Dux
Also known as: Dux, Dux Security, Dux Technologies
Agentic exposure management platform from IDF Talpiot cyber veterans whose AI workers continuously analyze what is actually exploitable in an environment, check whether existing controls already block the path, surface lightweight mitigations faster than full patches, and route targeted remediation to asset owners.
Dux is an agentic exposure management platform built for the speed of AI driven cyberattacks, founded by three graduates of the IDF's elite Talpiot program and launched from stealth in December 2025 with a nine million dollar seed led by Redpoint, TLV Partners, and Maple Capital. Its framing problem is that the window between vulnerability disclosure and exploitation has collapsed, with Mandiant reporting average time to exploit falling from thirty two days to five in two years, a trend the company ties to attackers using agentic AI, citing Anthropic's documentation of the first real world AI orchestrated cyber espionage campaign. Against that, periodic scans, long remediation cycles, and manual prioritization no longer keep pace.
Dux replaces that model with continuous, agentic investigation. Its AI workers continuously analyze exploitability across the entire environment to determine what an attacker can realistically use, check whether existing controls already block a given attack path, surface lightweight mitigations such as configuration or control changes that eliminate risk faster than a full patch, and route targeted remediation to the right asset owners only when necessary. Because most scanner findings are not exploitable once real context is accounted for, the company argues, the value is in applying expert, environment specific reasoning to every vulnerability and asset every time, rather than generating another prioritized alert list. The result it claims is a materially smaller attack surface and a far shorter path from discovery to resolution, with customers spinning up AI workers to investigate a fresh zero day across their environment within minutes. The platform aligns with Gartner's Continuous Threat Exposure Management framework but applies it through AI workers.
Dux fits enterprise security teams overwhelmed by assets, scanners, and vulnerabilities who want to focus on provable exploitability and fast, control aware mitigation. It is a direct comparison to other agentic exposure management entrants and a weaker fit for buyers wanting published pricing or a developer platform.
Vendor details
Canonical URL
https://dux.io
Category
Security / SOC agent
Subcategory
Agentic exposure management with continuous exploitability analysis
Funding status
Independent, operating in Tel Aviv and New York as Dux Technologies Inc., emerged from stealth on December 16, 2025 with a nine million dollar seed round led by Redpoint, TLV Partners, and Maple Capital, with participation from leading cybersecurity executives from CrowdStrike, Okta, and Armis. Founded by CEO Or Latovitz, CPO Amit Nir, and CTO Nadav Geva, all graduates of the IDF's elite Talpiot program who led large scale offensive and defensive cybersecurity and AI initiatives for national agencies, work that earned multiple national innovation awards. Already supporting major U.S. enterprises at launch.
Company status
independent
Use cases & customers
Primary use cases
Target customers
Deployment options
Integrations
Ties together all data sources across the environment and auto tags every asset, ingesting scanner findings, asset inventory, and existing security controls so its agents can reason about real context. It determines whether existing controls already block an attack path and routes targeted remediation to identified asset owners, aligning with Gartner's Continuous Threat Exposure Management framework.
In practice
A team is buried under scanner findings it cannot triage. Dux's AI workers determine which are actually exploitable in context and which are already blocked by existing controls, cutting the noise dramatically.
A zero day hits the news. The team spins up Dux AI workers to investigate it across the entire environment within minutes, rather than waiting on manual research.
A fix is urgent but a full patch is slow. Dux surfaces a lightweight control or configuration mitigation that eliminates the risk faster and routes remediation to the right owner.
Sources & related URLs
Related / legacy domains
Research sources
Capability coverage
7.0 / 14 capabilities · 50%
| Integrations & Tool CallingTies together all data sources and auto tags every asset, ingesting scanner findings, asset inventory, and existing security controls to reason about real context, dux.io and Business Wire coverage retrieved 2026-07-08 | Full |
|---|---|
| Workflow OrchestrationAI workers run the end to end pipeline of continuous exploitability analysis, checking whether controls block attack paths, surfacing mitigations, and routing targeted remediation to owners, Business Wire and VentureBeat coverage retrieved 2026-07-08 | Full |
| Knowledge Grounding & RAGApplies expert, environment specific reasoning to every vulnerability and asset, grounding decisions in real context because most scanner findings are not exploitable once that context is accounted for, Business Wire and pulse2 coverage retrieved 2026-07-08 | Full |
| Human Oversight & GuardrailsRoutes targeted remediation to identified human asset owners only when necessary, keeping people in the loop for fixes, though a documented agent approval gate is not described, Business Wire coverage retrieved 2026-07-08 | Partial |
| Security, Identity & GovernanceAgentic exposure management determining what is truly exploitable and how to eliminate it is the security native core, built by IDF Talpiot offensive and defensive cyber veterans, dux.io and Ctech coverage retrieved 2026-07-08 | Full |
| Observability & AuditabilityAI workers continuously analyze exploitability across the entire environment and auto tag every asset, giving continuous visibility into real exposure and control coverage, dux.io and Business Wire coverage retrieved 2026-07-08 | Full |
| Memory & State PersistenceMaintains a continuously updated, auto tagged model of the environment and its assets that agents reason over, though this is an environment model rather than conversational agent memory, dux.io retrieved 2026-07-08 | Partial |
| Deployment & Data ResidencyDelivered as a platform with no self hosted or data residency options documented on retrieved pages, dux.io retrieved 2026-07-08 | Unable to verify |
| Prebuilt Agents, Templates & PacksShips prebuilt AI workers for exploitability analysis, lightweight mitigation, and remediation that customers spin up on demand, though a narrow set focused on exposure management, Business Wire and SiliconANGLE coverage retrieved 2026-07-08 | Partial |
| Triggers & Channel CoverageRuns continuous investigation and lets teams spin up AI workers to investigate a fresh zero day across the environment within minutes, an event driven trigger, though not a generalized channel framework, Business Wire and SiliconANGLE coverage retrieved 2026-07-08 | Partial |
| Model Flexibility & RoutingUses proprietary agentic AI workers with no customer model choice or routing documented, dux.io retrieved 2026-07-08 | Unable to verify |
| APIs, SDKs & MCP ExtensibilityIntegrates data sources for ingestion but no public developer API, SDK, or MCP surface for extending the platform is documented, dux.io retrieved 2026-07-08 | Unable to verify |
| Testing, Debugging & OptimizationThe platform validates vulnerability exploitability as its product output, but no agent testing, evaluation, or debugging tooling is documented, dux.io retrieved 2026-07-08 | Unable to verify |
| Browser & Computer UseNo browser or computer use capability is described; agents analyze exploitability rather than performing computer use, dux.io retrieved 2026-07-08 | Unable to verify |
Pricing
No public pricing; enterprise contracts are quoted through sales
not published; enterprise contract likely scaled by environment size or assets
What is public
Nothing numeric. The product, founding team, funding, and enterprise traction are public, but no rates are published.
Billing mechanics
Enterprise sales led motion. As a company that just launched from stealth in December 2025 and already serves major U.S. enterprises, commercial terms are likely bespoke early enterprise agreements.
Cost watchouts
As an exposure management platform scoped to an enterprise's environment, cost likely scales with assets, scanners, and integrations under continuous analysis.
Variable cost rationale
No public rates exist. Exposure management platforms typically scale cost with the size of the environment, asset count, and integrations rather than pure usage, but the company publishes no mechanics, so treat exposure as unquantified and quoted per deal.
Additional watchouts
Exposure management contracts typically scale with environment size, so large asset inventories should expect pricing to reflect that scope; confirm directly.
Sales call required
Yes — required for paid access
Free / trial
No free tier or trial is documented on retrieved pages
Key ambiguities
Whether pricing scales by assets, environment size, or a platform fee, none of which is published.
Missing data
No published rates, tiers, minimums, or contract terms were retrievable from company pages.
Related vendors
- 7AI — Swarming agentic SOC from the Cybereason founders: sixty plus domain…
- Airrived — Agentic OS that unifies SOC, GRC, IAM, vulnerability management, IT,…
- Assail — Autonomous red teaming platform (Ares) whose AI agents discover,…
- Astelia — AI native exposure management platform from Israeli National Red…
- Capsule Security — Runtime security layer for AI agents that detects and blocks unsafe…
- Clutch Security — Universal non human identity security platform that discovers,…