The Next Security Revolution Starts Before the Attack
This is a div block with a Webflow interaction that will be triggered when the heading is in the view.
Across my decades in private enterprises and national defense programs, I have watched the balance of power shift with every wave of technology. From my years in Israel’s Prime Minister’s Office and CyberArk to building enterprise-scale security startups - one truth has remained constant: attackers move faster than defenders.
AI has now turned that simple truth into a pressing global crisis. AI-powered adversarial systems create, disguise, and deploy attack infrastructure so fast that there’s no time for human response. As Malanta emerges from stealth, this is the reality we’re entering - and the problem that we’re solving.
The truth is that every breach begins long before any attack is executed. Domains are registered, servers configured, staging environments assembled. That stage – the setup stage (the MITRE ATT&CK framework calls it Resource Development) – is where prevention is still possible.
Because today, waiting for the first alert means starting a fight that has already been lost.
That realization is what brought my partners and me together. Each of us had spent years seeing the same pattern from different angles. We knew the only way to change the outcome was to change where the fight begins. Here’s what I mean:
The Shift I Witnessed
I started on the offensive side of cybersecurity, learning how attackers think and operate. Later, I moved into enterprise and then nation-state defense, where a key challenge was managing scale - thousands of assets, constant alerts, life-or-death stakes, and limited time to respond. Switching sides, a stark contrast emerged. Attackers could always move fast and adapt instantly. Defenders were constantly stuck in the mud of process or waiting on data that arrived too late.
Today, AI has pushed this imbalance to its limit. Attackers now automate reconnaissance and infrastructure setup, turning operations into continuous, self-learning cycles. Defenders, meanwhile, still depend on analyst-heavy workflows built for slower threats.
That gap - between how fast attackers act and how slowly defenders detect - is where the outcomes of today’s attacks are decided. What my partners and I came to understand is that every attack depends on infrastructure that must exist before launch. The moments that expose intent are where we – the defenders - can regain control. That’s what Malanta is all about - identifying the earliest signs of attack setup and stopping them before there is any impact to remediate.
The Malanta Approach
Malanta was born from a partnership between four founders who spent years building, breaking, and defending complex systems. Each of us came from a different corner of cybersecurity, but we shared a common takeaway from our years in startups, national defense and enterprises: defense had to shift to where attackers build, not where they strike.
Based on this belief, we decided to take cyber defense in a new direction - one that starts before the attack even exists. For years, cybersecurity has treated visibility as a post-event activity. You wait for an alert, investigate, and respond. That mindset assumes loss is inevitable. We built Malanta to prove it isn’t.
Attackers are creative, but they are not invisible. Every campaign leaves traces in its construction - domains registered, servers provisioned, phishing kits staged, command infrastructure configured and more. That setup phase is predictable. It is the stage where adversaries acquire and prepare the infrastructure that makes an operation possible. It is also the phase where they are most exposed. And for defenders, it is the only moment where intervention can still change the outcome of a future attack with reasonable certainty.
Our platform operates in that space. It detects the earliest signals of attack setup across the internet, connects them to the organizations being targeted, and validates which ones represent real risk. Once confirmed, it takes them down - before the attacker can use them.
This is not a faster form of response. It is a redefinition of defense itself, measured not by how well you recover but by how early you act. Not reactive. Not proactive. Preventative.
Redefining Readiness
By moving defense to the setup stage, we’re laying the foundations for a more fundamental shift - redefining what readiness means.
Readiness has always been part of our conversation. Every organization includes it in strategy, planning, and board reporting. Yet it has long been defined by reaction - how quickly a team detects, contains, and repairs what has already gone wrong. That view belongs to a time when attacks moved at human speed. In an era shaped by automation and AI, it no longer applies.
Readiness now means foresight. It depends on the ability to recognize intent before execution and to act while an attack still exists as infrastructure, not as impact. That shift changes everything. It moves security from a posture of response to one where awareness and anticipation replace cleanup and containment.
We built and are launching Malanta to give defenders back control of the timeline. Because the next security revolution doesn’t start at detection. It starts before the attack.
