© 2025 Yasuyuki Sakane ([email protected]). All rights reserved.
<aside>
This report details the results of a due diligence (DD) conducted over approximately one month from October 2024, at the request of Japanese investment firm Y Inc., to evaluate the technological capabilities and suitability for the Japanese market of Israeli AI cybersecurity firm X Inc. (hereafter, X Inc.). This DD was performed under challenging circumstances due to extremely limited information disclosure from X Inc.
Contrary to the advanced image X Inc. projects of "AI-driven next-generation cybersecurity," its current technological level (limitations in LLM (Large Language Model) capabilities, lack of real-time monitoring capabilities, absence of advanced AI analysis algorithms, qualitative risk assessment, etc.) falls significantly short of expectations. In particular, the LLM's capabilities are limited by the physical constraints of the appliance, attack path visualization relies on known threat frameworks, and its ability to respond to unknown threats is assessed as low. Furthermore, its understanding of Japan's legal system (especially Article 21 of the Constitution, "Secrecy of Communications") and the specific characteristics of the Japanese market (decision-making processes, business culture, etc.) is insufficient. Consequently, it is concluded that utilizing X Inc.'s current solution for genuine "Active Defense" and achieving the results Y Inc. expects in the Japanese market in the short term is extremely difficult.
For X Inc. to explore the possibility of success in the Japanese market, the minimum prerequisites include a fundamental strengthening of its technological base (real-time analysis, implementation of advanced AI analysis, introduction of quantitative risk assessment, etc.), thorough localization for the Japanese market (compliance with laws and regulations, flexible business models, building strong partnerships with major domestic IT companies), sincere responses to legal and ethical issues, and the formulation and execution of a phased market penetration roadmap.
This DD highlights the importance of multifaceted and critical verification of technological reality and market suitability when evaluating overseas companies that tout advanced technologies.
</aside>
This report summarizes the results of a due diligence (DD) on an Israeli cybersecurity company (hereafter, Israel X Inc. or X Inc.) conducted by me over approximately one month starting in October 2024, at the request of Japanese investment firm Y Inc., and provides strategic recommendations based thereon.
At the time, Y Inc. had been exclusively investing in X Inc. from its seed stage. The CTO of Y Inc. (who is also an acquaintance of mine) directly requested a detailed evaluation of the company's technological superiority as an AI-driven new-generation cybersecurity product, its market launch potential, and its future growth potential.
This DD was conducted under several noteworthy backgrounds and constraints. Firstly, during the DD period, Israel was at war, a time that fostered a cautious stance in the international business environment, particularly concerning transactions with Israeli companies. Secondly, the information provided by X Inc. was limited to outdated brochures and infographic materials, unlike the dozens of product and company-related documents typically expected in a DD. Despite repeated requests for materials, X Inc. refused to provide technical documentation. Furthermore, product demonstrations were limited to a single one-and-a-half-hour session, with only one additional hour oportunidad for Q&A, providing extremely insufficient access to grasp the full picture.
Due to these uncooperative circumstances, the execution of this DD required a challenging process that went beyond superficial information organization, necessitating analysis from an architectural level, hypothesis construction, and evaluation verification and visualization based on limited information. This report is based on insights gained through these analytical approaches.
The specific goals of this DD were to report concrete and logical views on the following points:
<aside>
This evaluation required deep insights across a wide range of fields, not just technical aspects, but also consideration of market value, future prospects, and consistency with laws and regulations, as the DD results would also lead to the creation of sales materials. In particular, when considering sales expansion to the Japanese government, the necessity of explanations to Diet members belonging to specific political parties and bureaucrats in various ministries, which is assumed as a preliminary stage, made the difficulty level even higher.
I hope this report demonstrates a glimpse of the depth of analysis achieved under these difficult circumstances and the strategic thinking based thereon, and that it will serve as a testament to my achievements in my portfolio.
X Inc. is a cybersecurity company headquartered in Israel, reportedly focusing particularly on the development of next-generation security solutions utilizing AI technology. Related information suggests that its management, especially the CTO, views the strengthening of cybersecurity in the Japanese market as an opportunity and has shown strong intentions to enter government agencies and critical infrastructure sectors.
However, due to the limited information disclosed in this DD regarding the company's specific corporate scale, detailed track record, and particularly concrete initiatives demonstrating its suitability for the Japanese market, its evaluation must be conducted cautiously. Furthermore, the fact that it is an Israeli company should be considered as a factor that could affect its reception in the Japanese market, given recent international affairs.
"Active Defense," a term frequently used in this report, refers to a strategic defense philosophy that seeks to establish defensive superiority by actively taking countermeasures against cyber attackers, thereby increasing the cost of attacks, in contrast to traditional passive security measures. This includes interference with attacks, delays, and early exposure of attacker behavior, and is a concept being adopted in military contexts such as NATO and the U.S. Department of Defense.
X Inc.'s solution was also expected to align with this trend of "Active Defense," and evaluating its actual state and feasibility in the Japanese market became one of the important pillars of this DD. This report will first clarify the legal and social context of "Active Defense" in Japan, then analyze X Inc.'s current situation and challenges, and finally lead to concrete recommendations.