Native has emerged from stealth with $42 million in funding, introducing what it calls the first cloud security control plane: a platform that translates security intent into enforceable, secure-by-design cloud architecture that continuously adapts across AWS, Microsoft Azure, Google Cloud, and Oracle Cloud Infrastructure. The $31 million Series A was led by Ballistic Ventures, with continued participation from seed investors General Catalyst, YL Ventures, and Merlin Ventures.
Phil Venables, former CISO of Google Cloud, has joined Native’s board. Venables called the company’s approach “the next big evolution in cloud security.”
As adversaries use AI to speed up discovery and exploitation, attacks are compressing the timeline from discovery to impact, outpacing human-in-the-loop detection and response. Google’s Mandiant reported that the average time-to-exploit hit minus one day in 2024, meaning attackers were exploiting flaws before patches were publicly available.
In response, organizations are investing in secure-by-design cloud architecture, a more preventive approach to cloud security. The building blocks already exist. AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure each offer deep native security controls, but applying them consistently is complex and operationally risky, especially in production, where mistakes can disrupt the business.
As a result, many organizations use only a fraction of what’s available, and controls often vary across accounts, services, and clouds. That challenge compounds in multi-cloud environments, where each provider has its own identity model and policy mechanisms, and new services are introduced continuously. The result is a widening gap between cloud security strategy and what teams can reliably maintain at scale, which increases risk and can slow adoption of new cloud services and AI infrastructure.
“Cloud providers invest heavily in security controls. The irony is that most enterprises struggle to use them effectively, especially across multiple clouds,” said Amit Megiddo, co-founder and CEO of Native. “We built Native so that security teams can define security policy intent and have it enforced everywhere, staying aligned as environments change. When security is native to the infrastructure, it enables the business to move faster within a secure framework.”
Native uses the controls cloud providers have already built to embed security directly into cloud architecture. It does this by working through provider-native enforcement mechanisms, rather than adding another detection or monitoring layer on top. Security teams define their intent, and Native translates it into the provider-specific configurations required to enforce it across environments.
Because deploying controls in production carries real risk, the platform includes pre-deployment impact simulation, intelligent rollout strategies, and built-in approval workflows to ensure nothing disrupts business operations.
How Native adapts with evolving cloud services
As cloud services evolve and requirements change, Native keeps enforcement aligned as environments shift. The result: enterprises can accelerate their path to secure-by-design cloud architecture, enforced consistently across providers, without needing to scale their security teams or build deep multi-cloud expertise. This preventive approach addresses the challenges introduced by AI-driven adversary techniques while allowing the business to move faster and innovate with a higher security bar in place.
“Cloud security is entering a new era where the unit of work is not ‘finding’ problems, it’s safely enforcing the right architecture at speed,” said Venables. “What will matter most is whether a platform can translate intent into real, provider-native enforcement across clouds and keep that enforcement aligned as environments evolve. That’s the step-change: security that can keep up with the business.”
Investors say AI is compressing the window between new risk and real-world impact, making preventive enforcement a business requirement.
“The tradeoff between being more secure and business moving faster is a false choice,” said Jake Seid, co-founder and general partner at Ballistic Ventures. “Native helps customers raise the security bar while staying nimble across multiple clouds, even as AI changes the speed and scale of attacks.”
“Cloud security has reached a critical inflection point where reactive detection is no longer sufficient for the speed of the modern enterprise,” said Ofer Schreiber, senior partner at YL Ventures. “By establishing a unified enforcement layer, Native is creating the next essential pillar of the security stack. This team is uniquely positioned to define the future of secure-by-design infrastructure, and we’re proud to back that vision.”
Megiddo led Amazon GuardDuty at AWS; CPO Gal Ordo led AWS Security Hub; and CTO Eyal Faingold served as VP of cloud security at Check Point. The company’s investors and advisors include: Zohar Alon, founder of Dome9 (acquired by Check Point); Doug Merritt, CEO of Aviatrix and former CEO of Splunk; and Udi Mokady, founder of CyberArk.
Native currently has 41 employees across Tel Aviv and the United States, with plans to grow to 90 by the end of 2026, drawing talent from all major cloud providers, the IDF’s elite cyber units, and leading security companies, including Palo Alto Networks, Lacework, Axonius, and Cyera.