Vega

Vega is an Israeli cybersecurity startup founded in early 2024 by Shay Sandler (CEO) and Eli Rozen (CTO), both Israeli Unit 8200 veterans with prior success at Granulate (acquired by Intel for $650M in 2022). The company emerged from stealth in September 2025 with an announced $65 million in funding at a $400 million valuation, backed by leading venture firms including Accel, Cyberstarts, Redpoint, and CRV. Vega represents a fundamental architectural rethinking of security operations: rather than forcing organizations to centralize and migrate massive volumes of security data into a single platform (the traditional SIEM model), Vega provides AI-native security analytics that operates "in place," analyzing data where it resides across heterogeneous infrastructure—cloud, on-premises, hybrid, and legacy systems.

The technical foundation combines machine learning, natural language processing, and federated computing to deliver real-time threat detection, investigation acceleration, and automated incident response guidance. Vega's AI engine learns from organizational context, asset inventory, threat intelligence feeds, and historical incident patterns to prioritize genuine security events from the overwhelming noise of traditional SIEM systems. Analysts can express investigation intent in plain English (leveraging large language models), and the system automatically translates that into queries across distributed data sources, correlates findings, and recommends response actions. This "bring the analytics to the data" architecture eliminates the cost, latency, and operational friction of traditional centralized log ingestion—a competitive advantage particularly valuable for enterprises managing multi-cloud environments, regulated systems requiring data residency compliance, or organizations already over-invested in specialized security tools that would be redundant under a monolithic SIEM consolidation strategy.

Vega has achieved remarkable early commercial traction for a stealth-stage startup. The customer list already includes multiple Fortune 500 companies, top-tier global banks, and one of the world's largest healthcare organizations. This traction within six months of stealth exit validates both the product-market problem (SIEM replacement is a $20+ billion global market with chronic customer dissatisfaction around cost, complexity, and detection effectiveness) and the execution quality of a team that has previously scaled infrastructure software to successful exit. The company is operationalized: ~60 employees across Tel Aviv and New York, established sales and customer success functions, and documented deployment wins across multiple vertical markets and geographies.

The competitive positioning against incumbent SIEM vendors (Splunk, IBM QRadar, ArcSight, Microsoft Sentinel) is structurally advantageous. Traditional SIEMs charge based on log volume ingested, creating a perverse incentive to limit data collection or reduce ingestion costs, leaving blind spots in security visibility. Vega's federated model inverts the economic incentive: comprehensive data collection improves signal quality without increasing platform cost, and the AI layer automatically filters noise without analyst overhead. For Fortune 500 security teams spending $5-50M annually on SIEM infrastructure, Vega's promise to deliver better detection at lower total-cost-of-ownership while preserving data-residency compliance and existing tool investments is compelling. The company's Unit 8200 and Granulate pedigree signals deep technical credibility and execution discipline—traits that matter in enterprise security software where implementation failures are high-profile and costly.

Strategically, Vega's emergence at the intersection of cloud modernization, AI automation, and enterprise security operations is timely. Organizations globally are accelerating cloud migration, expanding remote work, and deploying containerized architectures that traditional SIEM infrastructure was not designed to secure efficiently. Simultaneously, cybersecurity talent scarcity (analyst burnout, alert fatigue, alert drowning) is pushing enterprises toward automation solutions that can triage and contextualize threats without human review of every event. Vega addresses both pressures with a platform that reduces analyst toil while improving detection coverage and quality. The company's Israeli origin and founder pedigree (Unit 8200, Granulate) position it within a well-understood cohort of high-velocity Israeli security software companies (Cybereason, Varonis, SentinelOne, Wiz) that have demonstrated ability to scale globally and achieve significant exits or public valuations.

The dual-use and defense-adjacent positioning is credible, though secondary to the commercial narrative. Security analytics and threat investigation workflows are directly applicable to government, intelligence, and military cybersecurity operations. The same federated, in-place analytics that improve enterprise security operations can support government security operations centers (SOCs), critical-infrastructure protection, and intelligence-community threat hunting. Vega's ability to operate across heterogeneous infrastructure (cloud, on-prem, air-gapped networks) and to integrate with existing government tools and data sources creates natural pathways to government procurement. However, the primary go-to-market is commercial enterprise security, with government and defense applications emerging as a secondary segment. The company is best evaluated as a commercial deep-tech cybersecurity leader with adjacent credibility in national security contexts, rather than as a defense-native contractor.