Saturday, February 22, 2025

Hackers are focusing on machine identities. Token Safety simply raised $20M to cease them


The variety of machine identities is booming due to the expansion of cloud and AI – and it’s posing actual safety issues by giving hackers far more entry factors than ever earlier than. For instance, a 2023 hack of authentication app Okta was attributable to exploiting a service account whereas in 2024, Microsoft disclosed a serious hack primarily based on an previous check account.

Token Safety’s creation was sparked by precisely this type of safety threat: at a earlier job, Itamar Apelblat discovered that an previous service account for contractors nonetheless had full entry throughout all the group. When Apelblat, now CEO of Token Safety, informed his buddy and now CTO Ido Shlomo concerning the incident, they agreed that tackling the proliferation of those form of non-human accounts was vital.

Token Safety, which emerged from stealth earlier this 12 months and was based in 2023, has now raised $20 million in Collection A funding, the startup informed TechCrunch. Notable Capital (previously Golden Gate Ventures) led the spherical with participation from TLV Companions and executives from Palo Alto Networks, CrowdStrike, and Verify Level, bringing Token’s complete funding to $27 million.

Token Safety says its platform appears throughout an organization’s total tech stack to mechanically pinpoint machine identities and who’s chargeable for them, serving to prospects catch potential breaches earlier than they’ll occur. The startup, which informed TechCrunch it counts HPE as one in all its prospects, says most incidents it has helped stop concerned credentials that had been outdated or had extreme inside entry.

A key issue driving progress in machine identification safety is that these sorts of accounts could be considerably extra weak to hackers than human ones. In spite of everything, a human who leaves an organization usually has a transparent offboarding course of for his or her login credentials. However accounts created on the fly for particular initiatives, or that should shared by numerous contractors, don’t undergo these sorts of processes practically as usually.

“Hackers don’t break in; they log in,” Apelblat informed TechCrunch. “Enterprises have performed a very good job securing human identities with issues like multi-factor authentication, however automated techniques are completely different.”

The startup’s co-founders met at Israel’s Unit 8200 navy intelligence unit, a prolific supply of cybersecurity startup founders like these at Wiz, Snyk, and Apiiro, to call a couple of.

Apelblat labored on defensive safety on the unit whereas CTO Ido Shlomo led work towards nation state actors on the offensive facet – that’s, really entering into an enemy nation’s tech to assemble intelligence or disrupt their operations.

“Itamar and I met 16 years in the past after I helped him tie his bootlaces on our first day being recruited into Unit 8200,” Shlomo informed TechCrunch. “We’ve been just about inseparable since then, going via military service, college, and entrepreneurial ventures collectively.”

Machine identification safety is a scorching discipline in cyber. Final 12 months, Israel’s Oasis emerged out of stealth with $40 million to deal with related points. The largest deal within the area additionally occurred in 2024 when Israel’s CyberArk acquired U.S. agency Venafi for $1.54 billion.

Token Safety says it’s utilizing its new funding to relocate its headquarters from Israel to the USA, with Apelblat transferring there subsequent month. (The U.S. has a a lot greater enterprise safety market than Israel.) The corporate additionally plans to make use of the funding to broaden its platform’s AI safety capabilities and develop its govt staff, it informed TechCrunch.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles