Toka
Last updated: Apr 28, 2026
Israeli cyber intelligence company providing lawful access, signals intelligence, and cyber operations capabilities exclusively to government and law enforcement customers worldwide.
Visit WebsiteCompany Overview
Toka is an Israeli cyber intelligence startup founded in 2018 and headquartered in Tel Aviv. The company develops and deploys sophisticated intelligence access and signals intelligence (SIGINT) capabilities for government agencies, law enforcement, and defense operators. Toka's core technology stack addresses a critical gap in modern investigations and operations: the ability to gather actionable intelligence from encrypted digital environments and compromised networks within legally and ethically constrained frameworks.
The company operates four primary capability pillars. Strategic Intelligence enables real-time collection of visual and audio signals intelligence at scale from targeted geographic areas—particularly valuable for military ISR, targeting, and counter-narcotics operations where traditional surveillance has become ineffective or impossible. Tactical Operations provide rapid access to specific devices for network operations or forensics, reducing operational risk and time-to-intelligence for tactical teams. Frictionless Surveillance offers covert, persistent monitoring with minimal physical access or equipment, enabling long-duration investigations of high-value targets. Force Protection solutions provide secure covert entry capabilities and site security for operational teams, reducing unnecessary risk to personnel.
Toka's leadership combines deep government, military, and commercial cyber expertise. CEO Gregg Smith brings extensive executive experience from government-focused cybersecurity firms including Archon Secure and KoolSpan. Co-Founder and Israel President Kfir Waldman previously led cyber company Kayhut and was director of engineering at Cisco with Israeli board experience. CTO Moty Zaltsman worked in the Israeli Prime Minister's Office on offensive and defensive intelligence technologies, holds multiple U.S. patents, and brings deep intelligence-focused R&D credibility. The executive team includes experienced operators from the IDF cyber division, Kayhut, and other Israeli and international defense-tech firms, with CFO Gilat Bar Gutman bringing two decades of tech-sector financial leadership including substantial M&A and fundraising experience.
Toka explicitly targets government-only customers, positioning itself within the stricter compliance and oversight framework that emerges in response to reputational and regulatory scrutiny of companies like NSO Group. The company markets aggressively in North America and international markets, with dedicated leadership for U.S. and international sales, and operates under clear legal frameworks and customer vetting protocols. Toka's positioning as the "compliance-first" generation of Israeli cyber intelligence represents a deliberate strategic differentiation: technological sophistication paired with institutional commitment to lawful, oversight-governed deployment.
The market for government cyber access, SIGINT collection, and lawful surveillance capabilities remains strong globally, particularly in the United States and allied democracies facing encryption, organized crime, terrorism, and near-peer adversary threats. Toka's Series B status indicates validated government demand and investor confidence in the defensibility of the business model and technology deployment ethics. The company's ability to maintain government customer relationships while attracting institutional and defense-focused capital suggests credible market traction despite the inherent sensitivity of the sector.
Dual-Use Assessment
Toka's core technology stack is fundamentally dual-use: cyber intelligence access, signals intelligence, and lawful interception capabilities have direct, immediate applicability across government intelligence, military operations, law enforcement investigations, and legitimate commercial security. The company explicitly markets these capabilities for criminal investigations, counter-terrorism, counter-narcotics, near-peer cyber conflict, and force protection. The dual-use potential is not marginal or theoretical; it is the central commercial offering. Toka's differentiation lies in operational execution, compliance frameworks, and customer vetting—not in technical limitations that would prevent misuse. The company operates under explicit government-only customer policy and emphasizes legal oversight and ethical governance. However, the underlying capabilities remain inherently dual-use and dual-control: the same technology enabling lawful law enforcement investigations can be applied to unauthorized surveillance, intelligence operations against non-consenting targets, or cyber attacks. Toka's reputation and business depend on maintaining government customer trust and regulatory tolerance; reputational or regulatory damage could fundamentally impair the company's value.
Strategic Fit Assessment
Priority signal means this entry may be worth researching within the Claw & Talon thesis. It does not mean investable, suitable, endorsed, available, or likely to produce returns.
Toka represents a credible strategic-screening signal for readers focused on deep-tech, government security, and allied defense capability gaps. The company addresses a genuine market demand: government agencies in the U.S., Europe, and allied nations require cyber intelligence and signals intelligence capabilities to combat encryption, investigate serious crime, counter terrorism, and operate against near-peer adversaries. Toka's Series B funding and government customer base demonstrate market validation and customer willingness to pay at scale. The company's leadership combines intelligence-community credibility (Israeli PM office, IDF, Cisco Israel board) with commercial scaling expertise. The regulatory environment for lawful government cyber access remains permissive in democratic allied nations, particularly in the U.S., where Toka has dedicated sales leadership. However, investment carries material regulatory and reputational risk: the company operates in a sector subject to export controls, potential legislation restricting private-sector cyber capabilities, and public controversy (NSO Group reputational damage, potential contagion to peer companies). strategic relevance is high for defense-focused, geopolitically-aligned investors with tolerance for government-relations and regulatory complexity; lower for broad commercial VCs or ESG-focused funds.
Strategic Value to U.S.-Israel Alliance
Toka provides direct, operationally critical cyber intelligence and signals intelligence capabilities that allied government customers cannot easily replicate in-house or procure elsewhere. The company's technology enables encrypted-environment intelligence collection, lawful device access, and SIGINT operations that address genuine intelligence gaps in law enforcement and military operations. For allied democracies facing encryption-driven crime/terrorism, near-peer cyber threats, and resource constraints, Toka's capabilities provide multiplicative operational advantage. The strategic value is highest for the U.S. and Five Eyes (UK, Canada, Australia, NZ) intelligence and law enforcement communities, where demand for cyber access and SIGINT capabilities consistently exceeds domestic supply. for strategic readers and strategic acquirers, Toka offers direct alignment with government security needs, relatively defensible customer lock-in (government dependency on proven, trusted vendors), and potential for profitable long-term government contracts. Strategic value to the Israeli defense-tech ecosystem is also high: Toka demonstrates the viability of Israeli cyber intelligence companies operating under enhanced ethical/compliance frameworks, potentially moderating political and export-control risk for the broader Israeli cyber sector. Long-term strategic exits could include acquisition by major defense contractors (Palantir, Booz Allen, Raytheon), tech giants (Microsoft, Google) seeking government cyber capabilities, or pure defense integrators.
Key Technologies
- Cyber access and device exploitation
- Signals intelligence (SIGINT) collection and processing
- Lawful interception platforms
- Encrypted communications penetration
- Real-time intelligence collection and tasking
- Tactical endpoint forensics and acquisition
- Intelligence platform integration and dissemination
Use Cases & Applications
- Criminal investigation and prosecution (warrants, suspects, evidence collection)
- Counter-terrorism intelligence and targeting
- Counter-narcotics operations and trafficking networks
- Law enforcement SWAT and tactical operations support
- Military signals intelligence and battlefield reconnaissance
- Cyber operations against adversary networks and infrastructure
- High-value target surveillance and tracking
- Force protection and covert personnel security
Sources and verification
This profile is based on public-source research, Claw & Talon curation, and editorial judgment. Inclusion does not imply endorsement, partnership, investment, or a recommendation to transact. Readers should still confirm current status, customers, funding, and product claims before relying on this profile.
Public sources
The links below are visible public references used for source discipline around company identity, status, funding, customer, acquisition, public-company, or other material claims where available.
- Official website Primary public reference for company identity, positioning, and current web presence.
- Profile update timestamp Last updated in the Claw & Talon database on Apr 28, 2026.
Investor Lens
What this entry is
Private startup
Why it may matter
Toka may matter as a Cybersecurity entry with direct private-company diligence for Israeli technology research.
How an independent investor should read this
Direct private-company diligence. Read this profile as a starting point for independent verification, not as a recommendation or suitability assessment.
Evidence to verify
- Verify current status
- Verify traction
- Verify cap table/funding
- Verify technical claims
- Verify regulatory/export-control issues
- Verify customer concentration
Main investor questions
- Is the company currently active, independently financeable, and raising or not raising on terms you can verify?
- What customer, revenue, product, and technical evidence supports the company story?
- What valuation, cap table, rights, and follow-on assumptions would govern any private exposure?
- Does the dual-use claim map to actual commercial and government/defense/resilience buyer evidence?
- What evidence would change the thesis or show that the profile is stale?
What not to infer
- Inclusion does not imply endorsement.
- Inclusion does not imply allocation availability or current fundraising.
- Scores do not indicate investment suitability or expected returns.
- Strategic importance does not automatically imply venture return potential.
Diligence questions
- What evidence verifies Toka's current customer traction, deployment status, and revenue concentration?
- Which technical claims are independently demonstrable today, and which remain roadmap or pilot-stage assertions?
- Where does the product create real defense, intelligence, critical-infrastructure, or emergency-response value beyond ordinary commercial adoption?
- How does the platform integrate into existing SOC, cloud, identity, or compliance workflows without adding operational burden?
- What would disconfirm the priority signal: weak customer references, thin technical differentiation, poor capital efficiency, or limited allied-market access?
Related sector
See the Cybersecurity sector page for market context, related subcategories, and other Israeli companies in this part of the database.
Related companies
Need a diligence readout?
Use the profile and related checklists as a starting point. If the decision needs more context, request a company screen, founder-call prep, diligence memo, or sector readout.