Check out all the on-demand sessions from the Intelligent Security Summit here.
Cloud-based authorization startup Authomize today announced that it raised $16 million in series A funding led by Innovation Endeavors, bringing the startup’s total raised to $22 million to date. CEO and cofounder Dotan Bar Noy says that the capital will be used to support Authomize’s R&D and hiring efforts this year, as expansion ramps up.
One study found that companies consider implementing adequate identity governance and administration (IGA) practices to be among the least urgent tasks when it comes to securing the cloud. That’s despite the fact that, according to LastPass, 82% of IT professionals at small and mid-size businesses say identity challenges and poor practices pose risks to their employers.
Authomize, which emerged from stealth in June 2020, aims to address IGA challenges by delivering a complete view of apps across cloud environments. The company’s platform is designed to reduce the burden on IT teams by providing prescriptive, corrective suggestions and securing identities, revealing the right level of permissions and managing risk to ensure compliance.
“As security has evolved from endpoints and networks, attention has increasingly moved to identity and access management, and specifically the authorization space. Many of the CISOs and CIOs we spoke with expressed the need for a system that would secure and manage permissions from a single platform. They took access decisions based on hunches, not data, and when they tried to take data-driven decisions, they found out that the data was outdated. Additionally, most, if not all, of the process has been manually managed, making the IT and security teams the bottleneck for growth,” Noy told VentureBeat in an interview via email.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Authomize’s secret sauce is a technology called Smart Groups that aggregates data from enterprise systems in real time and infers the right-sized permissions. Using this data in tandem with graph neural networks, unsupervised learning methods, evolutionary systems, and quantum-inspired algorithms, the platform offers action and process automation recommendations.
Using AI, Authomize detects relationships between identities and company assets throughout an organization’s clouds. The platform offers an inventory of access policies, blocking unintended access with guardrails and alerting on anomalies and risks. In practice, Authomize constructs a set of policies for each identity-asset relationship. It performs continuous access modeling, self-correcting as it incorporates new inputs like actual usage, activities, and decisions.
Of course, Authomize isn’t the only company in the market claiming to automate away IGA. ForgeRock, for instance, recently raised $93.5 million to further develop its products that tap AI and machine learning to streamline activities like approving access requests, performing certifications, and predicting what access should be provisioned to users.
But Authomize has the backing of notable investor M12 (Microsoft’s venture fund), Entrée Capital, and Blumberg Capital, along with acting and former CIOs, CISOs, and advisers from Okta, Splunk, ServiceNow, Fidelity, and Rubrik. Several undisclosed partners use the company’s product in production, Authomize claims — including an organization with 5,000 employees that tapped Smart Groups to cut its roughly 50,000 Microsoft Office 365 entitlements by 95%. And annual recurring revenue growth is expected to hit 600% during 2021.
Authomize recently launched an integration with the Microsoft Graph API to provide explainable, prescriptive recommendations for Microsoft services permissions. Via the API, Authomize can evaluate customers’ organization structure and authorization details, including role assignments, group security settings, SharePoint sites, OneDrive files access details, calendar sharing information, applications, and service principal access scopes and settings.
“Our technology is allowing teams to make authorization decisions based on accurate and updated data, and we also automate day-to-day processes to reduce IT burden … Authomize currently secures more than 7 million identities and hundreds of millions of assets, and our solution is deployed across dozens of customers,” Noy said. “Using our proprietary [platform], organizations can now strike a balance between security and IT, ensuring human and machine identity have only the permission they need. Our technology is built to connect easily to the entire organization stack and help solve the increasing complexity security, and IT teams face while reducing the overall operational burden.”
Authomize, which is based in Tel Aviv, Israel, has 22 full-time employees. It expects to have more than 55 by the end of the year as it expands its R&D teams to develop new entitlement eligibility engine and automation capabilities and increases its sales and marketing operations in North America.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.