What happened
Sweet Security announced a $ 75 million Series B funding round, bringing its total funding to $ 120 million. The round was led by Evolution Equity Partners, with participation from Munich Re Ventures, Glilot Capital Partners, and Key1 Capital.
Alongside the funding, Sweet launched what it calls the first unified runtime CNAPP (Cloud‑Native Application Protection Platform) that extends beyond traditional cloud workloads to also cover AI environments, including AI models, agents, and the full AI lifecycle.
Who is affected
Enterprises running cloud applications, especially those adopting AI/ML systems or “agentic AI,” are the main beneficiaries of this development. This includes orgs that deploy both legacy cloud workloads and newer AI workloads, as well as companies using multiple cloud environments and AI agents in production.
Security operations and cloud‑security teams at these organizations are directly impacted, as they now have a vendor positioning to offer runtime‑level visibility across both traditional cloud and AI.
Why CISOs should care
- The expansion from cloud to AI security reflects how attack surfaces are evolving: AI workloads and agents introduce new vulnerabilities and adversarial risks. The unified runtime CNAPP from Sweet aims to surface risks that traditional tools, often focused on static configurations or infra posture, might miss.
- Sweet claims its LLM‑powered detection engine reduces alert noise to ~0.04%, potentially helping security teams avoid fatigue and focus only on meaningful real‑time threats. (GlobeNewswire)
- With the rising adoption of AI across enterprises, having a unified cloud + AI security platform could simplify risk posture management and ensure consistent runtime defense, reducing the “blind spots” that can arise when AI systems operate outside traditional security controls.
3 practical actions for CISOs
- Inventory cloud and AI workloads, including AI agents and LLM‑powered services. If you haven’t already, catalog where AI models and agents are deployed (production servers, containers, serverless functions, etc.), alongside your regular cloud workloads. This helps you understand your real attack surface.
- Assess if the current security tooling provides runtime visibility. Review whether your existing cloud security tools offer runtime detection (not just posture/config scanning). If they don’t, consider adding or replacing with a platform built for runtime detection, especially if you are running AI‑powered workloads.
- Design a unified security strategy across cloud and AI environments. Rather than treating AI as a separate security domain, build controls and monitoring that span both cloud infrastructure and AI environments. That ensures unified detection, consistent policy enforcement, and faster response across all workloads.