Ploy raises £2.5M to tackle identity sprawl with AI-powered access management

British cybersecurity startup Ploy has secured £2.5 million ($3.3 million) in seed funding to address the rise in the enterprise threat of identity-related breaches driven by untracked applications and fragmented access controls.

The round was led by Osney Capital with backing from Superseed, Tiny.vc, Rule30, and angel investors from ForgeRock, Digital Shadows, ZScaler, Rapid7, Egress and ComplyAdvantage.

Ploy has four employees and says it has already doubled its revenue; with plans to use the new funding to accelerate product development and expand its go-to-market strategy. As the global IGA market grows from $7.1 billion in 2023 to a projected $23.4 billion by 2032, Ploy is targeting how organizations secure and manage digital access at scale.

Founded by former Metomic executives Harry Lucas, who serves as CTO, and Jacob Prime, CEO, Ploy is targeting the underserved mid-market segment with an AI-powered Identity Governance and Administration (IGA) platform that automates access management across SaaS, cloud, and collaboration tools.

In short, Ploy is enabling automation for identity processes, with pre-built integrations and automated workflows. The Shoreditch, London-headquartered startup is targeting its solution for companies with up to 5,000 employees and which still manage identity through outdated or manual processes.

“With 80 percent of breaches now stemming from identity, boards are realising it’s the biggest area they need to prioritise in their security strategy,” says Jacob Prime, CEO and cofounder of Ploy.

“Spreadsheet-based access tracking is now a legal and security liability. They need real-time visibility into who has access to what, before attackers or regulators find the gaps. That’s exactly the problem Ploy solves.

The company says its solution cuts identity management time by up to 90 percent, allowing organizations to automate onboarding, offboarding, access requests and reviews in under 20 minutes. The funding arrives as identity becomes the dominant attack vector in cybersecurity.

“Identity sprawl has become a significant issue for organisations of all shapes and sizes, but particularly those with modern technology stacks; which often comprise hundreds, or even thousands, of SaaS applications,” says Joshua Walter, Partner at Osney Capital, who joins Ploy’s board.

“This breadth causes fragmented and distributed access and ownership of identity, without unified visibility or control, and is typically enabled using role-based access controls,” Walter continues. “Ploy’s just-in-time approach to access, making all access temporary by default, and identifying risks centrally in real-time, is becoming the only approach that scales with modern threats, ways of working and technology stacks.”

Ploy’s platform is a combination of modern cloud architecture with an embedded AI assistant named Luna, which helps security teams detect anomalies and make context-aware access decisions. The system has already secured over one million access entitlements and uncovered more than 26,000 SaaS applications across its customer base.

Customers such as Payfit, Not On The High Street, ComplyAdvantage, and Times Higher Education have reported major improvements in security posture, Ploy claims. Ellie Mental Health, a US-based organization, uses Ploy to detect risky access entitlements within seconds, an essential capability as it scales rapidly.

Article Topics

cybersecurity  |  enterprise  |  funding  |  identity access management (IAM)  |  identity security  |  Ploy  |  startup