Identity management is one of the most common fulcrums around which security breaches have pivoted in the last several years, and one of the main reasons it’s the gift that keeps on giving to malicious hackers is that it’s a nightmare for organizations to track. A security startup founded in Tel Aviv called Linx has been quietly building technology using AI and analytics to address this, and today, on the back of picking up customers in stealth mode, it’s coming out into the open with $33 million in funding to take on the challenge of identity management more aggressively.
Linx’s funding is being announced in a single sum, but more specifically it’s coming in two tranches that speak to its momentum while in stealth. The latest is $27 million co-led by Index Ventures and Cyberstarts; prior to that Linx raised $6 million led by Cyberstarts.
Other investors in Linx speak to the founders’ reputation in the Israeli security community: they include Mickey Boodaei (Imperva, Trusteer, Transmit), Rakesh Loonkar (Trusteer, Transmit), and Assaf Rappaport and Yinon Costica (Wiz, Adallom). Other investors in the round are Cerca Partners and Knollwood Investment Advisory.
Linx Security has been around for just over a year and it has an interesting backstory. The two co-founders, Israel Duanis (CEO) and Niv Goldenberg (CPO), originally met and became friends as so many others do in the world of Israeli tech: they were enlisted together in the army in the 8200 cyber unit. They were not the only ones in that particular cohort: Assaf Rappaport and the other Wiz founders were also in that group.
Both Duanis and Goldenberg went on to work for cybersecurity companies, Checkpoint Software in the case of Duanis and Adallom, Microsoft and Transmit for Goldenberg; and Duanis also later ranged away from the space, founding, running and eventually selling (to Via) an automotive fleet management tech company called Fleetonomy. Yet Duanis still felt like there was something in security that he needed to do.
“When I looked at past 20 years I felt like ID has always been overlooked,” he said in an interview. At Checkpoint, he recalled, access mgmt and permissions were essentially IT issues, not security, “but so many attacks now are ID-driven.” A quick look at some of the most high-profile breaches of the last several years – Equifax, T-Mobile, Snowflake to name just a few – underscores how identity, specifically ungoverned credentials could be exploited by malicious haciers. “These were all credentials issues,” said Duanis.
Their bet was that a platform that could understand and fix this from the perspectives of compliance, security and efficiency “could create a real impact,” he said.
“Today identity is the new perimeter, and so you need to address that.”
Ultimately, the Rappaport Rapport – heh – was pretty strong. When Duanis told Assaf he was thinking about forming a startup to focus on ID management, Duanis tells me that it was Assaf who introduced him to Gili Raanan at Cyberstarts — kind of a kingmaker in Israeli cyber. The seed deal was done within 24 hours and thus Linx Security was born.
With Linx coming out of stealth only today, the company is not disclosing any names of customers, nor a huge amount of detail about how it works, but the basic idea goes a little something like this:
Organizations today typically use or have used hundreds, if not thousands, of different apps and software. Each will require user authentication to access, but when an app is no longer used regularly, or when workers come and go, a business might not comprehensively eliminate all of the identity information that comes with the waxing and waning of any particular app or worker.
Over time, the organization can start to accrue a massive stockpile of so-called ungoverned identity information, and that soon becomes a big liability: sitting there, ignored, until a malicious actor picks one up and uses it to access the whole system.
Linx’s approach is to use analytics and AI to scan and understand the wider landscape of an organization’s system to link (hence the name) all identities up together and to actual, active employees. In the process it also finds IDs that are no longer connected to active users so that they can be removed.
The resulting data then becomes a map that can be used to track the system over time, and thus when an ID is picked up and used unexpectedly, you’ll know it’s happening.
Although AI has quickly become a hackneyed and likely misused term in tech, Duanis said that Linx’s use of it is very targeted. “AI is overused as a term,” he admitted, “but I think that once you’re able to take the essence of [a network] and to be able to run [algorithms] very quickly on the development side, to use that power to provide suggestions and automations, I think that has created a real impact, and a place for a real change in the way that people manage today.” He said that typically the work that could have taken months to do to weed out ungoverned identities can now be done “in hours.”
Raanan at Cyberstarts made the deal to back Linx quickly because of how he could see the market evolving.
“Identity is the top threat vector for the modern enterprise,” he said in a statement. “Identity teams under the CISO, are struggling to cope with a growing number of tasks and suffer from antiquated legacy solutions.”