NHIs see new funding, products and security approaches

Non-human identities (NHI) like AI agents now outnumber human users in many organizations. Companies are coming up with products to ensure they can be managed securely.

AuthMind announces $19M financing round

IBM-backed identity security startup AuthMind has received a $19.3 million seed round led by Cheyenne Ventures.

Headquartered in the U.S. and India, the company allows tracking both humans and non-human agents and their activities across fragmented environments, including multi-cloud, hybrid and SaaS. The startup is calling this the “observability-based” approach and says it allows organizations to detect risks and attacks by zooming in on identity security blind spots and infrastructure gaps which can be exploited by hackers.

“AuthMind is redefining identity protection by providing continuous, context-driven observability, posture management, and threat detection for all identities and their access paths across multi-cloud, SaaS, and on-premises environments,” says AuthMind CEO Shlomi Yanai.

The financing round will be used towards improving AuthMind’s products and expanding its market reach, he adds.

Other participants in the round include investors at Black Opal Ventures, K2 Access Fund, the Jefferies Family Office, Silver Buckshot Ventures and Blu Venture Investors. Existing investors Ballistic Ventures and IBM also participated in the latest funding after being part of a 2023 seed investment of $8.5 million.

Last year, AuthMind signed an OEM agreement with IBM to introduce identity threat detection and Identity Security Posture Management (ISPM) capabilities to its customers through IBM Verify Identity Protection.

Aembit discusses how to protect non-human identities

Non-human identities (NHI) now outnumber human users in organizations with a ratio of 92:1, according to some sources. The rising numbers of NHIs coupled with increasingly complex environments in which they operate are now becoming a challenge to security teams, which have to tackle credential sprawls, privilege mismanagement and security blind spots.

One example is the 2022 Okta breach which impacted Cloudfare, Apurva Dav, chief marketing officer at identity company Aembit. Dav spoke about a webinar organized last week by the Identity Defined Security Alliance (IDSA) targeted at security specialists working with NHIs.

From a technological standpoint, organizations are using different tools to manage NHIs including cloud provider IAMs, secret managers, password managers, spreadsheets and other means.

“There’s a raft of things that can go wrong,” says Dav. There is a lot of potential risk in this massive attack surface that you’re trying to protect.”

Organizations can choose to work in reactive or proactive ways to solve issues that may arrise.

Reactive approaches include scanning for secrets and then creating a ticket which has to be handled by security teams. Credentials are rotating only after incidents while access reviews are conducted infrequently. The result is that security teams play catch-up, developers endure disruptive fire drills while engineers get pulled away from productive work.

“That’s okay for non-sensitive environments,” says Dav.

In comparison, a proactive approach will include building security into the system from the start, using short-lived tokens that don’t require rotation and introducing automated trust verification each time an NHI connects. Policies such as identity verification and posture checks are continuously enforced and the burden is offloaded from developers.

Dav also provided a proactive approach example from cloud-based data storage company Snowflake and concluded the webinar by listing five patterns for proactively securing NHIs.

SandboxAQ, DocuSign and Descope present new products for NHIs

Cybersecurity firm SandboxAQ has released a new platform designed to manage and secure non-human identities (NHIs) as well as cryptographic assets used by AI agents such as keys, certificates, algorithms and libraries.

Aside from keeping track of their inventory, the AQtive Guard platform allows organizations to orchestrate automated remediation workflows and enforce protection policies such as credential rotation or certificate renewal.

The U.S.-based firm also announced a technical integration with the CrowdStrike Falcon cybersecurity platform which will allow customers to gain insight into their NHIs, cryptographic inventories and vulnerabilities by pulling data directly from CrowdStrike endpoints. Aside from the integration, SandboxAQ is adding Palo Alto Networks’ firewall logs directly into AQtive Guard, the company says in an announcement.

DocuSign, on the other hand, has launched AI contract agents, which will analyze agreements to locate risks and issues that may require human intervention.

The agents will be part of DocuSign’s Intelligent Agreement Management (IAM) platform powered by AI engine Iris which leverages the company’s knowledge in contracts and agreements. The first AI contract agents will be available by the end of 2025 and focus on procurement and sales workflows, the company says.

DocuSign’s AI agents represent another expansion beyond its e-signature business. According to its CEO Allan Thygesen, the company plans to lean into IAM and build an ecosystem around it. This includes intelligent agreement repository Docusign Navigator, automated workflow builder Docusign Maestro and the DocuSign App Center, where customers can access third-party apps.

Descope has launched an Agentic Identity Hub to help organizations address authentication and authorization challenges related to AI agents.

The Hub provides scalable connections between AI agents and over 50 third-party tools and enterprise systems, and is part of Descope’s no or low-code external IAM platform, according to the announcement.

“The Agentic Identity Hub provides a set of tools to help developers spend more time on the interesting work of building and fine-tuning their AI systems and hardly any time on the nitty-gritties of authentication and access control,” says Descope Co-founder and CEO Slavik Markovich. “True enterprise AI adoption won’t happen without a robust, interoperable identity infrastructure working behind the scenes, and we’re excited to be a part of that infrastructure.”

Descope raised an impressive $53 million seed funding round in 2023.

Article Topics

Aembit  |  AI agents  |  AuthMind  |  cybersecurity  |  Descope  |  digital identity  |  DocuSign  |  identity access management (IAM)  |  non-human identities  |  SandboxAQ