Vega raises $65M to build AI-native cybersecurity platform, challenge traditional SIEMs

As enterprises grow frustrated with legacy SIEM platforms lacking real-time scalability and generating false positives, Vega offers an AI-native detection engine that directly connects to data across cloud storage, APIs, data lakes, or existing systems

Vega, a New York-based cybersecurity startup founded in 2024, has raised $65 million in combined seed and Series A funding to launch what it calls an “AI-native” platform for detection and response. The funding round was led by venture capital firm Accel, with participation from other major investors.

The company was co-founded by Shay Sandler, former research lead at Granulate and a veteran of Israel’s elite cyber intelligence unit, Unit 8200. Sandler says Vega’s core mission is to enable enterprises to monitor, analyze, and respond to threats in real time—without needing to migrate or duplicate their data.

“We’re not layering AI on top of outdated systems,” Sandler said. “This is a ground-up rebuild of how modern security operations should work.”

Beyond traditional SIEMs

Vega enters the market as organizations grow increasingly frustrated with conventional SIEM (Security Information and Event Management) platforms. According to Sandler, these legacy tools often lack real-time scalability and generate excessive false positives. Instead of retrofitting AI tools onto SIEMs, Vega offers a unified detection and response engine that connects directly to data wherever it resides—whether in cloud storage, APIs, data lakes, or existing SIEMs.

Vega’s platform allows security teams to interact with data using natural language queries and receive normalized, context-rich insights instantly. This includes automated triage, threat intelligence ingestion, gap analysis, and dynamic threat hunting—without centralizing the data.

Adoption by major enterprises

While many startups begin with smaller clients, Vega is already being used by large organizations, including Fortune 20 retailers and major pharmaceutical firms. Sandler says the product is live in production environments, with stringent service-level agreements in place.

A significant portion of the new funding will be used to scale engineering and product teams across the U.S. and Israel. Vega also aims to refine its detection capabilities through automated tuning and by continuously aligning with frameworks like MITRE ATT&CK.

“Our approach reduces false positives at the source,” Sandler explained. “We’re focused on building a security engine that grows and learns with the customer—no rip-and-replace required.”

With its AI-native architecture and ability to coexist with legacy tools, Vega positions itself as a disruptive force in the cybersecurity landscape—designed not just to catch up to evolving threats, but to stay ahead of them.