America's Login Screen Is an Israeli Product
Privileged access. Machine identity. Just-in-time permissions. Non-human identity. The plumbing of American enterprise identity is substantially Israeli infrastructure — and the consolidation is just starting.
Every Fortune 500 employee who logs into a corporate system this morning is routing through Israeli code.
The plumbing of American enterprise identity — privileged access, machine identity, just-in-time permissions, non-human identity — is now substantially Israeli infrastructure. The Palo Alto Networks acquisition of CyberArk for approximately $25 billion in February 2026 did not change that. It confirmed it. See Israel Just Cashed $57 Billion in Cyber for the broader exit cycle.
CyberArk was founded in 1999 in Petah Tikva by Alon N. Cohen and Udi Mokady. By the time Palo Alto closed the deal, CyberArk reported $1.169 billion in total annual recurring revenue for full-year 2024 and was protecting privileged credentials for what it publicly described as a substantial share of the Fortune 500. The deal closed February 11, 2026 under terms structured as $45.00 in cash plus 2.2005 PANW shares per CyberArk ordinary share. PAN has publicly named Identity Security as a core pillar of its platform strategy post-close.
That left the rest of the Israeli identity stack independent — and rapidly consolidating the categories CyberArk has been absorbed into.
The independents
Silverfort runs unified identity protection across human, service, and machine identities. The company has publicly reported more than $230 million raised across Series A through D, including a reported $116 million round in 2023 from Greenfield Partners and Aon. It sits in a category PAN now has to either build, buy, or partner around.
Oasis Security built one of the first dedicated non-human identity management platforms — a category that did not exist as a procurement line until 2024. The non-human identity surface is widely reported as larger than the human identity surface in every cloud-native enterprise. Oasis raised a reported $35 million Series A from Sequoia and Accel within seven months of founding.
Apono focuses on just-in-time access — replacing standing privilege with dynamic, time-boxed permissions. Backed by Redpoint and New Era Capital, per public filings. Built by Israeli ex-DevSecOps operators who lived inside the access-request bottleneck.
Token Security raised an early round backed by Notable Capital (formerly GGV) and TLV Partners for non-human identity governance. Founded by Idan Gour and Ariel Shiftan, ex-cybersecurity operators.
Aembit built workload identity for service-to-service authentication. Headquartered in the U.S. with engineering anchored in Israel.
Permiso runs identity-threat detection across cloud platforms — sitting between IAM and the SOC.
Why the category re-rated
Two forces pulled identity into the cybersecurity center.
First — the collapse of the network perimeter. In a zero-trust environment, identity is the perimeter. The login event is the only enforcement point. CyberArk's publicly disclosed revenue trajectory through 2024 told that story before PAN paid for it: durable growth on a billion-dollar base, in a category that ten years earlier was treated as a niche compliance product.
Second — the explosion of non-human identities. Palo Alto Networks' own materials around the close cited machine identities outnumbering human identities by more than 80 to 1. Those identities — API keys, OAuth tokens, service accounts, cloud workload roles, AI agent credentials — are the new attack surface. The legacy IAM stack was not built for them.
Israeli founders saw both shifts early. Many of the Silverfort, Oasis, Apono, Token, and Permiso founders are publicly reported to have served in Unit 8200's offensive divisions or Shin Bet's technology unit — the side of the house that hunts identity. They built defense from the offense's blueprint.
What's next
Three consolidation moves are visible from the public data.
One — Microsoft is widely expected to move on at least one Israeli identity company before year-end 2026 to complete its non-human identity gap.
Two — CrowdStrike will likely continue building rather than buying, but will need to partner with Silverfort or an equivalent for machine-identity coverage.
Three — Palo Alto Networks, having paid approximately $25 billion for CyberArk, is unlikely to remain the only buyer of scale. SailPoint (now public again post-Thoma Bravo) and Okta will both have to respond.
The login screen will keep speaking Hebrew.
