OpenIntel Logo Black

Contents

CyberArk

  • TechnologySecurity
Key takeaways
  • CyberArk is assessed as a Tier A structural pillar of Israel’s military-industrial complex, deeply integrated with state security requirements.
  • The company functions as the "Keymaster" for Project Nimbus, providing privileged access controls for IDF and government cloud infrastructure.
  • CyberArk partners in the IC3 consortium, packaging identity security with Israeli kinetic weapons exports and national cyber centers.
  • The leadership and workforce include Unit 8200 and Mamram veterans, creating a revolving door that transfers military doctrine to corporate strategy.
  • The $25 billion Palo Alto acquisition and Israeli tax domicile make CyberArk a major financial engine supporting the war economy and state resilience.
BDS Rating
Grade
A
BDS Score
844 / 1000
Military
3.50 / 10
Digital
9.40 / 10
Economy
9.00 / 10
Political
8.00 / 10
links for more information

1. Executive Dossier Summary

Company: CyberArk Software Ltd.

Jurisdiction: Israel (Operational HQ: Petah Tikva); United States (Corporate HQ: Newton, Massachusetts)

Sector: Cybersecurity / Identity Security / Privileged Access Management (PAM)

Leadership: Udi Mokady (Founder & Executive Chairman), Matt Cohen (CEO), Omer Grossman (CIO)

Intelligence Conclusions:

The forensic investigation into CyberArk Software Ltd. (NASDAQ: CYBR) establishes with high confidence that the entity functions as a Structural Pillar (Tier A) of the Israeli military-industrial complex. Unlike multinational technology corporations that may have incidental or secondary exposure to Israeli markets, CyberArk is an indigenous, purpose-built component of the Israeli national security architecture. Its foundational intellectual property, corporate genealogy, and strategic utility are inextricably fused with the operational requirements of the Israel Defense Forces (IDF) and the Ministry of Defense (IMOD).

Military Enablement and Defense Integration:

The audit concludes that CyberArk is operationally integrated into the “kill chain” of the Israeli defense establishment, not through the manufacture of kinetic munitions, but through the provision of the digital assurance necessary for modern warfare. As a founding member of the Israeli Cyber Companies Consortium (IC3), led by state-owned weapons manufacturer Israel Aerospace Industries (IAI), CyberArk acts as a sub-system supplier for “National Cyber Centers” exported to foreign governments.1 This consortium membership signals a strategic alignment where CyberArk’s identity security solutions are packaged alongside lethal platforms—drones, missile systems, and surveillance grids—marking the company as a direct participant in the state’s defense export strategy. Furthermore, the appointment of Omer Grossman, the former Head of the IDF’s Cyber Defense Operations Center, as the company’s CIO represents a seamless transfer of military doctrine into corporate product strategy, ensuring that CyberArk’s solutions remain synchronized with the operational needs of the IDF.3

Technographic Centrality to the Occupation:

Technographically, CyberArk serves as the “Digital Keymaster” for the state’s most sensitive infrastructure. The investigation identifies CyberArk as the primary enabler of Project Nimbus, the $1.2 billion initiative to migrate the IDF and government ministries to a sovereign cloud architecture.3 Without the “privileged access management” (PAM) controls provided by CyberArk, the IMOD would be unable to securely store classified intelligence and operational data on public cloud infrastructure. Thus, CyberArk removes the primary technical barrier to the digitization of the occupation. Additionally, the company’s technology secures the Operational Technology (OT) of the Israel Electric Corporation (IEC) and Mekorot (National Water Company), critical infrastructure monopolies that sustain the settlement enterprise while facilitating resource appropriation in the West Bank.1

Economic Resilience and the War Economy:

Economically, CyberArk functions as a vital financial engine for the Israeli state, particularly during periods of conflict. The pending $25 billion acquisition by Palo Alto Networks constitutes one of the largest foreign direct investment (FDI) events in Israeli history.5 Structured as a cash-and-stock transaction during the “Swords of Iron” war, this deal generates billions in tax revenue for the Israeli Treasury, directly replenishing state coffers depleted by military expenditures. The transaction also serves a geopolitical function, validating the resilience of the Israeli tech sector to global investors and countering the economic isolation effects of the Boycott, Divestment, and Sanctions (BDS) movement.7

Ideological Mobilization and Co-Belligerence:

Politically, the entity has abandoned the neutrality typically associated with publicly traded multinationals. Under the leadership of CEO Matt Cohen and Executive Chairman Udi Mokady, CyberArk has adopted a posture of ideological co-belligerence. Following the events of October 7, 2023, the company issued nationalist declarations (“We Will Prevail”) and explicitly celebrated employees who “bravely volunteered” for military reserve duty in Gaza.8 This rhetoric, combined with the company’s sponsorship of the Magshimim military recruitment program, demonstrates an active commitment to the mobilization of its workforce and resources in support of the state’s military objectives. The company leverages its Unit 8200 heritage not just as a technical credential, but as a core brand identity, reinforcing the “Civil-Military Fusion” that characterizes the Israeli high-tech sector.9

2. Corporate Overview & Evolution

Origins & Founders

The genesis of CyberArk is impossible to decouple from the specific operational context of the Israeli military intelligence apparatus. The company was founded in 1999, a pivotal era in the privatization of Israeli military capabilities, by Alon N. Cohen and Ehud (Udi) Mokady. Both founders emerged from the IDF’s elite technology directorates, and the company’s core intellectual property was conceptually forged within the secure perimeters of military datacenters.

Alon N. Cohen (Co-Founder & Original Architect):

Cohen served in Mamram (Center of Computing and Information Systems), the IDF unit responsible for the military’s central computing infrastructure and software engineering. During his service, Cohen was tasked with securing sensitive military networks. He identified a critical vulnerability: while the network perimeter could be hardened, “insiders” with administrative privileges posed a catastrophic risk if compromised. Cohen explicitly recounts that the “Network Vault” technology—CyberArk’s flagship product—was invented to solve this specific military security gap. He engineered a digital equivalent of a physical vault to compartmentalize sensitive data, a direct application of the “need-to-know” compartmentalization protocols used in military intelligence.1

Ehud (Udi) Mokady (Founder & Executive Chairman):

Mokady served in Unit 8200, the IDF’s Central Collection Unit of the Intelligence Corps. Unit 8200 is responsible for Signals Intelligence (SIGINT) and cyber warfare, comparable to the US NSA but with a more direct role in combat operations and the surveillance of the Palestinian population. Mokady’s background provided the “offensive” counter-intelligence doctrine that defines CyberArk’s approach. The Unit 8200 ethos assumes that the network is already breached and that security relies on monitoring and controlling identity. Mokady has spent decades cultivating the “Unit 8200” brand, utilizing the prestige of the unit to market CyberArk’s software as “battle-tested” technology.3

Assessment:

The foundational narrative of CyberArk is not one of civilian innovation adapted for defense, but of military necessity commercialized for profit. The “Network Vault” is, in its genetic code, a weapon of information warfare designed to protect state secrets. By privatizing this capability, Cohen and Mokady created a vehicle that allows the methodologies of the IDF to be exported globally, generating capital that flows back into the Israeli ecosystem.

Leadership & Ownership

The governance structure of CyberArk maintains a “revolving door” policy with the Israeli security establishment. This ensures that the company’s strategic direction remains aligned with the evolving needs of the state’s defense apparatus.

Executive Leadership:

  • Udi Mokady (Executive Chairman): As the primary architect of the company’s culture, Mokady has institutionalized the relationship between CyberArk and the defense sector. He remains an active advocate for the “Start-Up Nation” narrative, which posits that Israel’s military challenges are the driver of its economic success.
  • Matt Cohen (CEO): While American, Cohen has fully integrated into the Zionist operational framework. His tenure has been marked by a departure from corporate neutrality, evidenced by his vocal support for the IDF during the Gaza war and his framing of the company’s resilience as part of the national struggle.8
  • Omer Grossman (CIO): The appointment of Grossman is the most significant indicator of operational continuity. Grossman served as the Head of the IDF’s Cyber Defense Operations Center (2020–2022) and commander of Mamram (2018–2020). He was effectively the CISO of the Israeli military during active campaigns. His transition to CyberArk implies that the company’s internal security architecture is built by the same architect who designed the IDF’s war-fighting networks.1
  • Chen Bitan (General Manager, Israel & CPO): Bitan, who manages the company’s massive R&D center, is a former department manager at the Mamram Academy, the training ground for IDF software engineers. His leadership ensures that the company’s engineering culture mirrors the rigorous, mission-oriented standards of the military.3

Analytical Assessment:

The leadership profile of CyberArk reveals a company that functions as a privatized extension of the IDF’s technological corps. The high density of veterans from Unit 8200 and Mamram in decision-making roles creates a “shared consciousness” with the military establishment. When the Ministry of Defense tenders contracts for cloud security or identity management, CyberArk does not need to adapt its products; its executives helped write the doctrine that generated those requirements. This structural alignment allows for seamless interoperability between CyberArk’s commercial products and the state’s classified networks. Furthermore, the pending acquisition by Palo Alto Networks—led by Unit 8200 alumnus Nir Zuk—consolidates this leadership cadre into a transnational “8200 Hegemon,” effectively merging two of the most powerful Israeli-founded cyber firms under one umbrella.6

3. Timeline of Relevant Events

The following timeline tracks the evolution of CyberArk from a niche military spin-off to a global pillar of the Israeli war economy. It highlights key moments of integration with the defense establishment, strategic acquisitions of dual-use technology, and political alignment during crises.

Date Event Significance
1999 Founding of CyberArk Established by Alon Cohen (Mamram) and Udi Mokady (Unit 8200) to commercialize the “Network Vault,” a technology based on military data compartmentalization protocols.3
Sep 24, 2014 IPO on NASDAQ (CYBR) CyberArk goes public, raising substantial capital and validating the “8200-to-Market” business model. The IPO allows the company to act as a bridge for foreign capital into the Israeli tech sector.11
Aug 12, 2015 Acquisition of Cybertinel CyberArk acquires Cybertinel, an Israeli firm specializing in cyber threat detection. The acquisition absorbs more “offensive” defense capabilities and personnel from the Israeli security sector.12
Mar 10, 2016 Acquisition of Agata Solutions Acquisition of a firm specializing in Deep Packet Inspection (DPI). DPI is a dual-use technology critical for network surveillance, traffic analysis, and censorship, often used by intelligence agencies.7
Apr 27, 2016 Joins IC3 Consortium CyberArk becomes a founding member of the Israeli Cyber Companies Consortium, led by state-owned Israel Aerospace Industries (IAI). This formalizes its role in the state’s defense export strategy.1
Apr 2021 Project Nimbus Announcement Israeli government selects AWS and Google for the $1.2B Project Nimbus. CyberArk positions itself as the security guarantor for the migration of classified IDF/Government data to the cloud.3
May 2021 CyberSpark Expansion Inauguration of a major R&D center in the Gav-Yam Negev Tech Park (Beersheba), physically collocating with the IDF C4I Corps and the National Cyber Directorate to foster “ecosystem” integration.7
Oct 13, 2023 “We Will Prevail” Statement CEO Matt Cohen publishes a blog post explicitly aligning the company with the Israeli war effort in Gaza, expressing pride in employees volunteering for reserve duty.8
Nov 2023 University Boycott Campaigns Student activists at the University of Aberdeen and Glasgow Caledonian University launch campaigns to terminate CyberArk contracts, citing its ties to the IDF and the risk of complicity in genocide.16
May 20, 2024 Acquisition of Venafi CyberArk announces the $1.54 billion acquisition of Venafi, a leader in machine identity security. This move consolidates control over the security of non-human identities, critical for automated and AI-driven warfare.18
Oct 1, 2024 Completion of Venafi Deal The acquisition closes, expanding CyberArk’s total addressable market and reinforcing its dominance in the “Machine Identity” space essential for modern autonomous systems.19
July 30, 2025 Palo Alto Acquisition Announcement Palo Alto Networks announces intent to acquire CyberArk for ~$25 billion. The deal is framed as creating an “end-to-end” security platform for the AI era.10
Nov 13, 2025 Shareholder Approval of Sale CyberArk shareholders approve the acquisition. The deal represents a massive injection of liquidity and tax revenue into the Israeli economy during the ongoing war.6
Late 2025 IC3 Defense Exports Reports confirm the IC3 consortium (including CyberArk) continues to market “National Cyber Centers” to foreign governments, integrating cyber defense with kinetic weapon sales.1

4. Domains of Complicity

Domain 1: Military & Intelligence Complicity (V-MIL)

Goal:

The objective of this domain analysis is to rigorously determine the extent to which CyberArk Software Ltd. provides material support, technological enablement, or operational integration to the Israel Defense Forces (IDF) and the Ministry of Defense (IMOD). This section investigates beyond the sale of commercial off-the-shelf (COTS) software to identify systemic dependencies and strategic partnerships that enhance the lethal capabilities of the state.

Evidence & Analysis:

  • Direct Defense Contracting via the IC3 Consortium:
    The most definitive evidence of CyberArk’s military complicity is its membership and active participation in the Israeli Cyber Companies Consortium (IC3). Established by the Ministry of Economy, this consortium is led by Israel Aerospace Industries (IAI), the state-owned manufacturer of the Heron drone, the Arrow missile system, and various loitering munitions used in Gaza and Lebanon.1

    • Mechanism of Complicity: The IC3 does not function merely as a trade association; it operates as a unified export vehicle for “National Cyber Centers.” In these deals (documented in Latin American nations like Honduras and Brazil), IAI acts as the prime contractor, delivering a holistic national security package that includes kinetic hardware, surveillance radar, and cyber defense.1 CyberArk provides the Privileged Access Management (PAM) component of this package.
    • Strategic Implication: By partnering with IAI, CyberArk is effectively integrated into the supply chain of a weapons manufacturer. Its software is sold as a sub-system of a larger defense architecture. This contradicts the narrative of a purely civilian vendor; CyberArk is willing to package its technology with lethal platforms to secure government contracts brokered by the Israeli defense establishment.
  • Logistical Sustainment of Occupation Infrastructure:
    The BDS-1000 methodology identifies “Logistical Sustainment” as a key vector of complicity. CyberArk secures the Operational Technology (OT) and SCADA (Supervisory Control and Data Acquisition) networks of Israel’s critical infrastructure monopolies: the Israel Electric Corporation (IEC) and Mekorot (National Water Company).1

    • Analysis of Impact: The IEC and Mekorot are not neutral utilities; they are instruments of state control. The IEC provides the electricity that powers IDF bases, the surveillance cameras along the Separation Wall, and the settlement blocks in the West Bank. Conversely, it is frequently used as a lever of pressure against the Gaza Strip, where power cuts are a routine tactic of the siege. Mekorot manages the water supply, often diverting resources from Palestinian aquifers to Israeli settlements.
    • Forensic Conclusion: By securing the digital control systems of these entities against cyberattacks, CyberArk ensures the operational continuity of the occupation’s logistical backbone. A successful cyberattack on the IEC could disrupt power to military installations or settlements; CyberArk’s “Digital Iron Dome” prevents this, directly contributing to the resilience of the occupation infrastructure.
  • The “Revolving Door” and Doctrine Transfer:
    The personnel linkages between CyberArk and the IDF’s cyber warfare units are structural and pervasive. The most critical link is Omer Grossman, the company’s CIO. Grossman joined CyberArk directly after serving as the Head of the IDF’s Cyber Defense Operations Center (2020–2022).3

    • Operational Relevance: In his military role, Grossman was responsible for defending the IDF’s networks during active combat operations (likely including the May 2021 conflict). His transition to CyberArk represents a direct transfer of military cyber doctrine to the private sector. The defensive architectures, threat intelligence models, and “Zero Trust” methodologies he implements at CyberArk are derived from his experience securing the Israeli war machine. This creates a feedback loop where the company benefits from state-funded operational experience, and the state benefits from a private sector partner that “speaks the language” of military operations.

Counter-Arguments & Assessment:

  • Counter-Argument: CyberArk’s software is defensive in nature. It prevents hackers from stealing credentials. It is not a weapon, and its use by utilities is a standard commercial practice to prevent civilian harm.
  • Rebuttal: In the context of modern hybrid warfare, the distinction between “defensive” software and “offensive” capability is blurred. A military cannot conduct offensive operations if its command-and-control networks are compromised. CyberArk provides the assurance that allows the IDF to operate its digital systems with impunity. Furthermore, the collaboration with IAI in the IC3 consortium proves that the company views its product as complementary to kinetic weapons in a national defense context. The legal requirement for Ministry of Defense export approval for certain “dual-use” markets further confirms the software’s military utility.3

Analytical Assessment:

The evidence supports a finding of High Complicity (Tier A) in the Military Domain. CyberArk is structurally integrated into the state’s defense export mechanism and plays a critical role in securing the logistical infrastructure that sustains the military occupation. The leadership’s direct transition from active cyber command to corporate management cements this alignment.

  • Confidence: High.

Intelligence Gaps:

  • Specific unredacted contracts detailing the exact dollar value of direct sales to the IMOD in the current fiscal year.
  • Direct evidence of CyberArk software installed on specific mobile military platforms (e.g., inside the onboard computer of a Merkava tank or F-35), though its use in the backend cloud (Nimbus) is confirmed.

Named Entities / Evidence Map:

  • IC3 Consortium: 1
  • Israel Aerospace Industries (IAI): 1
  • Omer Grossman (CIO): 1
  • Israel Electric Corporation (IEC): 1
  • Mekorot: 21

Domain 2: Digital & Technographic Complicity (V-DIG)

Goal:

This domain investigates CyberArk’s role in the “Digital Iron Dome” and the “Architecture of Occupation.” Specifically, it examines the company’s involvement in Project Nimbus, its integration with surveillance technologies used for population control, and its participation in the consolidated “Unit 8200 Stack.”

Evidence & Analysis:

  • The “Keymaster” of Project Nimbus:
    Project Nimbus is the flagship $1.2 billion cloud computing project led by Google and Amazon Web Services (AWS) to provide a comprehensive cloud solution for the Government of Israel and the defense establishment.4 The project has faced global condemnation and employee revolts due to the risk of facilitating AI-driven surveillance and lethality.

    • Technographic Role: The migration of classified military data to a public cloud (even a localized one) presents a massive security challenge. The IMOD requires “Military-Grade” access controls to ensure that no unauthorized personnel (including Google/AWS employees) can access sensitive state data. CyberArk acts as the “Keymaster” for this architecture. The company is a launch partner for the AWS Israel Region and provides the Privileged Access Management (PAM) layer that secures the root accounts and administrative credentials for the Nimbus cloud.3
    • Systemic Implication: Without the security assurance provided by CyberArk’s “Vault” and “Cloud Entitlements Manager,” the IMOD would likely view the risks of cloud migration as prohibitive. Therefore, CyberArk is an essential enabler of the IDF’s digital transformation. It allows the military to leverage the immense processing power of the cloud for AI applications (like target generation) while maintaining the secrecy of a closed network.
  • Enabling the Panopticon: Integration with Oosto and BriefCam:
    The audit reveals deep technological integrations between CyberArk and leading Israeli surveillance firms, specifically Oosto (formerly AnyVision) and BriefCam.3

    • Oosto (AnyVision): This company provides facial recognition technology used at IDF checkpoints in the West Bank (e.g., the “Blue Wolf” program) to track and monitor Palestinians. These systems rely on massive biometric databases. CyberArk’s role is to secure the backend access to these databases. By managing the privileged credentials of the system administrators, CyberArk ensures that the biometric data—stolen from Palestinians without consent—is secure from external tampering.
    • BriefCam: Known for its “Video Synopsis” technology, BriefCam allows security services to review hours of surveillance footage in minutes. It is widely used in “Safe City” projects (urban surveillance). CyberArk integrates with BriefCam’s Video Management Systems (VMS) to secure the access logs and video archives.3
    • Analysis: CyberArk acts as the guarantor of the surveillance state. These panoptic technologies are vulnerable to hacking; if a resistance group were to breach Oosto’s database, they could disrupt the checkpoint system. CyberArk provides the digital armor that keeps these systems operational and secure, directly facilitating the enforcement of apartheid through technology.
  • The “Unit 8200 Stack” Consolidation:
    The pending acquisition of CyberArk by Palo Alto Networks represents the consolidation of the “Unit 8200 Stack”.3

    • The “Hegemon”: Palo Alto Networks was founded by Nir Zuk, an alumnus of Unit 8200. By acquiring CyberArk (founded by Unit 8200’s Udi Mokady), the combined entity creates a seamless, end-to-end security platform rooted in Israeli military intelligence doctrine. This “Super-Stack” controls the network perimeter (Palo Alto), the cloud security posture (Prisma/Wiz integrations), and the identity layer (CyberArk).
    • Global Implication: This consolidation allows the Israeli tech sector to set global standards for cybersecurity. It creates a closed-loop ecosystem where the “Blue Team” tools used by Western governments and Fortune 500 companies are all derived from the same military source code, raising concerns about supply chain sovereignty and the ubiquity of Israeli intelligence-linked software in global critical infrastructure.

Counter-Arguments & Assessment:

  • Counter-Argument: CyberArk is a platform that integrates with thousands of vendors. Listing Oosto as a “technology partner” is standard industry interoperability, not an endorsement of their human rights record.
  • Rebuttal: In the field of ethical AI and responsible computing, securing a system known to violate human rights makes the security provider complicit. CyberArk does not just “allow” integration; it actively markets its solution as essential for securing “Physical Security” and “Loss Prevention” systems. By providing the security layer that makes mass surveillance viable and scalable, CyberArk materially contributes to the efficacy of these tools.

Analytical Assessment:

Extreme Complicity (Tier A). CyberArk is the technological lynchpin for Project Nimbus and the Digital Iron Dome. Its tools are the “glue” that binds the IDF’s cloud infrastructure and the state’s surveillance grid, making them resilient to attack. The consolidation with Palo Alto Networks further entrenches this technographic dominance.

  • Confidence: High.

Named Entities / Evidence Map:

  • Project Nimbus: 3
  • Oosto (AnyVision): 3
  • BriefCam: 3
  • Palo Alto Networks: 3
  • Unit 8200 Stack: 3

Domain 3: Economic & Structural Complicity (V-ECON)

Goal:

This section evaluates CyberArk as an economic actor. It analyzes the financial flows generated by the company that benefit the Israeli state, its role in the “War Economy,” and its spatial complicity in the colonization of the Negev region.

Evidence & Analysis:

  • The $25 Billion Liquidity Event and War Financing:
    The acquisition of CyberArk by Palo Alto Networks for approximately $25 billion is a macro-economic event of significant consequence for the State of Israel.5

    • Fiscal Impact: The transaction, structured as a cash-and-stock deal, triggers a massive capital gains tax event. The Israeli Tax Authority will collect billions of shekels from the exit of Israeli shareholders, founders, and employees. This revenue windfall comes at a critical juncture (2025–2026), as the Israeli state faces a ballooning deficit due to the “Swords of Iron” war.
    • War Economy: By injecting billions in foreign currency into the Israeli economy, this deal acts as a stabilizer for the shekel and provides the fiscal space necessary for the government to maintain high levels of military spending. It effectively forces Palo Alto Networks’ shareholders (including global pension funds) to subsidize the Israeli treasury during a war.
  • Spatial Complicity: The Negev “CyberSpark”:
    CyberArk has established a significant R&D presence in the Gav-Yam Negev Tech Park in Beersheba, known as the “CyberSpark”.7

    • The “Blueprint”: The CyberSpark is not a spontaneous market creation; it is a government-directed strategic initiative to move the center of gravity of the tech sector to the Negev. This serves two purposes: (1) Integrating the private sector with the IDF C4I Corps and National Cyber Directorate, which were relocated to the adjacent “Technology Campus,” and (2) “Judaizing” the Negev, a demographic project often advanced at the expense of the indigenous Bedouin population.
    • Active Participation: CyberArk’s GM for Israel, Chen Bitan, explicitly cited “Zionist reasons” for the company’s expansion to Beersheba.7 This admission confirms that the company’s real estate strategy is ideologically driven. By anchoring its operations in the CyberSpark, CyberArk participates in the state’s settlement and development policies in the region.
  • Indigenous Capital vs. Foreign Branch:
    Unlike Microsoft or Google, which have Israeli branches, CyberArk is an indigenous Israeli corporation. Its global headquarters (despite the Newton office) and intellectual property reside in Israel.7 This means the “value add” of the company—its profits, its IP, and its strategic control—remains a national asset. The company acknowledges in SEC filings that it is subject to the Israeli Defense Export Control Law, confirming the state’s jurisdiction over its technology.3

Counter-Arguments & Assessment:

  • Counter-Argument: The company is global, with a US headquarters. The acquisition by a US company (Palo Alto) will Americanize it.
  • Rebuttal: The audit confirms that 71% of the company’s long-lived assets are located in Israel.3 Even after the acquisition, Palo Alto Networks has committed to expanding the Israeli R&D center, maintaining the “Silicon Wadi” as the engine of the company. The tax domicile and the human capital remain firmly rooted in the Israeli ecosystem.

Analytical Assessment:

High Complicity (Tier A). CyberArk is a Structural Pillar of the Israeli economy. The $25 billion acquisition serves as a critical financial lifeline for the war economy, and its presence in the Negev supports the state’s demographic and spatial objectives.

  • Confidence: High.

Named Entities / Evidence Map:

  • Gav-Yam Negev Tech Park: 7
  • Chen Bitan: 7
  • Israeli Tax Authority: 7
  • Palo Alto Networks: 5

Domain 4: Political & Ideological Complicity (V-POL)

Goal:

To analyze the ideological posture of CyberArk’s leadership, specifically regarding their alignment with state military objectives, their response to the Gaza war compared to other conflicts, and their active support for military recruitment.

Evidence & Analysis:

  • The “Safe Harbor” Failure: Wartime Rhetoric:
    A comparative analysis of CyberArk’s response to global crises reveals a distinct bias. During the Russia-Ukraine war, the company issued technical advisories focused on “cyber resilience” and risk mitigation.9 However, following the October 7 attacks and the subsequent war on Gaza, CEO Matt Cohen published a blog post titled “Our Hearts Are Broken, But We Will Prevail”.8

    • Forensic Linguistics: The use of the collective pronoun “We” (“We will prevail”) dissolves the distinction between the corporation and the state. It is a declaration of ideological co-belligerence. The statement explicitly expressed “pride” in employees who “bravely volunteered” for reserve duty.
    • Implication: This rhetoric goes beyond supporting employee safety. It valorizes participation in the military operation. By framing the war as a collective existential struggle in which the company is a participant, CyberArk’s leadership abandoned corporate neutrality. This creates a hostile environment for any employees who might oppose the war or the occupation.
  • Material Support for Military Recruitment (Magshimim):
    CyberArk is a sponsor and active participant in the Magshimim program.9

    • The Program: Magshimim is a national cyber education initiative for high school students. While marketed as educational philanthropy, its explicit goal is to serve as a “feeder” for the IDF’s elite technology units, particularly Unit 8200.
    • Complicity: CyberArk provides funding and employee mentors to train these youths. This constitutes material support for the IDF’s recruitment pipeline. The company is effectively subsidizing the training of future intelligence officers who will staff the surveillance and cyber-warfare units of the occupation. This “grooming” of talent ensures the continuity of the military’s technological edge.
  • Anti-BDS Lobbying and “Brand Israel”:
    CyberArk is a Platinum Member of AmCham Israel (Israel-America Chamber of Commerce).24 AmCham Israel is a key node in the lobbying network that advocates for stronger US-Israel economic ties and pushes for anti-boycott legislation in the US. Additionally, CyberArk is a premier sponsor of CyberTech Global, the main stage for Israeli “cyber diplomacy.” These events function to normalize the Israeli security state, presenting technologies developed for occupation as “innovation” to the global market.9

Counter-Arguments & Assessment:

  • Counter-Argument: Sponsoring STEM education (Magshimim) is Corporate Social Responsibility (CSR). Supporting employees called to reserve duty is a legal/moral obligation in Israel.
  • Rebuttal: Magshimim is not generic STEM; it is specifically a pre-military track for cyber intelligence. The curriculum is aligned with IDF requirements. Sponsoring it is sponsoring military readiness. Regarding reserve duty, while legal compliance is required, the public expression of “pride” and the nationalist “We Will Prevail” framing are voluntary ideological choices that align the brand with the military campaign.

Analytical Assessment:

High Complicity (Tier A). The company’s leadership is ideologically fused with the Zionist project. The sponsorship of military feeder programs and the explicit endorsement of the war effort demonstrate that CyberArk views itself as a national asset first and a corporation second.

  • Confidence: High.

Named Entities / Evidence Map:

  • Magshimim Program: 9
  • AmCham Israel: 9
  • Matt Cohen (CEO): 8
  • CyberTech Global: 9

5. BDS-1000 Classification

Results Summary:

  • Final Score: 844
  • Tier: Tier A (800–1000)
  • Justification Summary:
    CyberArk Software Ltd. is unequivocally assessed as a Tier A: Extreme Complicity target. The company functions as a Structural Pillar of the Israeli military-industrial complex. Its complicity is systemic, spanning all four domains of the BDS-1000 matrix.

    • Military: It is a member of the state-led IC3 Consortium, selling cyber defense alongside kinetic weapons.
    • Digital: It is the “Keymaster” for Project Nimbus, securing the IDF’s cloud infrastructure and the state’s surveillance grid (Oosto/BriefCam).
    • Economic: It is a primary engine of the War Economy, generating billions in tax revenue via its $25 billion acquisition by Palo Alto Networks.
    • Political: Its leadership actively mobilizes for the war effort (“We Will Prevail”) and sponsors military recruitment pipelines (Magshimim).
      The company’s origins in Unit 8200 are not merely historical; they define its current operational doctrine, leadership structure, and strategic purpose.

Domain Scoring Summary

The BDS-1000 model requires a separate evaluation of the target’s complicity across four domains: Military (V-MIL), Digital (V-DIG), Economic (V-ECON), and Political (V-POL). Each domain’s score is a function of its measured Impact (I), Magnitude (M), and Proximity (P).

BDS-1000 Scoring Matrix – CyberArk Software Ltd.

Domain I M P V-Domain Score
Military (V-MIL) 3.5 8.0 7.0 3.5
Digital (V-DIG) 9.4 9.0 9.5 9.4
Economic (V-ECON) 9.0 9.0 10.0 9.0
Political (V-POL) 8.0 7.5 9.0 8.0

V-Domain Calculations

  • V-MIL Calculation:$$V_{MIL} = 3.5 \times \min(8.0/7, 1) \times \min(7.0/7, 1)$$
    $$3.5 \times 1 \times 1 = 3.5$$

    (Note: The Impact score is moderated by the strict BDS definition requiring kinetic weapon manufacturing, but the Magnitude and Proximity are high due to IC3 membership and critical infrastructure protection.)

  • V-DIG Calculation:$$V_{DIG} = 9.4 \times \min(9.0/7, 1) \times \min(9.5/7, 1)$$
    $$9.4 \times 1 \times 1 = 9.4$$

    (Note: Upper-Extreme score due to “Keymaster” role in Project Nimbus and integration with apartheid surveillance tech.)

  • V-ECON Calculation:$$V_{ECON} = 9.0 \times \min(9.0/7, 1) \times \min(10.0/7, 1)$$
    $$9.0 \times 1 \times 1 = 9.0$$

    (Note: High score driven by the $25 billion acquisition acting as a war economy stabilizer and indigenous tax domicile.)

  • V-POL Calculation:$$V_{POL} = 8.0 \times \min(7.5/7, 1) \times \min(9.0/7, 1)$$
    $$8.0 \times 1 \times 1 = 8.0$$

    (Note: High score due to Magshimim sponsorship, anti-BDS lobbying, and “We Will Prevail” wartime mobilization.)

Final Composite

Using the OR-dominant formula with a side boost:

Let:

$$V_{MAX} = \max(3.5, 9.4, 9.0, 8.0) = 9.4$$

$$Sum_{OTHERS} = (3.5 + 9.4 + 9.0 + 8.0) – 9.4 = 20.5$$

BRS Score Formula

$$BRS\_Score = ((9.4 + (20.5 \times 0.2)) \div 16) \times 1000$$

Step-by-Step:

  1. $20.5 \times 0.2 = 4.1$
  2. $9.4 + 4.1 = 13.5$
  3. $13.5 \div 16 = 0.84375$
  4. $0.84375 \times 1000 = 843.75$

BRS_Score = 844

Grade Classification:

Based on the score of 844, the company falls within:

  • Tier A (800–1000): Extreme Complicity
  • Tier B (600–799): Severe Complicity
  • Tier C (400–599): High Complicity
  • Tier D (200–399): Moderate Complicity
  • Tier E (0–199): Minimal/No Complicity

Tier: Tier A (Extreme Complicity)

6. Recommended Action(s):

The designation of CyberArk Software Ltd. as a Tier A target necessitates a comprehensive and immediate response from civil society, institutional investors, and public sector bodies. The company’s deep integration into the Israeli military apparatus and its role in sustaining the war economy make it a priority target for the BDS movement.

  • Institutional Divestment:
    Investment funds, university endowments, and pension funds must immediately divest from CyberArk Software Ltd. (NASDAQ: CYBR). The company represents a toxic asset class due to its “High Confidence” links to the Israeli military and the occupation infrastructure. Furthermore, as the acquisition by Palo Alto Networks (NASDAQ: PANW) proceeds, divestment efforts must expand to include the acquiring entity. Investors must be warned that by holding PANW stock, they are absorbing the reputational and legal risks associated with CyberArk’s complicity in Project Nimbus and the Israeli surveillance state.
  • Public Sector & University Procurement Boycott:
    Public institutions, particularly universities and municipal governments, should immediately review and terminate software licenses with CyberArk. CyberArk creates “sticky” dependencies by securing critical identity infrastructure (Single Sign-On, MFA). Campaigners should mobilize Student Unions and Faculty Senates to demand the replacement of CyberArk with non-complicit alternatives. The precedents set by campaigns at the University of Aberdeen and Glasgow Caledonian University—where students successfully highlighted the link between license fees and the funding of the IDF—should be replicated globally.16
  • Public Exposure of “Dual-Use” Complicity:
    Activists should launch an information campaign to rebrand CyberArk from a “neutral cybersecurity vendor” to a “Digital Arms Dealer.” This campaign should focus on two key narratives:

    1. The Child Soldier Narrative: Highlight the company’s sponsorship of the Magshimim program to demonstrate how CyberArk actively funds the grooming of youth for military intelligence units.9
    2. The Apartheid Tech Narrative: Expose the technological integration with Oosto (AnyVision) to show how CyberArk secures the biometric checkpoint systems used to restrict Palestinian movement.3
  • Monitoring of the Palo Alto Networks Integration:
    Civil society organizations must establish a monitoring mechanism to track the integration of CyberArk’s technology into Palo Alto Networks. Specifically, scrutiny should be applied to how the combined entity competes for US Department of Defense and foreign government contracts. The consolidation of the “8200 Stack” creates a massive, militarized cyber entity; distinct strategies will be needed to challenge its dominance in global critical infrastructure markets.

Works cited

  1. CyberArk military Audit
  2. Checkmarx Joins Israeli Cyber Companies Consortium (IC3) Led by IAI to Provide Industry-leading AppSec Capabilities to National Cyber Defense Organizations, accessed on January 18, 2026, https://www.iai.co.il/cyber-companies-consortium-ic3
  3. CyberArk digital Audit
  4. Inside Israel’s deal with Google and Amazon – +972 Magazine, accessed on January 18, 2026, https://www.972mag.com/project-nimbus-contract-google-amazon-israel/
  5. CyberArk Shareholders OK Palo Alto Networks Deal – GovCon Wire, accessed on January 18, 2026, https://www.govconwire.com/articles/cyberark-shareholders-ok-palo-alto-networks-deal
  6. CyberArk Shareholders Approve the Company’s Acquisition by Palo Alto Networks, accessed on January 18, 2026, http://investors.cyberark.com/news/news-details/2025/CyberArk-Shareholders-Approve-the-Companys-Acquisition-by-Palo-Alto-Networks/default.aspx
  7. CyberArk economic Audit
  8. Our Hearts Are Broken, but We Will Prevail – CyberArk, accessed on January 18, 2026, https://www.cyberark.com/resources/blog/our-hearts-are-broken-but-we-will-prevail
  9. CyberArk political Audit
  10. Palo Alto Networks Announces Agreement to Acquire CyberArk, the Identity Security Leader, accessed on January 18, 2026, https://investors.paloaltonetworks.com/news-releases/news-release-details/palo-alto-networks-announces-agreement-acquire-cyberark-identity/
  11. Cyberark Ipo | StatMuse Money, accessed on January 18, 2026, https://www.statmuse.com/money/ask/cyberark-ipo
  12. CyberArk buys Israeli cyber detection co Cybertinel – Globes English – גלובס, accessed on January 18, 2026, https://en.globes.co.il/en/article-cyberark-acquires-israeli-cyber-detection-co-cybertinel-1001060397
  13. CyberArk Acquires 3rd Israeli Startup, Agata Solutions – NoCamels, accessed on January 18, 2026, https://nocamels.com/2016/03/cyberark-agata-cyber-security/
  14. CyberArk Launches C³ Alliance with Global Technology Partners, accessed on January 18, 2026, https://www.cyberark.com/press/cyberark-launches-c3-alliance-with-global-technology-partners/
  15. Project Nimbus – Wikipedia, accessed on January 18, 2026, https://en.wikipedia.org/wiki/Project_Nimbus
  16. UoA faces backlash over cyber security contract with IDF-linked firm – The Gaudie, accessed on January 18, 2026, https://www.gaudie.co.uk/wpress/index.php/news/2024/11/20/uoa-faces-backlash-over-cyber-ssecurity-contract-with-idf-linked-firm/
  17. gcu to end relationship and contract with cyberark – GCU Students’ Association, accessed on January 18, 2026, https://www.gcustudents.co.uk/thestudentvoice/gcu-to-end-relationship-and-contract-with-cyberark
  18. CyberArk Completes Acquisition of Machine Identity Management Leader Venafi – SEC.gov, accessed on January 18, 2026, https://www.sec.gov/Archives/edgar/data/1598110/000117891324003190/exhibit_99-1.htm
  19. CyberArk Completes Acquisition of Machine Identity Management Leader Venafi, accessed on January 18, 2026, https://www.cyberark.com/press/cyberark-completes-acquisition-of-machine-identity-management-leader-venafi/
  20. CyberArk Shareholders Approve the Company’s Acquisition by Palo Alto Networks, accessed on January 18, 2026, https://www.cyberark.com/press/cyberark-shareholders-approve-the-companys-acquisition-by-palo-alto-networks/
  21. CyberArk Calc
  22. CySource Joins the Israeli Cyber Companies Consortium (IC3) led by Israel Aerospace Industries (IAI), accessed on January 18, 2026, https://www.iai.co.il/cysource-joins-israeli-cyber-companies-consortium-ic3-led-israel-aerospace-industries-iai
  23. Sponsor Catalog – CyberArk IMPACT, accessed on January 18, 2026, https://reg.impact.cyberark.com/flow/cyberevents/ius25/sponsor/page/catalog
  24. The Israel-America Chamber of Commerce – Become a Member, accessed on January 18, 2026, https://www.amcham.co.il/about/101-about/154-become-a-member

 

Related News & Articles