When it comes to the world of IT security, identity is often considered a “perimeter” around an organization. So many violations begin through techniques such as password theft, phishing and filling of credentials; Ergo, ensuring the identities not only of users, but also of applications and machines, is the key to protecting the entire system.
Easier to say than to do – as has shown the recent violation of security in the United States treasure. Now, Clutch Security-one of the Startup construction tools to focus on the space on non-human identity (machine)-ahead announcing $ 20 million in funding, underlining the demand on the market to deal with the problem.
Signalfire is guiding this round with the participation also by Lightspeed Venture Partners and Merlin Ventures, existing supporters who have invested in its previous $ 8.5 million seeds. Clutch said it would use funding for research and development, product development and to expand their business development.
Clutch TODAY has additions with almost 60 infrastructure, applications and identity services provides more popular with businesses. Follow a variety of data that these use to interface with each other, including bees keys, service accounts, “secrets”, tokens and other credentials. The Clutch platform provides services such as network visibility, posture and risk management, life cycle management, through a zero atrigre approach. There is room to cover much more: the average number of identity of machines in a typical large enterprise has increased in the last two years, from 320,000 in 2022 to 1 million in 2024, according to Venafi’s research (a competitor of Clutch’s) .
Clutch’s attention on the violations of the perimeter, by coincidence, was born when another perimeter was violated. Tel Aviv’s startup was founded in October 2023, more or less in the wake of Israel is attacked by Hamas and, in turn, go to war against it in Gaza.
The CEO Ofir Har-Chen-Che co-founded the clutch with Sagi Haas and Tal Kimhi (pictured above; Har-Cen is far on the left)-said that building a company at that moment was a blessing And a curse. On the one hand, people were very distracted and anguished by the events they were taking place, and many were not simply available to work, while they were entering positions in support of the situation at hand, many join the military. On the other hand, for those who worked, he certainly concentrated their minds.
He said that the company fought to hire anyone at the beginning, facing his first employees finally in February. But then, he built his first minimum product. “I would say that we probably have one of the best engineering teams in Israel, because everyone is veterans in space,” he said. Har-Cen is among those veterans: he spent 20 years to work in a series of technical and executive roles of IT security, both within the Israeli government and in private companies. (Haas and Kimhi in the meantime are Axonius alumi, another computer company.)
The problem that Clutch has decided to pursue, in the meantime, is “an old one like time”, Har-Cen continued. Windows Active Directory service accounts have been examples of which the identity of the machine can be exploited by harmful hackers, and these have been in operation since 1994, he said. “There is nothing new here.” But the advent of cloud computing and the explosion of the software as a service such as the main way in which applications are used, he added, “he exacerbated the problem”.
Add to this the entry of AI, and in particular artificial intelligence agents, which have become the most recent goal for harmful hackers.
“I think we are seeing the pendulum oscillating from the human being as a weaker connection, to the non -human or the machine,” he said. “Artificial intelligence agents are now quickly adopted in the company, replacing manual tasks carried out by humans.” He said he believes that there will be a greater influx of attacks that aim to compromise these agents, “just a proliferation of attacks”.
Clutch is far from the first company to identify the problems here. The crowded market includes artists of the caliber of Semperis, who last year collected an evaluation of $ 1 billion to focus only on that Active Directory Legacy problem; Astrix Security, which collected $ 45 million last December; Oasis, a lively Israeli startup that collected $ 40 million a year ago; Cyberark, who acquired the Venafi machine safety company for over $ 1.5 billion last year; Silverfort, who is adopting a holistic approach to identity; and token security, which also collected $ 20 million days ago.
The speed with which the clutch is building is one of the reasons why investors are particularly interested in this startup (or next to it) to all these others. “What Clutch has achieved in such a short time is remarkable: they are not just building an innovative platform, they are remodeling the entire sector,” said Guru Chahal, partner of Lightspeed Venture Partners, in a note. “Their work is already pushing computer security significantly and when companies begin to embrace the agent, I believe that Clutch will be transformative.”
