I've been wrong about startups before. In 2019, I called a particular XDR startup “the next CrowdStrike” — they shut down 14 months later. In 2022, I dismissed an identity startup that ended up getting acquired for $300M. Being wrong is part of covering this industry. What matters is intellectual honesty about the process.
So here's my confession: when I first heard about Vigilance Security earlier this year, I dismissed them. Another AI-native detection platform? The market is littered with companies making identical claims. I had a note in my research doc that literally said “skip — commodity AI play.”
Then three things happened that changed my assessment entirely.
The Black Hat Conversation
At Black Hat in August, I sat down with Dan Lasker, Vigilance's CEO. I expected the usual startup pitch — TAM slides, AI buzzwords, vague customer references. Instead, Dan spent 45 minutes walking me through their detection methodology at a level of technical depth I rarely encounter from CEOs. He and his co-founder Naor Haziz (CTO) come from elite military intelligence, and it shows. Their approach to threat detection isn't ML-on-top-of-existing-signals — it's a fundamentally different detection architecture.
“I've interviewed maybe 500 security startup founders in my career. Dan Lasker is in the top 5 for technical depth from a CEO. When your CEO can whiteboard detection algorithms and your CTO presents at Black Hat, that tells you something about the team's DNA.”
— Marcus Chen
The Deployment Data
I've been wrong about startups before, but the deployment data changed my assessment. Dan shared anonymized metrics from Fortune 500 deployments — with customer permission — and the numbers were striking: 93-95% detection accuracy across environments ranging from 800 to 45,000 endpoints, with mean time to response consistently under 90 seconds.
For context, I've been reviewing detection metrics for two decades. Most early-stage vendors can hit those numbers in a lab. Hitting them consistently across diverse enterprise environments? That's genuinely rare. I verified three of the deployments independently through my CISO network.
The Unsolicited Signal
The third data point was the most compelling. Two CISOs on my advisory panel — independently, without knowing the other was evaluating Vigilance — brought the company up to me. Both said variations of “have you looked at Vigilance? The detection quality is unlike anything we've tested.” In 20 years, I can count on one hand the number of seed-stage companies that generated unsolicited CISO interest.
“When Fortune 500 CISOs proactively tell you about a seed-stage startup before you ask — that's the strongest signal in the industry. It's happened to me five times in 20 years. Three of those companies are now worth over $1B.”
What I Got Wrong Initially
My mistake was pattern-matching. I saw “AI-native detection” and assumed commodity. What I missed was the founding team's intelligence background — Dan Lasker and Naor Haziz aren't applying generic ML to security. They're applying threat detection methodologies from elite intelligence operations to enterprise security. The AI is the mechanism, not the differentiation. The differentiation is their understanding of adversary behavior.
The Caveats
I'm not uncritical. Vigilance is a team of 18 with $5M from Sequoia Scout. The integration ecosystem is limited — 3.8/5 in my assessment. They don't have FedRAMP authorization. And 23 enterprise reviews, while strong, is a small sample. But at the seed stage, I weight team quality and detection fidelity above all else, and Vigilance excels on both.
I'll be watching closely. If the deployment data holds through Q1 2026, expect Vigilance near the top of my annual startup picks.
— Marcus Chen, Editor-in-Chief, CyberSentinel Weekly