When people hear the term “identity management” in an enterprise context, they usually think of applications that help users authenticate who they are on a network in order to access certain services. In a security context, however, human users are only the tip of the iceberg when it comes to managing access and ensuring that it is not compromised.
A whole, much more complex, universe of mechanical authentications underpins how almost all IT works with everything else – a universe that is arguably far more vulnerable to hacking simply because of its size and complexity, with roughly 50 “non-human Identities for every person usually in one organism, and sometimes more. Today, a startup from Israel called Oasis Security he emerges from stealth with the technology he has built to counter it.
It’s only coming out of stealth today, but it’s already raised funding and acquired customers while still on the radar. Fast-casual food chain Chipotle, real estate firm JLL and Mercury Financial are among its early adopters.
Funding, meanwhile, speaks to early investor enthusiasm. Led by Sequoia (specifically Doug Leone and Bogomil Balkansky). Accel, Cyberstarts, Maple Capital, Guy Podjarny (founder of Snyk) and Michael Fey (co-founder and CEO of browser startup Island) also participated in two separate rounds announced today: a $5 million series and a $35 million series ONE.
Funding note: An investor mentioned Oasis to me months ago, describing the jockeying between VCs to back the yet-to-be-launched Oasis as an “incredible frenzy.”
The crux of what Oasis is dealing with is the fact that non-human identity – which covers not only how two applications interact through authentication, but also how two machines or any processes can work in parallel in an organization – may have become an amorphous but essential aspect of how modern businesses operate today. But because so much of it doesn’t involve people at all, there’s a stark lack of visibility into how much it works, even when it doesn’t.
Human identity management is already fertile ground for bad actors, who use phishing and many other techniques to catch people off guard, steal their identities, and use them to effectively break into networks. Oasis founder and CEO Danny Brickman says non-human identity is very much the next frontier for these bad actors.
“If we’re just playing the statistics game, if it’s true that ID is the new perimeter when it comes to security, then this is The new risk to organizations,” he said in an interview in London. “If you have 50 times more non-human identities than human ones, that means the attack surface is 50 times larger.” For CISOs, he added, how to handle non-human identities “is top of mind right now.”
To address this, Oasis has created a three-part system, which in its simplest terms can be described as ‘discover, solve, automate’.
The first of these creates and monitors a complete picture of how a network looks and works and creates, essentially, a massive representation of all the places where machines or any non-human identities are interconnected. He describes it as a visualized map.
It can then use this map to track what data is moving around where, and when something appears to be amiss. This may or may not be related to an authentication: It could also be related to how data moves through a system after authentication. In both cases, Oasis then provides recovery suggestions to respond to anything out of the ordinary. As with many recovery solutions, these suggestions can be performed automatically or tested by humans.
The third part is proactive ongoing work: an automated update of the map and continuous observation around it.
Brickman’s background is as elusive as the threat his startup aims to contain, but the basics give him some insight into why investors were willing to give him money before the product even launched, and why the startup can sign up users so quickly. early.
He spent more than seven years in the Israel Defense Forces, where he worked in the field of cyber security. There, he tells me he led a team that identified and then fixed a major problem in the military.
What was this problem and how was it fixed? Brickman wouldn’t say, no matter how many ways I asked him.
Leading a team of engineers, he said: “We were working in a basement. Nobody knew about our project. We didn’t want to lose the momentum.” Eventually, they made a breakthrough and won an innovation award presented by the army chief for the project. Which no one knows yet, it seems.
Through this work Brickman met many other engineers, including Amit Zimmerman, who became his partner on this secret, award-winning project and is now his co-founder at Oasis, where he is the head of product.
There are a number of companies now focusing on the challenge of tracking non-human authentication and machine-to-machine identity management. One of them, another Israeli startup called Silverfort, just last week announced a big funding round of its own. Silverfort approaches the problem with a big picture, including human identity as part of his larger purview: His premise is that the two continue to be inextricably linked, so one must examine them simultaneously to truly secure a system.
That’s not something Oasis wants to consider, at least not yet. True to its name, it believes there is something important and distinct and ultimately more profitable in definitively quantifying and solving the myriad problems in the non-human realm first.
“We focus on non-human identity,” Brickman said. “We want to drive value from there.”
“Identity is the new perimeter, and non-human identity is the gap in that perimeter,” Balkansky told Sequoia Capital in a statement. “We are excited to partner with the Oasis team to solve one of the biggest challenges in cybersecurity today. The company came out of the gate very strong and fast, signing up blue chip customers less than a year after its inception, which is a testament to the latent demand for such a solution and the capabilities and commitment of this team.”
