Breaking
SERIES A ORION closes $32M led by Norwest, IBM participating FALSE POSITIVES Company reports ~96% reduction vs legacy DLP NO POLICIES AI agents learn how data moves instead of rules TOTAL RAISED $38M across seed and Series A FOUNDED 2024 by Nitay Milner & Jonathan Kreiner TRACTION Seven-figure ARR within months of launch SERIES A ORION closes $32M led by Norwest, IBM participating FALSE POSITIVES Company reports ~96% reduction vs legacy DLP NO POLICIES AI agents learn how data moves instead of rules TOTAL RAISED $38M across seed and Series A FOUNDED 2024 by Nitay Milner & Jonathan Kreiner TRACTION Seven-figure ARR within months of launch
Company Profile / Cybersecurity

ORION Security

The startup rewriting data loss prevention - by deleting the policy and letting AI learn how your data actually moves.

AI-native DLP Insider Threat New York + Tel Aviv Series A
ORION Security logo and tagline: Protecting humans and AI against data loss
ORION SECURITY - the four-point star, a nod to the Orion constellation, fronts a company whose one-line brief is unusually blunt: protect humans and AI against data loss.
$32MSeries A (Feb 2026)
~96%False positives cut
$38MTotal raised
2024Founded
The Dispatch

A security company betting on subtraction

For twenty years, data loss prevention has run on the same premise: write enough rules, and nothing slips out. Security teams authored thousands of policies - block this file type, flag that keyword, watch this folder - and then spent their nights tuning the ones that fired for no reason. The rulebook grew. The leaks kept happening.

ORION Security, founded in New York in 2024 by Nitay Milner and Jonathan Kreiner, takes the opposite bet. Instead of adding rules, it removes them. The company builds an AI-native DLP platform that learns how data normally moves through an organization - across SaaS apps, email, cloud storage, endpoints, and, increasingly, AI tools - and then flags the movements that do not fit the pattern.

The pitch to a CISO is almost contrarian: stop configuring, start understanding. ORION uses large language models and a set of specialized AI agents to read the context around every data movement - what the content is, who is moving it, whether their behavior looks intentional, where the data came from, and where it is going. From those signals it decides whether a given action is a normal Tuesday or an exfiltration in progress.

The company calls its detection signals "Indicators of Leakage," or IOLs - a deliberate echo of the security industry's familiar "Indicators of Compromise." The vocabulary shift is the whole strategy in miniature: ORION wants defenders to reason about intent and movement, not match strings against a list.

Investors have taken the argument seriously. In February 2026, ORION closed a $32 million Series A led by Norwest, with IBM participating alongside PICO Venture Partners, Lama Partners, and Underscore VC - bringing total funding to roughly $38 million. By then the company said it had already reached seven-figure annual recurring revenue, with customers running into the tens of thousands of employees.

"Better policies are not the solution for DLP." Nitay Milner - Co-Founder & CEO, ORION Security
The Product

What ORION actually does

One platform watches every channel data travels and decides, in real time, whether a movement is legitimate work or a leak. Three failure modes, one engine.

01 / HUMAN ERROR

The honest mistake

An employee pastes a customer list into the wrong tool or emails a spreadsheet to a personal account. ORION reads the context and catches the slip before it leaves.

02 / MALICIOUS INSIDER

The intentional leak

Someone with legitimate access starts moving data in ways that break their own baseline. Behavioral intent, not just permissions, is what ORION scores.

03 / EXTERNAL ATTACKER

The exfiltration

An attacker inside the perimeter tries to pull data out. ORION traces the data's lineage and blocks the movement before exfiltration completes.

Under the Hood

How the context engine reads a data movement

1

Content

How sensitive is this data?

2

Identity

Who is moving it?

3

Intent

Does the behavior fit?

4

Lineage

Where did it come from?

5

Purpose

Is the destination legit?

Five signals, combined into a single verdict - the "Data DNA" of the organization.

The Problem It Solves

Why legacy DLP exhausts security teams

Legacy rule-based DLP 100%
ORION contextual DLP ~4%

Relative false-positive volume - ORION reports roughly a 96% reduction versus policy-based systems. Illustrative comparison based on the company's stated figures.

The Difference

Where ORION sits in a crowded market

The DLP market is not empty. Cyberhaven built its name on data lineage; Nightfall focused on cloud and SaaS; Microsoft Purview covers the Microsoft 365 estate; and legacy platforms like Symantec, Forcepoint, and Digital Guardian still run in mature security shops. Analysts value the category in the billions and expect it to keep growing as AI reshapes how data leaves companies.

ORION's wager is that all of these approaches, new and old, still lean on policies as the unit of control - and that the policy itself is the problem. Rather than layering AI on top of rules to make them smarter, ORION removes the rule-writing step and replaces it with a model that learns the organization's normal behavior directly.

That framing matters most for the newest threat surface: generative AI. Data now flows into chatbots, copilots, and agents in seconds, often outside any policy anyone thought to write. ORION's tagline - "protecting humans and AI against data loss" - is a claim that it was built for exactly this moment, watching data move through AI workflows rather than around them.

Whether "policy-free" holds up under enterprise scrutiny is the open question every buyer will ask. But the early signal - Fortune 500 customers, seven-figure ARR, and an IBM check - suggests the argument is landing with the people who live inside DLP alerts.

The Money

Funding & backers

RoundAmountDateLead / Investors
Seed$6M2025PICO Venture Partners, FXP, Underscore VC
Series A$32MFeb 2026Norwest (lead), IBM, PICO Venture Partners, Lama Partners, Underscore VC
Total~$38M--
The Founders

Two operators, one frustration

CEO

Nitay Milner

Co-Founder & CEO. Former product leader at Epsagon, the observability startup acquired by Cisco. Leads ORION's product and go-to-market from New York.

CTO

Jonathan Kreiner

Co-Founder & CTO. Former application security leader at WalkMe. Drives ORION's AI-agent architecture and R&D out of Tel Aviv.

CULTURE

Small, dedicated, certified

A roughly 51-person team that describes itself as invested and mutually supportive, operating with SOC 2 and ISO 27001 certifications.

"Growth doesn't have to come from raising money - it can come from building something people truly need." Nitay Milner - Co-Founder & CEO
The Story So Far

Timeline

2024

ORION is founded

Nitay Milner and Jonathan Kreiner start ORION to rethink data loss prevention from first principles.

2025

Seed round, built in stealth

The company raises roughly $6M and develops its context-aware, policy-free DLP platform quietly.

Feb 2026

$32M Series A

Norwest leads a $32M round with IBM participating; total funding reaches ~$38M and ARR hits seven figures.

2026

Scaling out

ORION expands its team, publishes threat-model resources, and plans a presence at Black Hat 2026.

Questions

Frequently asked

What does ORION Security do?

ORION provides an AI-native data loss prevention (DLP) platform that detects and prevents data leaks across SaaS, email, cloud, AI tools, and endpoints - without relying on manually written policies.

How is ORION different from traditional DLP?

Instead of thousands of human-authored rules, ORION uses LLMs and AI agents to learn how data normally moves and analyze context - content sensitivity, user identity, intent, and lineage. The company reports this cuts false positives by roughly 96%.

Who founded ORION and when?

ORION was founded in 2024 by CEO Nitay Milner (formerly of Epsagon) and CTO Jonathan Kreiner (formerly of WalkMe).

How much funding has ORION raised?

About $38M total, including a $32M Series A in February 2026 led by Norwest with participation from IBM, PICO Venture Partners, Lama Partners, and Underscore VC.

Who uses ORION Security?

Enterprises with tens of thousands of employees across finance, healthcare, and technology - including Fortune 500 organizations - primarily via their security and data protection teams.

Go Deeper

Links, coverage & demos

Websiteorionsec.io LinkedIn@orionsec ProductThe Platform BlogDLP Beyond Policies ToolThreat Model Trust CenterSOC 2 / ISO 27001 FounderNitay Milner CrunchbaseCompany Profile VideoInterviews & Demos (YouTube) PressVentureBeat PressSecurityWeek InterviewAlleyWatch
Share on LinkedIn Share on X Share on Facebook Instagram