The Operating System for Agentic SecOps

COMPANY OVERVIEW

Vega is an AI-native security analytics company founded in 2024 by Shay Sandler (CEO) and Eli Rozen (CTO), with offices in Tel Aviv and New York. The company was built to replace the rigid ingest-everything model of legacy SIEM with a federated analytics layer that meets security data wherever it already lives.

Vega has raised $185 million across three rounds in 2025, backed by Cyberstarts, Accel, Redpoint, and CRV. Its customer base includes UnitedHealth Group, a Fortune 50 financial services firm, a publicly traded communications company, and a global pharmaceutical with 75,000+ employees. The platform is SOC 2, GDPR, and ISO compliant.

CORE FOCUS

Vega's Security Analytics Mesh (SAM) is a federated analytics layer that queries every SIEM, data lake, cloud log source, and object store in place — no migration, no duplication, no ingest tax. Detection, investigation, and triage run continuously across the entire distributed surface, so coverage gaps and blind spots become visible instead of hidden behind retention tiers.

What differentiates Vega is the agentic operating model: AI agents handle triage, MITRE ATT&CK coverage mapping, and investigation workflows transparently, with the analyst always able to inspect the reasoning. The result is SIEM-class outcomes at a fraction of the data cost.

PRODUCTS & TOOLS

Security Analytics Mesh (SAM) – Federated analytics fabric that connects to SIEMs, cloud logs, data lakes, and object storage without ingesting or moving data.

AI-Powered Detection – Unified threat detection across every connected source with continuous MITRE ATT&CK coverage assessment.

Agentic Triage – Autonomous AI agents that correlate, investigate, and triage alerts with transparent, auditable reasoning.

Threat Briefings – Always-on hunt workflows that turn published threat intelligence into queries against your live data on arrival.