Native, a cloud security startup founded by former senior cloud security executives, emerged from stealth Tuesday with $42 million in funding and unveiled what it calls a cloud security control plane designed to help companies enforce security policies across multiple cloud providers.
The company said its funding includes a $31 million Series A round led by Ballistic Ventures, with continued participation from seed investors General Catalyst, YL Ventures and Merlin Ventures. Phil Venables, the former chief information security officer of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board.
Native said its platform is designed to translate a company’s security policies into provider-specific controls that can be enforced across Amazon Web Services, Microsoft Azure, Google Cloud and Oracle Cloud Infrastructure. Rather than adding another monitoring or detection layer, the company said the platform works through the native enforcement mechanisms already built into those cloud providers.
The launch comes as companies face growing pressure to secure increasingly complex cloud environments while cyberattacks accelerate. Native cited data from Google’s Mandiant showing that the average time to exploit vulnerabilities fell to minus one day in 2024, meaning attackers were, on average, exploiting flaws before patches became publicly available.
That shift has increased interest in so-called secure-by-design cloud architecture, which emphasizes preventing security problems through infrastructure design rather than relying primarily on detection and response after the fact.
“Cloud providers invest heavily in security controls. The irony is that most enterprises struggle to use them effectively, especially across multiple clouds,” co-founder and CEO Amit Megiddo said in a statement. “We built Native so that security teams can define security policy intent and have it enforced everywhere, staying aligned as environments change.”
The company said one of the main challenges for large organizations is that while major cloud providers offer extensive native security controls, applying them consistently can be difficult and risky, particularly in production environments where misconfigurations can disrupt business operations. The problem becomes more complicated in multi-cloud settings, where each provider has its own identity systems, policy models and rapidly changing services.
Native said its platform includes pre-deployment impact simulation, staged rollout tools and approval workflows aimed at reducing the risk of disruptions when new controls are introduced. It said the system is designed to keep enforcement aligned as cloud services and organizational requirements change.
Venables described the company’s approach as part of a broader shift in cloud security.
“Cloud security is entering a new era where the unit of work is not finding problems, it’s safely enforcing the right architecture at speed,” he said in a statement.
Investors backing the company said the rise of AI-assisted attacks is compressing the time between the appearance of new vulnerabilities and their exploitation, making preventive controls more important.
“The tradeoff between being more secure and business moving faster is a false choice,” Jake Seid, co-founder and general partner at Ballistic Ventures, said in a statement.
Ofer Schreiber, senior partner at YL Ventures, said reactive detection alone is no longer sufficient, while Shay Michel, managing partner at Merlin Ventures, said enterprise AI adoption will require security that is built into cloud infrastructure rather than added from the outside.
Native said it is already working with Fortune 100 companies in the finance, technology and media sectors.
The company was founded by executives with cloud security experience at major firms. Megiddo previously led Amazon GuardDuty at AWS, Chief Product Officer Gal Ordo led AWS Security Hub and Chief Technology Officer Eyal Faingold was vice president of cloud security at Check Point.
Native said it has 41 employees in Tel Aviv and the United States and plans to grow to 90 by the end of 2026. It said its workforce includes employees from major cloud providers, elite Israeli military cyber units and security companies including Palo Alto Networks, Lacework, Axonius and Cyera.