Our Story

We built Native Security because we kept getting called in after the breach.

Cloud controls that are defined but never enforced are worse than no controls. They create false confidence. Native Security closes the enforcement gap.

Founding

How Native Security started

Amit Megiddo spent a decade in cloud security for multi-cloud enterprise teams — largely in the defense and government IT corridor around Reston, VA. The pattern he kept seeing: every large organization had a security policy framework carefully documented. AWS SCPs written. Azure Policy definitions configured. GCP Org Constraints listed in the compliance inventory.

But the controls drifted. Or were never wired into the deploy pipeline. Or covered 80% of accounts but not the ones being actively used. The incident reports always showed the same root cause: the control was defined but not consistently enforced.

Native Security was founded in 2024 in Reston, VA — intentionally near the government and enterprise buyers who have the highest concentration of this exact problem — to close that gap without adding yet another agent layer.

The team

Three people who have each been in the room where the breach gets explained — and decided to build the thing that prevents the next one.

Amit Megiddo, CEO and Co-Founder of Native Security

Amit Megiddo

CEO & Co-Founder

Cloud security practitioner with 10 years building and breaking controls in multi-cloud environments. Previously led security engineering at a government technology contractor in Northern Virginia, where the typical engagement started with a breach and ended with a policy document no one enforced.

Maya Soren, Co-Founder and CTO of Native Security

Maya Soren

Co-Founder & CTO

ML systems engineer who spent four years building policy evaluation pipelines at a cloud infrastructure company — the work that eventually became Native Security's AI control-mapping engine. Focused on making the gap analysis fast enough to run at every deploy, not once a quarter.

Daniel Ferreira, Co-Founder and Head of Engineering at Native Security

Daniel Ferreira

Co-Founder & Head of Engineering

Cloud infrastructure specialist who spent six years architecting guardrail systems for a financial services firm — first in AWS, then cross-cloud when the firm expanded to Azure. Learned firsthand that every OU boundary someone adds becomes a place where SCP inheritance can break silently.

What we believe

Practitioner-first

We build for the engineer who has to explain the breach, not the CISO who approved the policy document. Features are designed around real workflow, not compliance checkbox lists.

Enforcement over documentation

A control that exists in a policy document but never fires is security theater. We measure success by whether the guardrail blocked the thing it was supposed to block.

Native, not added

We use what your cloud provider already built. No agents. No proprietary sensors. The controls are AWS SCPs, Azure Policies, GCP Org Constraints — Native Security maps and enforces what's already there.

Find us in Reston

1875 Explorer Street, Reston, VA 20190 — [email protected]+1 (571) 203-8462