Solving the Human Risk Problem in Security: Our Investment in Frame

Most cybersecurity problems are, at their core, engineering problems. You find a vulnerability, you patch it, you write better code, you build a stronger system.

Human risk is different. You can’t patch a person. No matter how good your infrastructure is, if someone clicks the wrong link or gets fooled by a deepfake voice message and wires money, the technical defenses don’t matter.

Tal Shlomo understands this deeply. As one of Wiz’s earliest employees, working closely with the world’s best security teams, he saw that even the most sophisticated technology isn’t enough to close the attack surface that is human behavior and psychology.

Until just a few years ago, effective social engineering attacks were labor-intensive. Crafting a convincing impersonation or a personalized phishing email took skill, time, and effort, which limited the scale at which attackers could operate. But with AI, the same attacks can be generated quickly and at a massive scale, with almost no marginal cost.

Most organizations recognize this – more than 95% run some form of security awareness program – yet there remains a massive gap between effort and outcome. In 60% of data breaches, a human was the attacker’s way in. Today’s training is static, generic, and disconnected from how people actually think and work, as well as how attackers operate.

There’s a common narrative in security that employees are the problem. Tal and his co-founder, Sharon Shmueli, reject that outright. They believe deeply that employees are, in fact, the last line of defense – and for that line to hold, they must be prepared for the threats they face this minute, not a static approximation of threats from five years ago.

Frame is an AI-driven human security platform that continuously analyzes how organizations operate (their roles, their communication patterns, their exposure) and uses that picture to generate personalized simulations and training tailored to what each employee is most likely to face. It evolves at the speed of the threat landscape, so that when new attack vectors emerge, training can be deployed in minutes rather than waiting for the next quarterly cycle.

Dozens of enterprise organizations, including Wellstar Health, Louis Dreyfus Company, and AlphaSense, have already adopted Frame, a strong signal that the market is ready for something better than what exists today. The global security awareness training market is projected to reach $13 billion by 2027, and given how badly the current generation of tools is failing, we think the opportunity for a true category leader is substantial.

One of my favorite subplots in the story of great companies is the founders who come out of them. The magic of Wiz wasn’t just the incredible business that Assaf, Roy, Ami, and Yinon built. It was the super team of Wizards they assembled – the talented, ambitious folks who spent years observing what great leadership and company-building look like. Frame is among the first of what we believe will be a lineage of compelling companies to emerge from the Wiz orbit, and Tal – handpicked by Assaf, mentored by Ami, Yinon & CJ, and described by Roy as a superstar – perfectly encapsulates the qualities you’d expect from a founder who grew up in that culture.

We’re delighted to have been Tal, Sharon, and the Frame team’s first partner, and looking forward to new investor Team8’s support in building a franchise to tackle one of the hardest and most important problems in cybersecurity.