On the day a finance manager in Cairo gets a voicemail from someone who sounds exactly like the CFO, asking to wire a vendor payment before the close of business, the question is no longer whether the call is fake. The question is whether the company drilled for it. NexGuards, an early-stage cybersecurity startup based in Egypt, is betting that drilling for synthetic-voice and SMS attacks belongs in the same monthly cadence as the email phishing test that became standard a decade ago.
The company sells what it calls an AI-powered platform for personalized cyber attack simulations and security awareness training, with simulated attacks running across email, voice, and SMS channels, plus adaptive training and what it describes as real-time employee risk scoring [NexGuards]. That last piece, the risk score, is the wedge worth watching. Most awareness tooling in market today rates an organization. NexGuards is pitching a per-employee signal that updates as the person clicks, ignores, or reports each simulated lure, which in theory lets a security team route remediation to the specific accounts most likely to fail a real attack.
The bet
Founded by Mohamed Sherif Noureldin and Youssef Abolatta [LinkedIn], NexGuards is targeting a category that has matured in North America under vendors like KnowBe4 but is still loosely served in the Middle East and North Africa, especially in Arabic-language content and in the multi-channel attack patterns now common in the region. Voice cloning and SMS-based social engineering, sometimes called smishing and vishing, have become cheap to run at scale because the underlying generative models are cheap to run at scale. An awareness program that only simulates email is, by 2026, training for the last war.
The company is at the pre-seed stage and recently joined the inaugural cohort of Propeller's Kernel Camp in Silicon Valley, a program that brought five MENA deep-tech startups to the Bay Area [Wamda; Zawya; Tech In Africa]. Propeller positioned the cohort around deep-tech founders building from the region outward, and NexGuards was selected alongside four other companies [My Startup World; entARABI]. For a security startup whose long-term buyers are likely to be banks, telcos, and government-adjacent enterprises in the Gulf, an early line into U.S. investor and partner networks is a useful asset, even before any round is announced.
Why it could be big
The market shape is favorable in two directions at once. On the demand side, MENA enterprises, particularly in the Gulf, have spent the last three years pulling cybersecurity budgets up sharply, with national strategies in Saudi Arabia and the UAE pushing regulated sectors toward formal awareness programs. On the supply side, the incumbents that defined the security awareness category were built before generative AI made voice and SMS impersonation trivial. A platform designed from day one to simulate cross-channel social engineering, in Arabic and English, with content tuned to local pretexts (a fake message from a national bank, a spoofed call from a ministry), has a credible reason to exist that does not depend on undercutting KnowBe4 on price.
The technical approach NexGuards describes, simulations across email, voice, and SMS feeding into a per-employee risk score [NexGuards], is also the sort of architecture that compounds. Every simulated attack generates labeled data about which employees, in which roles, fall for which pretexts. Over time that dataset is the moat, more so than any individual model.
The team and traction
Noureldin lists himself publicly as founder of NexGuards [LinkedIn], and Abolatta is named as co-founder in coverage of the Propeller cohort. The most concrete external validation to date is the Kernel Camp selection itself, which multiple regional outlets covered as a curated cohort of five rather than an open-enrollment program [Wamda; GCC Startup News; Zawya]. The company has not disclosed funding, customer counts, or revenue, and this story does not assert any.
Technical breakdown
The product surface, as described on the company's site, has three layers stacked on top of each other [NexGuards]:
| Layer | What it does | Why it matters |
|---|---|---|
| Multi-channel simulation | Generates phishing across email, voice, and SMS | Matches the actual 2026 attacker toolkit, not just email |
| Adaptive training | Serves training content based on simulation outcomes | Avoids the one-size annual module that employees tune out |
| Real-time risk scoring | Per-employee score updated by behavior | Lets security teams target the riskiest 5 percent rather than retrain everyone |
The interesting engineering question is how the voice simulation is delivered. Running synthetic-voice calls into an enterprise phone system at scale, without tripping carrier fraud filters or violating local telecom rules, is harder than sending an email with a tracking pixel. Whether NexGuards has solved that operationally, or is using a partner carrier, is not disclosed in public sources.
The honest counterfactual
What bears will point to is straightforward: KnowBe4, Proofpoint, and Hoxhunt are well-capitalized, have strong channel relationships in EMEA, and are themselves shipping voice and SMS simulation features. A pre-seed entrant from Cairo has to win on either content quality (Arabic-first, regionally tuned pretexts), price, or speed of innovation in the multi-channel layer. The bull answer, supported by the Propeller selection [Wamda], is that the regional content gap is real, that procurement cycles in MENA often favor local vendors for sensitive security tooling, and that the global incumbents typically retrofit voice and SMS onto an email-first product rather than designing for it from scratch. Both sides of that argument can be true at once, and the next 18 months of pilots will sort it out.
What to watch
The near-term milestones are visible. A first disclosed seed round, ideally with a regional security-focused investor alongside a U.S. fund out of the Propeller network, would signal that the Kernel Camp introductions converted. A named lighthouse customer, particularly a Gulf bank or telco, would matter more than the round. On product, watch whether NexGuards publishes any data on detection rates against its own simulated voice calls, since that is the most defensible metric in the category and the hardest one for an email-first incumbent to match.
What could go wrong at scale
The operational risk is not the AI. The risk is the carrier layer and the regulatory layer. Running synthetic-voice and SMS simulations into enterprise phone systems across multiple MENA jurisdictions means negotiating with telcos that have strong incentives to block exactly the traffic NexGuards needs to send, and operating inside data-protection regimes that vary sharply between Egypt, Saudi Arabia, and the UAE. A platform that works beautifully in a single-country pilot can stall for quarters when the second-country rollout hits a carrier that will not whitelist the simulation traffic. That is the unglamorous problem that will determine whether this becomes a regional category leader or a strong single-market business.