Originally published on LinkedIn. Follow me, Harold Hare, for insights on disruptive industries shaping startups and enterprise.
Cylake, a cybersecurity startup founded by Palo Alto Networks creator Nir Zuk, emerged publicly in March 2026 with a new approach to enterprise security architecture. The company is developing an AI-driven cybersecurity platform designed for organizations that cannot rely on public cloud infrastructure for operational or regulatory reasons.
The company announced $45M in Seed funding led by Greylock and participation from several experienced technology investors. The strategy centers on building a data-driven security system built to operate entirely outside the public cloud while maintaining access to advanced artificial intelligence capabilities. Cylake will begin working with early design partners while developing the platform toward a planned release in 2027.
Founders behind the venture
The company was founded by Nir Zuk together with Wilson Xu and Ehud Shamir, bringing together senior figures from multiple major cybersecurity firms. Zuk established Palo Alto Networks in 2005 and served as chief technology officer for more than two decades before leaving the company in August 2025. Xu spent more than ten years inside Palo Alto Networks engineering, including leadership roles responsible for core development teams.
Shamir brings additional experience from the endpoint security market as a co-founder of SentinelOne. The group represents a generation of security executives who previously built companies that defined several categories of enterprise defense software. Their new venture brings together engineering leadership from both network security and endpoint protection backgrounds.
The announcement of the startup and its early financing detailed the founders’ collaboration and initial strategy. The team’s experience building large-scale security platforms gives Cylake immediate credibility among investors and potential enterprise buyers. Their combined track record also places the company within the long tradition of security startups founded by veteran operators.
A different security architecture
Cylake’s platform is built around the premise that next-generation cybersecurity requires a unified architecture capable of observing all data and infrastructure layers within an organization. Security fragmentation across multiple tools has long been viewed as a major operational challenge in enterprise environments. Disconnected systems often produce gaps in visibility that attackers can exploit.
The company’s platform design attempts to address this issue by integrating security capabilities into a single system built around a data-centric architecture. That structure is intended to allow organizations to analyze operational data and infrastructure activity within one environment. Such a design seeks to reduce the operational complexity created when companies deploy numerous independent security products.
Security systems are integrating artificial intelligence directly into the architecture rather than adding it as a feature layered on top of existing tools. Cylake’s founders argue that security operations increasingly depend on data analysis and contextual understanding across large infrastructure environments. The platform is being designed as an AI-native security architecture with artificial intelligence embedded at the system level.
Operating outside public cloud
One of the central design decisions behind the platform is its ability to run entirely outside public cloud infrastructure. Many modern security platforms depend heavily on cloud-based analytics and centralized data processing. That model can create obstacles for organizations operating under strict regulatory or national security requirements.
Certain sectors cannot transfer sensitive operational data to third-party cloud providers. Government agencies, defense organizations, and critical infrastructure operators frequently maintain internal systems that must remain isolated from public infrastructure. Cylake is targeting these environments by allowing organizations to deploy advanced security capabilities while maintaining full control over their data and operations.
The system can run either on-premises or inside private cloud environments controlled directly by the customer. This architecture is intended to ensure that organizations retain sovereignty over operational data while still gaining access to modern AI-based security tools. The platform therefore attempts to bridge the gap between modern security analytics and environments that cannot rely on public cloud infrastructure.
Execution challenges ahead
Cylake plans to begin development alongside a small group of design partners while building the system toward its anticipated release in early 2027. Early partnerships will allow the company to test how its architecture functions inside complex enterprise environments. These early deployments will also determine whether the system can provide the level of operational visibility required by large organizations.
Developing a security platform capable of analyzing infrastructure and data across an entire organization represents a substantial engineering challenge. Such systems must operate reliably within highly complex environments that often include legacy infrastructure, proprietary applications, and distributed networks. Ensuring consistent performance across these environments will likely determine whether the architecture can scale beyond initial deployments.
The company’s model also depends on convincing security leaders that a unified architecture can replace or consolidate existing collections of security tools. Many large organizations have built security operations around dozens of specialized products accumulated over many years. The coming development phase will focus on demonstrating how a unified security architecture performs inside complex enterprise environments as the platform moves toward its planned launch.
