Wisdom-Led Performance: Why We Invested in Mate

Security operations are at a breaking point.

Alert volumes are exploding. Tool sprawl is accelerating. Threats are getting faster and more automated. And yet, most SOCs are still run on manual investigations, brittle playbooks, and tribal knowledge locked in the heads of a few experienced analysts.

The result is a structural mismatch: attackers are already operating at machine speed, while defenders are still stuck in copy-paste mode.

Mate is building what we believe will become a new category in cyber: Wisdom-led Performance for the modern SOC, an AI-powered teammate that learns from your best analysts, internalizes how your organization really works, and adds in industry benchmarks and best practices, to turn your SOC into a continuously learning defense system.

The SOC is drowning in noise

For more than a decade, the promise of SOC automation has been simple: “Let automation handle 80% of the work.” In reality, the opposite happened.

Playbooks were painstaking to write and fragile to maintain. Integrations drifted. Exceptions multiplied. Every time something meaningful changed in the environment, a human had to reverse-engineer why a playbook misfired and patch it - until most teams quietly accepted that only a small fraction of their work could be safely automated.

At the same time, the pressure only intensified. According to research from Devo, 83% of analysts feel overwhelmed by the volume of alerts, false positives, and lack of context. 85% say they spend significant time just collecting and linking evidence to decide whether an alert is even actionable. Meanwhile, the talent shortage is real: CISOs are being asked to cover more risk with fewer people, and burnout is an everyday reality.

Throwing more dashboards at this problem doesn’t solve it. The bottleneck isn’t just speed. It’s wisdom.Automation can push buttons faster.
But wisdom is understanding what actually matters in the context of your organization.

From automation to Wisdom-Led Performance

We believe the next generation of SOCs won’t be defined by how many playbooks they’ve written, but by how effectively they can capture and scale institutional knowledge.

That’s the core idea behind Wisdom-led Performance:

• Not just encoding rules, but learning how your best analysts think.
  
• Not just enriching alerts, but understanding your people, processes, and policies.
  
• Not just moving faster, but making decisions that reflect the reality of your business.
  

Mate is built around that principle.

Instead of asking teams to spend months configuring playbooks, Mate learns directly from the tools and analysts already in place. It observes how Tier-2 and Tier-3 analysts investigate incidents, which evidence they trust, which exceptions they approve, how they interpret business context, and then distills that into a contextual data layer that every analyst, and every AI agent, can use.

The result is a SOC that doesn’t simply automate tasks, but operates with organizational wisdom.

Mate’s approach: turning your SOC into a continuously learning defense system

Mate’s product is designed from day one for enterprise SOC reality: high stakes, high complexity, and zero tolerance for “black box” magic.

From the moment it’s deployed, Mate embeds into the tools analysts already use (SIEMs, EDRs, email security platforms, and more.) It then begins to:

• Learn from your top analysts’ decisions in real time.
  
• Build a contextual knowledge base that captures your policies, workflows, exceptions, and business logic.
  
• Use LLMs, reasoning models, and AI agents to investigate alerts end-to-end.
  

When an alert comes in, Mate doesn’t just enrich it with generic threat intel. It pulls from the contextual layer it has built:

• Which identities are involved, and how they usually behave.
  
• Which systems are business-critical, and what “normal” looks like for them.
  
• Which exceptions are approved, who approved them, and under what conditions.
  
• How similar incidents were handled in the past, and what “good” remediation looked like.
  

Simple alerts are resolved automatically with full, auditable documentation. Complex incidents are escalated to humans enriched with context, hypotheses, and recommended next steps. Over time, every investigation feeds back into Mate’s knowledge base, compounding the system’s understanding of your environment.

This is where the shift becomes visible:

• Investigations that once took 45 minutes become 45-second validations.
  
• Analysts become up to 10× more effective, because they’re spending their time on high-judgment decisions instead of stitching together evidence.
  
• Defense doesn’t reset when people leave the team; it improves with every incident resolved.
  

Mate turns the SOC from a reactive alert queue into a self-improving system.

Why now: AI agents meet security operations

The timing for Mate is not accidental.

Attackers are already weaponizing AI to launch wider, faster, more adaptive campaigns. It’s no longer theoretical. At the same time, defenders finally have the building blocks to respond in kind: robust LLMs, specialized reasoning models, and AI agents that can operate inside enterprise workflows, not just generate text.

The problem is that most existing attempts bolt AI onto legacy automation. They treat the SOC as a set of static playbooks and ask a model to “help fill the gaps.”

Mate starts from a different premise:

• The unit of value in the SOC is not the playbook; it’s the judgment of your best analysts.
  
• The critical asset is not another dashboard; it’s a living, contextual data layer that reflects how your organization actually works.
  
• The right role for AI is not to replace humans, but to learn from them and scale their capabilities across every alert, every hour of the day.
  

This is what we’re already seeing in Mate’s early enterprise pilots with leading financial institutions and critical infrastructure operators across the U.S. and Europe. SOC teams are cutting mean time to respond, shrinking hours lost to false positives, and crucially expanding the scope of what they can cover without proportional headcount growth.

For CISOs, this is not just “nice to have” innovation. It’s a way to reconcile three conflicting pressures: more threats, more regulation, and more constraints on hiring. When attackers scale with AI, the only sustainable response is to scale the team with AI as well.

Mate makes that possible.

The founders

Backing Mate is not just about timing or market structure. It’s about the team building it.

Mate is led by Asaf Wiener, Oren Saban, and Guy Pergal, founders with a rare combination of frontline cyber experience, AI depth, and the ability to build and scale category-defining products.

Together they’ve led core security products at Wiz and Microsoft (Defender XDR, Security Copilot, Defender Vulnerability Management), built AI-driven investigation platforms adopted by thousands of security teams, and scaled global engineering organizations at companies like Axonius. 

Asaf, Oren, and Guy represent exactly the kind of founding team we look for: people who have already built the tools that define how the industry operates today - and are now ready to rethink the next decade.

Looking ahead

Mate is still at the beginning of its journey, but the direction is clear.

With $15.5M in seed funding, backing from Team8 and Insight Partners, and early deployments in some of the most demanding environments in the world, Mate is well positioned to define what Wisdom-led Performance looks like in practice: SOCs that don’t just react faster, but learn continuously; teams that are not crushed by alert fatigue, but amplified by AI agents that understand their world; organizations where security expertise doesn’t evaporate when people leave, but compounds over time.

We’re proud to partner with the Mate team as they build this future.

AI isn’t the future of security operations, it’s the present. The question now is who will harness it to build systems that are not just automated, but truly intelligent.