Ent Emerges From Stealth With $100M for Intent-Based Security
Intent-based security is not a new idea, but it could be gaining fresh relevance in the current era of agentic AI. As agents are given more and more access to applications, credentials and data in the enterprise, security tools now need to distinguish legitimate work from actions that go beyond an agent’s assigned task.
Security startup Ent is bringing this approach to endpoint security with $100 million in seed funding and a generally available platform designed to analyze activity by employees, AI agents and apps. The company emerged from stealth this week, claiming its software can evaluate actions in context and intervene to prevent security incidents.
Ent calls this concept “intent-aware workspace security.” Hosted in the customer’s own cloud, Ent’s platform uses a lightweight endpoint agent to observe activity across applications, browsers, AI workflows, data movement and local software runtimes. Rather than relying only on files and process events, the platform “evaluates human and AI agent intent at the moment of use, applies customer-defined policy, and acts through configurable, just-in-time interventions before incidents occur,” the company said.
Looking at actions in context is becoming more important as researchers expose new attack paths emerging as AI agents are connected to more enterprise systems. Even though an agent may appear to be carrying out ordinary work, it could be following malicious instructions or executing commands that were never part of the original request. Ent said customers are using its platform for insider risk, data loss prevention, AI governance, endpoint threat prevention and incident investigation.
The company said it is already deployed at Global 2000 organizations in financial services, hospitality and defense, but did not identify the customers or disclose the scale of those deployments. Ent has also not publicly disclosed false-positive rates or independent testing demonstrating how accurately its software can infer intent.
Ent is available for Windows, macOS, Linux and browser extension deployments. The platform is designed to work alongside a customer’s existing security stack of EDR, SIEM, SOAR and identity tools. Supported integrations include CrowdStrike, Microsoft Defender, SentinelOne, Splunk, Okta, ServiceNow and others.
The $100 million seed round was led by Decibel, with participation from Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis and In-Q-Tel. Ent said it will use the funding to hire across engineering and sales and continue development in key areas of its roadmap. The company said it will showcase the platform at Black Hat in Las Vegas in August.
Ent was founded by former Microsoft security leaders Elias Manousos and Brandon Dixon. Both previously worked on Microsoft Security Copilot after Microsoft acquired RiskIQ, the threat intelligence company Manousos co-founded and led.
“Security has been stuck in a reactive loop for over a decade, but AI-powered attacks require new thinking,” Manousos said in a release. “AI is changing both how people work and how quickly attackers can act. What once took days now happens in seconds. By the time traditional security systems detect a problem, it is too late. We believe the future of security lies in understanding intent in real time across people and AI agents and stopping risk before it becomes an incident.”
