Sasa Software
Last updated: Apr 27, 2026
Sasa Software develops GateScanner, a file-based attack prevention platform using content disarm and reconstruction (CDR) to sanitize documents, files, and emails by removing malicious payloads while preserving content functionality for defense, government, and critical infrastructure.
Visit WebsiteCompany Overview
Sasa Software, founded in 2013 and based in Sasa, Israel, specializes in content disarm and reconstruction (CDR) technology for file-based threat prevention. The company's flagship product, GateScanner, is a zero-trust platform that treats every incoming file, email, and attachment as a potential threat vector. Rather than relying solely on signature-based detection, GateScanner deconstructs files to their core elements, scans them with multiple detection tools, and reconstructs clean copies while neutralizing both known malware and zero-day threats. This approach is fundamentally superior to signature-matching defenses because it eliminates the threat before it reaches end-user systems, preventing execution of malicious payloads entirely.
The market for CDR is durable and specialized. Organizations handling sensitive data—governments, military networks, critical infrastructure operators, and regulated industries—cannot accept the latency, user friction, or residual risk of traditional antivirus or sandboxing solutions. GateScanner addresses this by providing near-real-time file sanitization with minimal functional degradation. The product preserves document integrity and usability after disarming, critical for operational workflows. Sasa targets high-assurance environments where security requirements justify dedicated, specialized security appliances.
Competitively, Sasa operates in a well-defined niche alongside vendors such as Votiro, ODIX, and OPSWAT's CDR offerings. Sasa's differentiation appears to center on ease of deployment in cross-domain and boundary-protection scenarios, and on efficacy against polymorphic and reconstructed malware. The company's Israeli origin is strategically relevant: Israeli cybersecurity vendors benefit from deep government security partnerships, hardened product design from operational feedback, and proximity to some of the world's most demanding defense customers.
Commercially, Sasa remains a private company in the Series A stage with 11–50 employees, positioning it as a growth-stage specialized vendor rather than an early-stage startup. The company's revenue profile is not publicly disclosed, but the pricing model—typically per-gateway or per-transaction for enterprise security platforms—suggests recurring, defensible unit economics if the customer base is sticky. Validation cycles in government and defense are notoriously long, but Sasa's Israeli base and focus on exactly this segment suggest that early traction with home-market defense buyers has likely de-risked the initial product-market fit.
Dual-use applicability is intrinsic to CDR: the same file sanitization that protects corporate networks from targeted attacks and corporate espionage also protects military networks from advanced adversary-delivered payloads. Sasa's strategic value in the U.S. and allied defense context lies in its ability to harden information boundaries and reduce file-based supply-chain compromise risk—a material threat to defense industrial base integrity and critical infrastructure. As file-borne attacks (particularly via Office documents, PDFs, and email) remain among the most reliable initial-access vectors for advanced persistent threats, CDR appliances at administrative boundaries (DMZ, air-gap transitions, cross-domain solutions) represent high-confidence cyber hygiene layers.
Dual-Use Assessment
Content disarm and reconstruction is inherently dual-use: civilian enterprises require file sanitization to prevent corporate espionage, IP theft, and malware spread via document delivery; military and defense networks require the same capability as a hardened boundary defense against advanced persistent threats, supply-chain compromise, and lateral-movement attacks. Sasa's GateScanner directly addresses file-based attack vectors in both commercial and national-security contexts. The technology offers measurable security elevation above signature-based defenses, making it strategically valuable for allied defense agencies seeking to harden critical data-ingress points and for critical infrastructure operators managing cross-organizational data exchange.
Strategic Fit Assessment
Priority signal means this entry may be worth researching within the Claw & Talon thesis. It does not mean investable, suitable, endorsed, available, or likely to produce returns.
Sasa Software addresses a material cybersecurity gap: file-based attacks remain among the most reliable attack vectors globally, and signature-based or sandboxing-based defenses are insufficient for mission-critical and high-assurance environments. The CDR market is durable and specialized—it cannot be easily displaced by broader security suites because CDR appliances must sit at hard trust boundaries where latency, availability, and zero-compromise assurance requirements are unforgiving. Sasa's focus on cross-domain file transfer and secure ingress positions the company in the highest-value segment of the CDR market. The company's Israeli origin provides credible traction signals: Israeli vendors with focus on government and defense typically validate core product-market fit with the Israeli Ministry of Defense before expanding internationally. Series A stage with modest headcount (11–50) suggests disciplined, capital-efficient growth, typical of security appliance vendors with sticky customers and recurring revenue. Strategic value is high for allied defense and critical infrastructure modernization, particularly in contexts where supply-chain compromise risk and advanced threat sophistication are elevated.
Strategic Value to U.S.-Israel Alliance
Sasa Software enhances resilience against file-based attack vectors in allied defense networks, critical infrastructure, and government agencies. For defense applications, the strategic value is material: GateScanner provides a hardened boundary defense against advanced persistent threats using file-delivery mechanisms (targeted Office documents, polymorphic exploits, supply-chain compromise). For critical infrastructure operators, Sasa reduces ransomware and operational-technology compromise risk. Internationally, Sasa positions allied defense agencies to reduce dependency on non-allied security vendors for mission-critical boundary protection. As adversary sophistication in file-based attacks increases, and as supply-chain security becomes non-negotiable for defense industrial base integrity, CDR appliances transition from optional to mandatory in high-assurance environments.
Key Technologies
- Content disarm and reconstruction (CDR)
- Recursive file deconstruction and deep-element scanning
- Polymorphic and zero-day malware neutralization
- Real-time file sanitization with functional preservation
- Cross-domain and air-gap file transfer appliances
- Multi-detection scanning engines and verification tools
Use Cases & Applications
- Defense and military network file ingress security
- Air-gap and cross-domain information assurance
- Supply-chain malware prevention (defense industrial base)
- Critical infrastructure (energy, water, telecom) data sanitization
- Government inter-agency and classified-network boundary protection
- High-assurance email and document processing for sensitive organizations
- Ransomware and advanced threat prevention in regulated sectors
Sources and verification
This profile is based on public-source research, Claw & Talon curation, and editorial judgment. Inclusion does not imply endorsement, partnership, investment, or a recommendation to transact. Readers should still confirm current status, customers, funding, and product claims before relying on this profile.
Public sources
The links below are visible public references used for source discipline around company identity, status, funding, customer, acquisition, public-company, or other material claims where available.
- Official website Primary public reference for company identity, positioning, and current web presence.
- Profile update timestamp Last updated in the Claw & Talon database on Apr 27, 2026.
Investor Lens
What this entry is
Private startup
Why it may matter
Sasa Software may matter as a Cybersecurity entry with direct private-company diligence for Israeli technology research.
How an independent investor should read this
Direct private-company diligence. Read this profile as a starting point for independent verification, not as a recommendation or suitability assessment.
Evidence to verify
- Verify current status
- Verify traction
- Verify cap table/funding
- Verify technical claims
- Verify regulatory/export-control issues
- Verify customer concentration
Main investor questions
- Is the company currently active, independently financeable, and raising or not raising on terms you can verify?
- What customer, revenue, product, and technical evidence supports the company story?
- What valuation, cap table, rights, and follow-on assumptions would govern any private exposure?
- Does the dual-use claim map to actual commercial and government/defense/resilience buyer evidence?
- What evidence would change the thesis or show that the profile is stale?
What not to infer
- Inclusion does not imply endorsement.
- Inclusion does not imply allocation availability or current fundraising.
- Scores do not indicate investment suitability or expected returns.
- Strategic importance does not automatically imply venture return potential.
Diligence questions
- What evidence verifies Sasa Software's current customer traction, deployment status, and revenue concentration?
- Which technical claims are independently demonstrable today, and which remain roadmap or pilot-stage assertions?
- Where does the product create real defense, intelligence, critical-infrastructure, or emergency-response value beyond ordinary commercial adoption?
- How does the platform integrate into existing SOC, cloud, identity, or compliance workflows without adding operational burden?
- What would disconfirm the priority signal: weak customer references, thin technical differentiation, poor capital efficiency, or limited allied-market access?
Related sector
See the Cybersecurity sector page for market context, related subcategories, and other Israeli companies in this part of the database.
Related companies
Need a diligence readout?
Use the profile and related checklists as a starting point. If the decision needs more context, request a company screen, founder-call prep, diligence memo, or sector readout.