The Category Builder

Shlomo Kramer co-founded Check Point in 1993. Imperva in 2002. Cato Networks in 2015. Three companies. Three cybersecurity categories. One founder.

The third is now valued at over $4.8 billion. In 2024, Cato Networks started working with investment banks on a potential IPO. Those plans were postponed. In summer 2025, the company raised $409 million in private capital at the same valuation instead.

The shorthand reads “delayed IPO.” The shorthand is wrong.

Shlomo Kramer has built three cybersecurity categories in 32 years. Public markets are asking for quarterly results. Those are not the same game.

And the deeper story is not Kramer. It is the system that produces founders like Kramer — the Israeli repeat-founder economy that has now spent three decades compounding into the most consequential category-creation engine in global technology.

The Third-Act Founder

Kramer's career is the most consequential operator arc in Israeli cybersecurity.

1993 — Check Point. Kramer co-founded Check Point Software Technologies with Gil Shwed and Marius Nacht. They built the first commercial firewall. Check Point is now a $20+ billion market cap company. Public since 1996.

2002 — Imperva. Kramer co-founded the innovator of the web application firewall — the category that protected web applications at the application layer. Imperva went public in 2011, peaked above $2 billion in market cap, and was taken private by Thoma Bravo in 2018 for $2.1 billion.

2015 — Cato Networks. Founded with Gur Shatz to converge enterprise networking and security in a single cloud platform. Cato built the category that Gartner formally defined as Secure Access Service Edge — SASE — four years after Cato had already shipped it.

Three companies. Three categories that did not exist when Kramer started building them. One founder.

Category Builders vs. Category Participants

Most cybersecurity founders enter existing categories. Kramer creates them.

Check Point built the first commercial firewall. The firewall did not exist as a procurement category before Check Point made it one. Imperva built the first web application firewall. The category did not exist before Imperva. Cato built SASE. Gartner formally defined SASE in 2019, four years after Cato had already shipped the architecture.

Three categories. Three first-movers. One founder.

The distinction matters because it changes what investors are actually buying. A category participant competes on execution, pricing, and distribution. A category builder defines the rules everyone else has to operate inside. Different game. Different valuations. Different patience requirements.

Most founders build companies. Kramer builds categories.

Why Israel Produces Category Builders

This is the deeper question. Why do three of the most consequential cybersecurity categories of the past 30 years trace back to one founder from one small country?

The answer is not luck. It is system.

Four factors compound.

Military intelligence training. Israel's elite signals intelligence units — Unit 8200, Talpiot, MAMRAM — are the most concentrated technical training programs in the world. They run for two to four years on real adversary networks at scale. Graduates exit with operating experience that civilian universities cannot replicate. Kramer, Shwed, Nacht, Nir Zuk, Assaf Rappaport, the Adallom founders, the Wiz founders, the CyberArk founders, and most of the Israeli cybersecurity industrial base trace through these programs.

A domestic market too small to optimize for. Israel has nine million people. No Israeli founder can build a billion-dollar company on Israeli customers alone. From day one, every product is built for the global market. The U.S. is the primary customer base. Europe is secondary. Israel is rarely a top-five revenue geography. That forces global product thinking, English-native marketing, U.S.-style sales motion, and category positioning that translates internationally. Founders who can only win locally do not get past Series A.

A global-first business culture. Tel Aviv operates on Pacific-time hours when selling to Silicon Valley, U.S. East Coast hours when selling to New York and Boston, European hours when selling to London and Frankfurt. The default expectation is travel, English fluency, and overlap with multiple time zones. The Israeli business culture is the most globally-fluent small-country culture on earth, comparable only to Singapore.

Dense founder networks. Each successful exit seeds the next two to three companies. Check Point alumni founded Imperva, Palo Alto Networks, and roughly twenty billion-dollar companies. Imperva alumni founded more. Adallom's four founders became Wiz's four founders. The same investors, engineers, customers, and reference customers recycle into each successive company. The network does not start over. It compounds.

These four factors combine into a category-creation engine no other country has replicated at scale. The closest analogues are early-1990s Silicon Valley and 2000s Stockholm. Neither sustained the compression Israel has run for two decades.

Kramer is the extreme expression of the system. The system is the asset. Kramer is what the system produces.

Why Nobody Talks About Cato

In a category where the loudest brand usually wins, Cato is the quiet exception.

Kramer rarely speaks at conferences. He gives few interviews. The company's marketing is technical, not personality-driven. There is no founder-CEO press machine.

This is not accident. This is design.

Cato bet that institutional buyers — CISOs, CIOs, procurement teams at Fortune 500 enterprises — make decisions based on analyst reports, customer references, and Gartner positioning. Not press density. The bet was right. Cato was named to the 2026 Fortune Cyber 60 list for a third consecutive year. Gartner placed Cato in the SASE Leaders quadrant.

The communications lesson: for institutional categories, the analyst is the buyer. For founder-led categories, the press is the buyer. Knowing which game you're in is the strategy.

Wiz won by building the loudest brand in cybersecurity before the company had the product to back it. Cato won by building the quietest. Both produced billion-dollar valuations. Different audiences, different mechanics, same outcome.

What Cato Actually Does

SASE moves enterprise networking and security from hardware to the cloud: SD-WAN, secure web gateways, zero-trust network access, cloud access security broker — all delivered as a single platform from a single vendor.

Cato connects 3,500+ enterprises across 190 countries. Approaching $400 million ARR by mid-2026, with growth above 40%. The SASE market is projected to reach $28.5 billion by 2028. In September 2025, Cato acquired Israeli AI security startup Aim Security for $350 million — a signal that AI security will be embedded into SASE rather than bolted on as a separate category.

The IPO That Wasn't

In 2024, Cato engaged investment banks for a possible listing. Nasdaq cybersecurity multiples then compressed. Cato raised $409 million private at $4.8 billion instead.

The IPO was not postponed because Cato needed money. It was postponed because Cato didn't need public money.

The trade is not “delay the IPO.” The trade is “buy 18-24 months of optionality at no incremental dilution.”

Cato vs. Wiz — Two Playbooks

The Israeli cybersecurity exit story usually gets compressed into one model. Cato and Wiz show there are at least two.

Brand-first vs. category-first. Wiz built brand recognition before product depth. Rappaport became the public face of cloud security while ARR was still under $50 million. Cato built category leadership first — through analyst relationships and Gartner positioning — and let brand catch up at the exit.

Media-heavy vs. analyst-heavy. Wiz dominated press coverage. Cato dominated Gartner Magic Quadrants, Forrester Waves, and analyst custom-research reports.

Fast vs. patient. Wiz exited six years after founding. Cato is eleven years in and still independent.

The Wiz playbook is for new categories. The Cato playbook is for established categories. Both work. Both produce multi-billion-dollar valuations. The choice depends on whether the category is being defined or has been defined.

The Repeat-Founder Economy

Israeli tech increasingly produces second and third companies, not first companies.

Shlomo Kramer — Check Point (1993), Imperva (2002), Cato Networks (2015). Three companies. Three categories. One founder.

Assaf Rappaport — Adallom (acquired by Microsoft, 2015), Wiz (acquired by Google, 2026 for $32 billion). Two companies. Two strategic exits. Roughly $3 billion in personal proceeds.

Gil Shwed — Check Point. Still running it 33 years after founding. The category creator who never left the company.

Marius Nacht — Check Point co-founder. Post-Check Point: founder of aMoon, one of Israel's largest healthtech investors. Now seeding the next generation across cybersecurity, healthtech, and AI.

Nir Zuk — Check Point alumnus. Founder of Palo Alto Networks, now a $100+ billion market cap company. The single most successful Check Point spin-out.

The Adallom alumni — Rappaport, Roy Reznik, Yinon Costica, Ami Luttwak. Four founders. Two consecutive exits. Each now positioned as a Tier-1 Israeli founder for the next decade.

The Wiz senior engineers — roughly 1,800 employees, many with eight-figure equity outcomes. Statistically, 30-50 of them will start the next generation of Israeli cybersecurity companies in 2026-2028.

The pattern is structural.

Each successful Israeli technology company has three downstream effects. One — capital recycles. Founders become angel investors. Senior employees become Series A investors. The earliest believers in each new generation are the people who just had a windfall from the prior generation. Two — talent recycles. Senior engineers from one exit become CTOs of the next company. Sales leaders from the prior cycle become founding GTM leaders for the next. Three — customer relationships recycle. The Fortune 500 CISO who bought from Check Point in 2002, Imperva in 2010, and Wiz in 2022 buys from the next Israeli cyber company in 2026. The trust does not start over.

These three recycles compound. They are why Kramer's third company started with 32 years of network depth a first-time founder cannot manufacture for any amount of marketing budget. They are why Wiz reached $1 billion in ARR in five years. They are why the next category-building Israeli company will exist within 18-24 months, and the founder is almost certainly someone whose name is already in the Wiz, Adallom, Check Point, or Imperva alumni network.

For investors, the repeat-founder credential is now the highest-conviction signal in Israeli tech. Founders with a meaningful exit behind them raise on premium terms. The next round of Israeli IPOs and acquisitions will be dominated by repeat founders.

The Israeli technology cluster does not start over. It compounds.

That is the asset. Kramer is the most extreme expression of that asset. Cato is the current vehicle for it.

Three Things To Watch

One — ARR trajectory toward $500 million-plus. Cato is approaching $400 million ARR. The next milestone is $500 million by end of 2026.

Two — AI-security integration after Aim. The Aim Security acquisition needs to ship. Watch through 2026 for product announcements showing AI-security capabilities natively integrated into the SASE platform.

Three — strategic interest from Microsoft. Microsoft has the Defender-Azure-AD-Entra stack. Cato is the most direct SASE extension Microsoft could acquire.

The Takeaway

The most credentialed founder in Israeli cybersecurity is also the most patient. But the deeper story is not Kramer. The deeper story is the system that produces founders like Kramer.

Kramer has done this twice before. Check Point: built, public, $20+ billion. Imperva: built, public, taken private, recovered. Cato: built, postponed, waiting. Each cycle, the company that emerged was larger than the cycle before. Each cycle, Kramer was earlier in the next layer than the market understood at the time.

The reason he can do this — the reason any Israeli founder can do this — is the repeat-founder economy underneath. Military intelligence training. A market too small to optimize for. Global-first culture. Dense founder networks that compound across generations. Four factors. One engine.

Cato is not trying to become Wiz. It is trying to become the next Check Point. That is a bigger ambition. It is also a longer game.

Optionality is the asset. Patience is how Kramer preserves it.

The market thinks Cato delayed an IPO.

Kramer is betting he delayed a valuation. And the Israeli system is betting he is the model the next ten Israeli category builders will follow.

This piece is part of an Olam series on how Israel creates, exports, and compounds strategic advantage. See also: Rafael Sells What Money Can't Buy — on the Combat-Validation Economy in Israeli defense. Inside the AI Citation Map of Israeli Hospitality — on tourism discovery infrastructure in the answer-engine era.

FAQ

Who is Shlomo Kramer?
Shlomo Kramer is an Israeli cybersecurity entrepreneur who has co-founded three companies that each created a new cybersecurity category: Check Point Software Technologies (1993, first commercial firewall), Imperva (2002, web application firewall), and Cato Networks (2015, SASE platform).

Why does Israel produce so many category-creating cybersecurity founders?
Four compounding factors: military intelligence training (Unit 8200, Talpiot, MAMRAM); a domestic market too small to optimize for, forcing global thinking from day one; a global-first business culture; and dense founder networks where each successful exit seeds the next two to three companies.

What is the repeat-founder economy?
The repeat-founder economy is the Israeli pattern of producing second and third companies, not first companies. Capital, talent, and customer relationships from each successful exit recycle into the next generation of companies, compounding across decades rather than starting over.

What is Cato Networks?
Cato Networks is a Tel Aviv-based cybersecurity company that delivers Secure Access Service Edge (SASE) — a cloud-native platform combining networking and security in a single architecture. Cato created the SASE category in 2015, before Gartner formally named it in 2019.

What is Cato Networks' current valuation?
Cato Networks is valued at over $4.8 billion following a $409 million Series G round completed in summer 2025 and extended in October 2025. Total funding raised: approximately $1 billion.

Why was Cato's IPO postponed?
Cato began working with investment banks on a potential IPO in 2024. Plans were postponed after Nasdaq cybersecurity multiples compressed and after Cato raised private capital at the valuation public markets would not bear.