Oligo is secure, with no service interruptions, and features a "runtime vulnerability exploitation" blocking function.

A startup specializing in application security, Oligo Security, has launched a new feature that can block attacks in real-time without service interruption. This approach moves away from the traditional method of tracking vulnerabilities one by one, aiming to provide protection by blocking exploit attempts during the actual “runtime” phase of an attack.

On the 14th (local time), Oligo Security announced the release of its “Runtime Exploit Blocking” feature, capable of blocking application-layer exploit attempts in real-time. The core of this feature is its ability to selectively block attacks without forcibly terminating containers or processes, maintaining service availability without stopping the running application.

This release directly addresses the limitations of reactive enterprise security. Many organizations have long focused on prioritizing common vulnerability disclosures (CVEs) and managing patch backlogs, but actual attacks often occur at a faster pace. According to a Mandient report, “exploit attempts” have been listed as a primary initial intrusion method for six consecutive years. With the spread of AI attack tools, the speed of zero-day exploit attempts has further accelerated.

Oligo Security believes that the focus should be on blocking the “attack techniques” themselves rather than individual CVEs. The company explains that a single protective rule can defend against an entire family of similar vulnerabilities, not just a specific one, creating room to respond to unknown zero-day attacks.

Co-founder and CEO Nadav Cherninsky stated, “Modern attacks are based on repeatable techniques executed at runtime. To effectively block them, we must observe code execution in real-time.” He emphasized, “This new feature allows us to achieve zero-downtime, precise blocking of highly complex exploit attempts.”

Its operation mechanism employs a combined analysis architecture of application-layer function calls and system-level activities. A single behavior may seem normal, but a specific sequence of calls could reveal an actual exploit attempt. Oligo Security explains that when such patterns are identified, the system only blocks the system calls that are the root cause, allowing the rest of the application to continue functioning normally.

The company highlights four core elements of this feature: first, “runtime visibility” into call stacks, function calls, and data flows; second, integrated analysis of application and system activities to detect “runtime exploit attempts”; third, “non-destructive interception” to block attacks without service disruption; and finally, “technique-based protection” targeting the overall vulnerability type rather than individual CVEs.

This approach theoretically aims to narrow the gap between exposed vulnerabilities and actual exploitation. In other words, even if a vulnerability exists, it can be blocked at the moment the attack is executed, minimizing damage. This aligns with the recent trend in security markets shifting from “detection” to “runtime blocking.”

To date, Oligo Security has raised approximately $80 million (about 1.178 trillion KRW). The company completed a $28 million funding round in February 2023 and a $50 million round in January 2025. Investors include Greenfield Partners, Red Dot Capital, Straight Capital, Ballistic Ventures, Lightspeed, TLV Partners, and Cyber Club London.

The security industry believes that as AI-driven attacks accelerate, the importance of “runtime defense” will become increasingly prominent. Oligo Security’s release is seen as a typical example of a security system transitioning from vulnerability management to practical, real-world defense.

Note: This summary is generated based on the TokenPost.ai language model and may omit key details or be inconsistent with actual facts.