Astrix Security raises $25 million to further secure non-human identities

By | 10:13 AM Leave a Comment

Astrix Security has secured $25 million in Series A funding led by CRV with participation from existing investors Bessemer Venture Partners and F2 Venture Capital. This new investment brings Astrix’s total funding to almost $40 million.

Fueled by the increased adoption of automation and generative AI initiatives, the enterprise’s connectivity to third-party applications is growing, resulting in an increase in cyber attacks targeting non-human app-to-app connections (via API keys, access tokens, service accounts, etc.) – as seen in high profile attacks against CircleCI, Mailchimp, GitHub, Microsoft, and Slack.

Despite financial instability within the market, Astrix is experiencing exponential year-over-year growth and momentum as a leader in securing this growing threat vector. The company recently added Figma, Priceline, Bloomreach, Rapyd and many others to its customer roster and was recognized as a finalist in the 2023 RSA Innovation Sandbox contest.

The business also doubled its headcount, and will use this funding to continue expanding the team in both the U.S. and Tel Aviv offices, including its research team who recently discovered GhostToken, a critical 0-day vulnerability in the Google Cloud Platform.

“We founded Astrix to close a significant and unaddressed security gap, by allowing security teams to extend access management and threat detection to the non-human identity layer,” said Alon Jackson, CEO at Astrix.

“It’s amazing to experience the tremendous adoption by security teams, as well as see Astrix’s capabilities become essential to their every-day security arsenal. We look forward to continuing to expand our capabilities and partnerships, allowing organizations to truly reap the benefits of third-party services, especially Gen-AI apps, without compromising security,” added Jackson.

The enterprise environment depends on a vast web of interconnected apps, supported with an average of 10,000 app-connections for every 1,000 employees. More so, with AI-powered apps being downloaded 1506% more than last year, and often connected by employees across departments without the security team’s knowledge, having visibility and governance into every third-party connection is virtually impossible.

While existing solutions focus on securing user-connections, Astrix focuses on securing app-to-app connections, allowing the enterprise to ensure their core systems are securely connected to each other and to third-party services.

“As a growing threat vector, there has been a shift in the market to focus on third-party connectivity,” said James Green, General Partner at CRV. “Astrix caught our eye for their innovative approach to extending IAM and threat detection to all non-human identities, giving unprecedented capabilities to manage the growing API-based third-party attack surface across all environments.”

“Partnering with Astrix from inception, we’ve seen the vast impact they’ve had on the industry in a short amount of time,” said Amit Karp, Partner at Bessemer Venture Partners. “From raising awareness to this growing attack surface to supporting some of the leading companies in the world, we’re excited for what’s to come as Astrix expands and continues protecting customers from the next supply chain attack.”

“The progress Astrix has made from seed funding to now is incredible,” said Jonathan Saacks, Managing Partner at F2 Venture Capital. “The company has made a mark on the industry already, and with the wealth of knowledge and experience from this team, we are confident they will continue to be the security asset every business needs and relies on in their toolbox.”


from Help Net Security https://ift.tt/wFo2sYc

0 comments:

Post a Comment