Native secures $42M to build cloud policy enforcement platform
Context and Chronology
A newly public startup, Native, announced fresh capital totaling $42M, a raise that will underwrite product expansion and hiring. The financing package includes a lead Series A allocation of $31M, and venture partners from multiple firms joined the syndicate. Management framed the capital as mission-critical to scale a platform that imposes policy intent across multiple cloud vendors without roadblocks. Mr. Megiddo, the company’s CEO, will use the proceeds to accelerate engineering workstreams and customer integrations while preserving rapid release cadence.
The product translates high-level security intent into provider-specific configurations and then orchestrates those changes across environments, with staged rollout and simulation features to limit disruption. Native leans on each cloud’s native controls, converting a single declarative policy into the concrete settings required by AWS, Microsoft Azure, Google Cloud, and Oracle Cloud Infrastructure. Customers can therefore enforce uniform posture without retrofitting toolchains or retraining operations teams. This approach intentionally shifts effort from incident detection to architecture enforcement.
The board gained a notable security executive, Mr. Venables, whose presence sharpens the company’s credibility in large enterprises and among security-minded buyers. Native already counts major enterprises among its pilot customers and plans to more than double staff from current levels by year-end, using the funding as the control point for scale. Venture backers argued that the value proposition is operational speed underpinned by safer defaults rather than incremental scanning or alerting. That sales pitch targets security and cloud platform teams wrestling with sprawl and fragile policy drift.
Market timing matters: multi-cloud architectures grew more heterogeneous and compliance regimes tightened, creating buying pressure for orchestration that maps policy to provider-specific controls. The startup positions itself in the intersection of cloud governance, DevSecOps, and enterprise risk management, promising to shorten remediation windows and reduce misconfiguration exposure. Adoption risks remain, including integration complexity, potential provider feature gaps, and enterprise inertia around replacing existing detection investments.
Broader Market Contrast and Tradeoffs
Parallel fundraises and product bets from other vendors underscore that the market is fragmenting rather than converging on a single architecture. For example, another recent entrant, Cylake, raised a separate round and is positioning an AI-native detection and response product that operates without sending core telemetry to public clouds. That vendor’s strategy targets highly regulated customers that prioritize telemetry residency and auditability over leveraging cloud provider controls.
The divergence highlights a set of tradeoffs enterprises must weigh: Native’s provider-native enforcement reduces operational friction by translating intent into existing cloud controls and minimizing retraining, but its ability to enforce depends on provider APIs and feature parity across clouds. Conversely, telemetry-retention plays (on-prem or private-cloud appliances) offer stronger data-residency guarantees and can enable detection models that never expose raw telemetry to third parties—but they carry higher engineering costs, lengthier pilots, and a heavier professional-services burden to scale.
For procurement and product strategy, the implication is a bifurcated market: cloud-first enterprises with tolerance for provider integrations will favor orchestration-first vendors like Native that promise faster time‑to‑remediation; highly regulated organisations will prize vendors that offer isolated telemetry handling even at the cost of slower deployment. Many successful vendors will likely pursue hybrid deployments or hardened private‑cloud options to address both segments.
Ultimately, Native’s $42M raise validates demand for preventive, provider-native enforcement while also exposing target boundaries: the company can accelerate productization and go‑to‑market, but it will compete alongside firms that sell a different set of guarantees. The interplay between provider API limits and on‑prem technical complexity will shape which classes of enterprises convert pilots into repeatable ARR.
Read Our Expert Analysis
Create an account or login for free to unlock our expert analysis and key takeaways for this development.
By continuing, you agree to receive marketing communications and our weekly newsletter. You can opt-out at any time.
Recommended for you
Cylake secures $45M seed to deliver on‑premises, AI‑native security
Cylake closed a $45M seed round led by Greylock Partners to build an AI-native security platform that runs fully on‑premises or in private clouds. The startup targets regulated buyers demanding data sovereignty , with general availability planned for early 2027.
Adaptive6 debuts code‑centric platform to detect and auto‑remediate hidden cloud waste, raising $44M
A startup called Adaptive6 announced a $44 million funding haul and launched a platform that traces inefficient cloud resources back to the code that created them, then delivers automated fixes to engineers’ workflows. The company positions cloud cost waste as an engineering vulnerability, claiming 15–35% customer savings by preventing and repairing inefficiencies across multi‑cloud and AI workloads.
Trace secures $3M seed to build enterprise agent context layer
Trace closed a $3M seed round to commercialize context engineering for enterprise agents, led by Y Combinator and a syndicate of VCs and angels. The startup maps internal systems into structured context so deployed agents can execute workflows with less human supervision.
Meta Platforms Secures Nebius AI Compute Commitment
Meta Platforms has committed up to $27 billion to Nebius for AI compute capacity, including a $12 billion dedicated tranche that begins in early 2027. The pact materially boosts Nebius’ buildout — the operator disclosed stepped-up capital deployment (about $2.1 billion in the December quarter) and secured power now topping 2 GW with an ambition to exceed 3 GW — even as Meta pursues parallel, large multiyear hardware pacts with Nvidia and AMD and builds a separate $10 billion Indiana campus, signaling a blended strategy of reserved external capacity plus owned hyperscale sites.
Cerebras Secures Oracle Cloud Placement, Reorders Accelerator Power
Oracle publicly acknowledged offering Cerebras accelerators alongside Nvidia and AMD in its cloud stack, giving operational validation to Cerebras’s WSE‑3 design and easing investor concerns about customer concentration. That endorsement arrives as Cerebras closes fresh private funding and as model builders and cloud operators strike bespoke hardware deals — together accelerating heterogeneous-accelerator adoption while exposing supply, integration and exclusivity tensions.
Coinerella Rebuilds Platform on European Cloud Providers
Coinerella migrated its stack to European providers to regain data locality and lower infrastructure spend while accepting more operational responsibility. The shift exposes integration gaps, tooling shortfalls, and a clear path for platform engineering and sovereign-cloud economics to scale.
VisionWave Secures $10M SOW to Build qSpeed-Mine Cryptocurrency Acceleration Platform
VisionWave signed a milestone-driven $10 million statement of work to develop and deploy qSpeed-Mine , targeting production across up to 1,000 nodes within a ~32-week program. Payments are tied to defined acceptance gates, with revenue recognition planned in 2026 if milestones complete as contracted.
PwC and Google Cloud Pledge $400M to Scale AI-Driven Security Operations
PwC and Google Cloud will invest $400 million over three years to embed Google's threat telemetry and security tools into PwC’s transformation and managed services, aiming to accelerate AI-enabled detection and response across hybrid and multi-cloud estates. The move signals a push to industrialize AI in security operations, intensifying competition among cloud providers and managed security vendors while raising questions about vendor concentration and operational governance.