Dream Security raised $260M at a $3B valuation to equip governments with sovereign (nationally controlled), air gapped (physically offline) AI and tools for hunting previously unknown software flaws. The founders' histories are the load bearing context.
Two years after NSO Group's Pegasus spyware was blacklisted by the U.S. government, the co-founder who ran it is back — this time pitching sovereign AI to the same government buyers Dream Security is targeting.
Dream Security Ltd. raised $260 million in a round co-led by Bicycle Capital and Group 11, with participation from Bain Capital Ventures. The Tel Aviv-based company is now valued at $3 billion, according to the funding announcement.
The company's leadership includes Shalev Hulio, the former CEO of NSO Group, and former Austrian Chancellor Sebastian Kurz, who resigned amid corruption allegations in 2021. That biographical overlap is the primary reason this funding round is worth examining closely — not because past behavior predicts future conduct, but because the sovereign-AI procurement question is precisely the kind of high-stakes government purchase where founder reputational history should inform, not disappear from, the analysis.
Dream's product suite is three-tiered. Atlas is an on-premises AI platform — air-gapped, meaning physically isolated from the internet — with neural networks tailored to individual agency requirements. Users interact via a ChatGPT-style interface. Sphere is an attack-path analysis tool enriched with threat-intelligence feeds. Hero uses an ensemble of AI agents to discover zero-day vulnerabilities. Dream also disclosed an RFC Analyzer tool in April 2026, designed to scan open-source network protocol specifications for missing security mitigations.
The round data Dream disclosed shows approximately $300 million in customer contracts, with proceeds earmarked to accelerate adoption. That figure is single-sourced to Dream; no independent analyst or government customer has confirmed it publicly.
Air-gapped AI infrastructure for governments is a real and growing category. The logic is straightforward: some government agencies — intelligence services, defense ministries, critical-infrastructure operators — cannot or will not send sensitive data to cloud-hosted models, even those operated by trusted vendors. The on-prem AI market exists to serve that constraint.
But the gap between "air-gapped AI for governments" and "AI that actually protects citizens" has no independent verification in Dream's case. The $300 million in disclosed contracts is a company-issued figure. The zero-day claims attributed to Hero are vendor self-description. The threat-intelligence backbone that enriches Sphere's attack-path analysis is not independently audited.
What does exist is the category context. Sovereign-AI procurement is accelerating across Western democracies. The buyers are not typical enterprise customers — they are agencies with coercive legal authority, access to communications infrastructure, and, in some jurisdictions, histories of deploying cyber tools against journalists, activists, and political opponents. The question for procurement officers and oversight bodies is whether the vendor's leadership history is a relevant signal in that evaluation. Dream's founders make that question unavoidable.
Hulio ran NSO Group during the period when Pegasus was documented targeting journalists, human-rights defenders, and opposition politicians across multiple countries. NSO Group was subsequently added to the U.S. Entity List, restricting U.S. companies from doing business with it.
Kurz resigned as Austrian Chancellor in 2021 after corruption allegations surfaced involving alleged misuse of government resources for partisan polling and media influence. He has denied wrongdoing. His involvement in a sovereign-AI company raises questions about the political networks he may draw on for government sales — a relevant due-diligence factor for any procurement officer evaluating Dream's customer references.
Neither biographical fact disqualifies Dream from government contracts. But both are material inputs to the risk-assessment process that procurement officers, investors in Dream's backers, and oversight bodies should be conducting.
The $3 billion post-money valuation is a market-clearing number between Dream and its investors — Bicycle Capital, Group 11, and Bain Capital Ventures. It reflects what the company and its lead investors mutually agreed the equity is worth, not an independent assessment of revenue multiple, ARR, or customer concentration.
The disclosed $300 million in customer contracts is Dream's own figure. It has not been confirmed by any independent party cited in the funding coverage. For context: $300M in disclosed contracts against a $3B valuation implies roughly a 10x multiple on disclosed bookings — a rich price that requires either high growth expectations, high margin assumptions, or both. The sovereign-AI market TAM is real but unquantified by third-party analysts in the public record.
The products — Atlas, Sphere, Hero — map to specific buyer needs: on-premises AI compute, attack-path visualization, and zero-day discovery. The vendor claims about each are coherent and internally consistent. They are not independently benchmarked.
For operators, investors, and policy staff evaluating sovereign-AI vendors, the Dream case offers a four-point evaluation framework:
Dream Security's $260M round closed June 18, 2026. Lead investors Bicycle Capital and Group 11 were reached for comment; no response was received prior to publication. Dream declined to make Hulio or Kurz available for interview.