AuthMind, a Maryland-based startup that aims to help businesses protect themselves from identity-related cyberattacks, today announced that it has raised an $8.5 million seed round led by Ballistic Ventures, with strategic participation from IBM Ventures.
The company was co-founded by CEO Shlomi Yanai and CTO Ankur Panchbudhe. Both previously founded (and sold) a number of security startups before teaming up to launch AuthMind in 2020. With AuthMind, they are looking to make their mark in the booming identity security space. As Yanai told me, the co-founders talked to a lot of security professionals in the run-up to building AuthMind. "AuthMind started from ongoing discussions with identity and cyber leaders," he said. "The environment changed a lot and there are a lot of identity solutions out there -- and they invest a lot in identity security solutions. Most of these help them define the identity surface and make sure they enable employee access. But the key problem that they kept complaining about is: We've made all those investments, but at the end of the day, hackers don't hack in, they log in."
AuthMind promises to help these companies secure their identity surface and identify attacks and vulnerabilities in real time. It's doing so by, among other things, analyzing a company's network flow. Yanai argued that when a company integrates AuthMind, without knowing anything about that company's identities, assets and directories, the service can quickly build a holistic view of all of their cloud, on-prem, SaaS apps, password managers and more. "We do that by actually looking at the flow activity -- because everything is there," he said. "But what was missing was the identity context. We really understand the way identity is conducting the operation all the time on the flow activity level."
Image Credits: AuthMind
With this, the company can bring the identity context to almost everything that happens within a company's cybersecurity infrastructure and network. That, Yanai noted, is especially helpful during post-incident investigations.
Ballistic Ventures co-founder and general partner Jake Seid, who also previously invested in the likes of Brex, Data Robot, Carta, Drata and Zipline while at Stone Bridge Ventures, noted that he believes that the security perimeter has extended from the network to identify.
"We think the next generation of big new companies will not just be reinventing identity but then protecting identity. And Shlomi's vision of identity SecOps was really the most holistic that we've seen," he said. "It's not just about starting with protection through posture management and understanding misconfigurations, but then post-breach detection and response and doing it in a way that changes the model of security from 'ticket and fix it' to guardrails in production. We think that's a really profound model because it enables businesses to both be more secure and to move faster for engineering teams and business teams."
AuthMind co-founders Shlomi Yanai and Ankur Panchbudhe. Image Credits: AuthMind
IBM Venture's George Mina offered a similar assessment. "We continue to see an expanding attack surface across the identity infrastructure and beyond. AuthMind's ability to leverage AI to ingest and correlate network flows with event logs enables security teams to detect threats as they happen and visualize attack paths across hybrid environments," he said.
The founders started working on AuthMind in 2020 and then worked with design partners to get the solution right. Yanai noted that all of those original design partners later became paying customers. Today, AuthMind has a number of customers that manage tens -- and sometimes more than 100,000 -- identities across their networks. Many of these, he said, are in the insurance, manufacturing and retail industries, though as of now, they all want to remain anonymous.
Looking ahead the AuthMind team plans to focus on expanding its go-to-market capabilities. In the long run, the team also plans to look at other security-related areas its service can cover, including helping its customer with their security audits for various certifications. In the meantime, though, the company also plans to improve its core technologies, of course.