Astrix Security, the enterprise’s trusted solution for securing non-human identities, has secured $25 million in Series A funding led by CRV with participation from existing investors Bessemer Venture Partners and F2 Venture Capital. This new investment brings Astrix’s total funding to almost $40 million.
Fueled by the increased adoption of automation and generative AI initiatives, the enterprise’s connectivity to third-party applications is growing, resulting in an increase in cyber attacks targeting non-human app-to-app connections (via API keys, access tokens, service accounts, etc.) – as seen in high profile attacks against CircleCI, Mailchimp, GitHub, Microsoft, and Slack.
Despite financial instability within the market, Astrix is experiencing exponential year-over-year growth and momentum as a leader in securing this growing threat vector. The company recently added Figma, Priceline, Bloomreach, Rapyd and many others to its customer roster and was recognized as a finalist in the 2023 RSA Innovation Sandbox contest. The business also doubled its headcount, and will use this funding to continue expanding the team in both the U.S. and Tel Aviv offices, including its research team who recently discovered GhostToken, a critical 0-day vulnerability in the Google Cloud Platform.
“We founded Astrix to close a significant and unaddressed security gap, by allowing security teams to extend access management and threat detection to the non-human identity layer,” said Alon Jackson, CEO and co-founder at Astrix. “It’s amazing to experience the tremendous adoption by security teams, as well as see Astrix’s capabilities become essential to their every-day security arsenal. We look forward to continuing to expand our capabilities and partnerships, allowing organizations to truly reap the benefits of third-party services, especially Gen-AI apps, without compromising security.”
The enterprise environment depends on a vast web of interconnected apps, supported with an average of 10,000 app-connections for every 1,000 employees. More so, with AI-powered apps being downloaded 1506% more than last year, and often connected by employees across departments without the security team’s knowledge, having visibility and governance into every third-party connection is virtually impossible. While existing solutions focus on securing user-connections, Astrix is the first solution to focus on securing app-to-app connections, allowing the enterprise to ensure their core systems are securely connected to each other and to third-party services.
“As a growing threat vector, there has been a shift in the market to focus on third-party connectivity,” said James Green, General Partner at CRV. “Astrix caught our eye for their innovative approach to extending IAM and threat detection to all non-human identities, giving unprecedented capabilities to manage the growing API-based third-party attack surface across all environments.”
“Partnering with Astrix from inception, we’ve seen the vast impact they’ve had on the industry in a short amount of time,” said Amit Karp, Partner at Bessemer Venture Partners. “From raising awareness to this growing attack surface to supporting some of the leading companies in the world, we’re excited for what’s to come as Astrix expands and continues protecting customers from the next supply chain attack.”
“The progress Astrix has made from seed funding to now is incredible,” said Jonathan Saacks, Managing Partner at F2 Venture Capital. “The company has made a mark on the industry already, and with the wealth of knowledge and experience from this team, we are confident they will continue to be the security asset every business needs and relies on in their toolbox.”
The Astrix Security Platform is the first solution to provide holistic visibility into all non-human connections and identities. Astrix provides a consolidated, comprehensive view of all the internal and third-party integrations within a business environment, as well as all access keys in use (i.e., API keys, OAuth tokens, service accounts, and webhooks) and the permissions and level of access granted to each one. With Astrix, businesses can extend their identity threat detection and response capabilities to non-human identities by continuously running behavioral analysis of internal and third-party apps connected to core SaaS, IaaS and PaaS systems to detect anomalies that may indicate compromised access tokens and automatically remediate risky connections.
About Astrix Security
Founded in Tel Aviv in 2021, Astrix Security helps cloud-first companies defend against a new generation of supply chain attacks. Astrix provides holistic visibility into all non-human connections and identities – automatically detecting and remediating over-privileged, unnecessary, misbehaving and malicious app-to-app connections to prevent supply chain attacks, data leaks and compliance violations. Led by two veterans of the Israel Defense Force 8200 military intelligence unit, CEO Alon Jackson and CTO Idan Gour, Astrix’s team is rapidly expanding. Astrix has raised nearly $40M in funding, with a Series A led by CRV, and additional investments from Bessemer Venture Partners, F2 Venture Capital, Venrock and Kmehin Ventures. Learn more at https://astrix.security or follow us on LinkedIn.
About CRV
CRV is a venture capital firm that invests in early-stage startups. Since 1970, the firm has invested in more than 500 startups at their most crucial stages, including Airtable, DoorDash and Vercel. Founders need more than capital to build a great company. It takes a partner who understands the entrepreneurial journey and knows what it takes to win. From founding to IPO and beyond, CRV is there every step of the way. Founders rely on CRV to be trusted, long-term, committed partners, which has helped make CRV into one of the longest-running venture capital firms in the world. Learn more about CRV and the companies shaping the future at https://www.crv.com.
About Bessemer Venture Partners
Bessemer Venture Partners helps entrepreneurs lay strong foundations to build and forge long-standing companies. With more than 145 IPOs and 300 portfolio companies in the enterprise, consumer and healthcare spaces, Bessemer supports founders and CEOs from their early days through every stage of growth. Bessemer’s global portfolio has included Pinterest, Shopify, Twilio, Yelp, LinkedIn, PagerDuty, DocuSign, Wix, Fiverr, and Toast and has $20 billion of assets under management. Bessemer has teams of investors and partners located in Tel Aviv, Silicon Valley, San Francisco, New York, London, Hong Kong, Boston, and Bangalore. Born from innovations in steel more than a century ago, Bessemer’s storied history has afforded its partners the opportunity to celebrate and scrutinize its best investment decisions (see Memos) and also learn from its mistakes (see Anti-Portfolio).
About F2
F2 Venture Capital is a Tel Aviv-based VC firm that invests in early-stage technology companies on the cutting edge.
Our team members have been investors, operators, and engineers in startups and multinational giants that changed the game over the last twenty years. With $500 million assets under management and personalized support, F2 powers visionary founders on their bold missions. F2 also operates Israel’s most active pre-seed investment platform, to back founders with guidance, network, and capital from day zero. More details @ www.f2vc.com