A few years ago, Ehud Schneerson, a former commander of Unit 8200 and the founder of its cybersecurity branch, received an offer that was practically irresistible: a foreign state had earmarked a $500‐million, two‐year budget and asked Schneerson's company, Paragon, to build its offensive cybercapabilities. It was an extremely generous offer: “Invest all the money you need to build such a company, and keep the change.” Soon after that, Schneerson's company received another request to buy the operating license for Paragon's technology. The state in question was offering $40 million, and when Paragon declined, it kept raising its offer, up to the totally fantastical figure of $600 million.

In both cases, despite the immense temptation—Schneerson said no. It was a country with a dodgy human rights record, and Paragon had a different vision of offensive cybersecurity: clean offensive cybersecurity.

Paragon was founded in 2019 and designed its policy largely in light of the growing criticism of NSO and similar firms. The problem with NSO was not only ethical but commercial: operating in this gray zone risked turning off customers who did not want to be implicated with their negative reputation, or even to be dragged under sanctions, such as being placed on the U.S blacklist. But Schneerson is under no illusions: he knows that there is no chance of persuading the most extreme voices ...