Modern enterprises generate enormous amounts of security data. However, legacy tools like Splunk still require companies to store all of it in a single location before they can detect threats. This is a slow and costly process that is increasingly breaking down in cloud environments, where data volumes are exploding and information lives everywhere.
The AI cybersecurity startup Vega Security wants to flip that approach by running security where the data already lives. It implements directly within cloud services, data lakes, and existing storage systems. This two-year-old firm just raised a $120 million Series B round to scale that vision.
Led by Accel with participation from Cyberstarts, Redpoint, and CRV, the new round nearly doubles Vega’s valuation to $700 million. It brings the startup’s total funding to $185 million. This money will be used to further develop its AI-native security operations suite, expand its go-to-market team, and support global expansion.
Shay Sandler, co-founder and CEO of Vega, explained that the current operating model of the SIEM, or security information and event management, has been the dominant technology for two decades. He states it is not only extremely expensive but also increasingly causes AI-native security operations to fail. In complex cloud environments, he says, this model often increases exposure to threat actors.
Sandler said Vega has defined a new operating model that enables organizations to leverage the full potential of their enterprise data to achieve incident response readiness, without all the complexity, cost, and drama. The goal is to simply enable them to reach AI-native detection and response capability anywhere the data is, at scale.
Like many cybersecurity founders, Sandler served in the Israeli military’s cybersecurity unit before being a founding employee at Granulate, which Intel acquired in 2022. After a year at Intel, Sandler decided to pursue a major venture in the cybersecurity world.
That background is partly what attracted Andrei Brasoveanu, a partner at Accel. But it was also Vega’s ambitious approach to security management in a market dominated by one player: Splunk.
Brasoveanu noted that legacy SIEM companies like Splunk, which Cisco acquired for $28 billion, have been criticized in recent years because their solutions are difficult to scale. They fail at processing the massive rise in data volumes driven by AI. He explained that by always centralizing the data, these companies essentially hold the customer hostage.
However, it is often easier to dislike the status quo than to switch to a better alternative. This is a challenge any startup attempting to win enterprise budgets understands. Sandler says Vega’s guiding principle was to not only build a solution that is more cost-effective and better at threat detection, but to make it simple for the biggest and most complex enterprises in the world to adopt within minutes.
Vega’s approach appears to be working. The 100-person startup has already signed multi-million-dollar contracts with banks, healthcare companies, and Fortune 500 firms, including cloud-heavy companies like Instacart.
Sandler stated that the only reason these large organizations would work with a two-year-old startup is because the problem is so painful. Other solutions on the market require an unrealistic expectation that the enterprise change its operations or undertake years of data migrations. Vega enables them to just plug and play and achieve immediate detection and response value.