Vega raises $120M Series B led by Accel to replace centralized SIEMs with AI-native security analytics

For years, enterprise security teams have been told that better detection starts with moving more data. Logs pulled from everywhere. Pipelines stitched together. Costs are climbing quietly in the background. The model became so familiar that few questioned whether it still made sense.

That assumption is now being challenged.

Vega, an Israeli security analytics startup founded in 2024, has raised $120 million in a Series B funding round led by Accel, signaling growing demand for security systems that work where data already lives. Cyberstarts, Redpoint, and CRV also joined the round. The raise nearly doubles Vega’s valuation and brings its total funding to $185 million in less than two years.

The funding comes just months after the company closed a $65 million Series A, which TechStartups reported in September at a $400 million valuation. The speed and scale of capital flowing into Vega stand out in a security market that has grown cautious about new architectures.

What investors are responding to is traction. Vega is already signing multi-million-dollar contracts with global banks, large healthcare groups, and Fortune 200 companies. Those customers are using Vega to run detection, investigation, and response without pulling security data into centralized systems.

At the center of Vega’s pitch is a rejection of the legacy SIEM approach. Traditional security analytics tools require organizations to collect and normalize vast amounts of data before meaningful analysis can happen. That process drives infrastructure costs, slows investigations, and leaves gaps across cloud and hybrid environments.

Vega takes a different path. Its platform operates directly on top of existing data sources, allowing security teams to analyze events where the data resides rather than moving it into a central store. The company describes this architecture as a Security Analytics Mesh, or SAM, built to support the full security operations lifecycle from detection through response.

Founded by CEO Shay Sandler and a small group of former Unit 8200 engineers, Vega began with analytics and detection. After seeing those systems adopted inside large enterprise environments, the company has moved deeper into investigation and response. The goal is a single operating model that spans the entire SOC workflow without new pipelines or migrations.

Sandler says the early customer base helped shape that direction.

“When a solution is adopted this quickly by global banks and large enterprises, it signals a meaningful shift in how the market expects security to operate, and we see major security players moving toward distributed, data-native security models as well,” Sandler said. “Security operations should not require data centralization, migration, and high cost just to function. In complex cloud environments, this model simply can’t keep up and often increases exposure to threat actors. Vega is building an operating model that enables AI-native detection and response directly on top of the data enterprises already have. This allows teams to move faster, reduce friction, and simply achieve real outcomes”.

Investors point to customer commitment as the strongest signal.

“What stood out to us was not just the speed of adoption, but the size and significance of the customers committing to Vega early on,” said Andrei Brasoveanu, a partner at Accel. “The company is showing that large enterprises are ready to move beyond legacy security analytics models, and that Vega can execute against that demand masterfully.”

The company has grown to more than 100 employees and is building out its U.S. presence as it targets large retailers, financial institutions, and healthcare providers. Vega has also added experienced leadership, including Yonni Shelmerdine as chief product officer, previously at Expel and SentinelOne, and Ofir Nir as vice president of R&D, who held senior roles at Singular and Monday.com.

Vega is positioning itself as the operating system for an AI-native SOC, built for enterprises that no longer want to trade speed and visibility for centralized control. With $185 million raised and blue-chip customers already on board, the company is betting that the next phase of security analytics looks less like data plumbing and more like real-time action on the data enterprises already trust.