of code.
Reflectiz calls its approach “web exposure management.” It’s a new way to look at website security that doesn’t rely on agents, plugins, or access to customer data. Instead, its platform remotely scans any website to detect all third-party tools, open-source components, and external services that may introduce vulnerabilities — an issue that has quietly become one of the biggest blind spots for large organizations.
The idea for Reflectiz came from ethical hacker and CTO Ysrael Gurt, who’s ranked #22 on Google’s “Hacker Hall of Fame” for exposing security flaws in Facebook, Microsoft, and Shopify. Along with co-founder and CEO Idan Cohen, they launched Reflectiz after realizing how exposed enterprise websites had become through uncontrolled third-party scripts and integrations.
With $22 Million in Funding, AI Website Security Startup Reflectiz Aims to Tackle Third-Party Web Risks
As websites grow more complex, so do their risks. Marketing pixels, analytics tags, open-source libraries, and plug-ins all operate beyond direct IT oversight, making it nearly impossible for teams to track what’s running on their sites at any given moment. Reflectiz’s AI can instantly determine whether a piece of code is safe or malicious — a task that would normally take a skilled security researcher a week or more to analyze manually.
The company says it’s expanding beyond traditional website security tools by zeroing in on the web exposure side of Continuous Threat Exposure Management (CTEM). Gartner predicts that organizations implementing CTEM programs will cut breaches by two-thirds by 2026. Reflectiz aims to be the go-to layer for managing web-based exposures across enterprise environments.
“We’ve been impressed from the start with Idan and the Reflectiz team’s operational rigor and focus,” said Jim Douglass, Partner at Fulcrum Equity Partners. “Their platform delivers a scalable solution that enables enterprises to safeguard their digital footprint with clarity and speed. We’re proud to back their mission and help accelerate their expansion.”
Reflectiz’s clients include major brands across financial services, e-commerce, insurance, and healthcare, all of which depend on the platform to reduce compliance risk, cut through alert noise, and protect their digital reputations. The company plans to use the new funding to expand its U.S. presence with a new headquarters in Boston, grow its partner network, and accelerate go-to-market efforts.
“Enterprises invest millions to secure their own code, sharpening their SDLC process with their team, when the real risks are quietly entering through third parties and open sources beyond their control,” said Idan Cohen, co-founder and CEO of Reflectiz. “Standard website security is outdated, and traditional vulnerability management is no longer enough. Our mission is to challenge the status quo; Reflectiz brings the complete picture of web exposure and we believe this is where the industry is inevitably moving.”
Reflectiz was founded in 2019 and has offices in Tel Aviv and Sydney. With its agentless, AI-enabled approach, the company is positioning itself as a new kind of website guardian — one that doesn’t just patch vulnerabilities, but exposes the unseen threats hiding in plain sight.
Reflectiz Team
