Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


06:00 PM
Dark Reading
Dark Reading
Products and Releases

Authomize Secures $6M Seed Funding for Automated Authorization and Security

Authomize emerges from stealth to unveil its automated authorization governance and management solution.

TEL AVIV, Israel, June 23, 2020 --  Authomize, the cloud-based authorization management solution, today announced the launch of an Automated Authorization Governance and Management solution. Authomize enables organizations to manage and secure complex and vastly different applications across cloud and on-premise applications with precision and ease. Acting as a bridge between IT Ops and security teams, Authomize prevents permission sprawl and ensures adherence to security and compliance standards, significantly reducing IT's workload, while enhancing security posture.

Authomize also announced a $6 million seed round backed by Blumberg Capital, M12 Microsoft's venture fund, and Entrée Capital.

"We founded Authomize after seeing the chaos organizations experience when it comes to managing the authorization lifecycle," said Dotan Bar Noy, Co-founder and CEO at Authomize. "Current Identity Governance and Administration (IGA) tools lack the ability to provide the intelligence and automation needed to make informed and efficient decisions. With Authomize, IT and Security teams can make highly informed decisions or choose to automate processes, removing the need to compromise between IT efficiency and impeccable security hygiene."

In today's complex environments, critical organizational assets are increasingly spread across a constantly growing and changing number of SaaS, IaaS and on-premise applications. Human and machine identities are also multiplying at lightning speed, and this rapid growth in both human and non-human identities, together with the multitude of applications, results in operational burden and increased security risk which organizations are failing to control.

Authomize removes this challenge by delivering a holistic view of authorization across all scattered applications. It also grants deep granular visibility with prescriptive and corrective suggestions to enable organizations to take informed and fully automated actions. Authomize's solution dramatically reduces the burden on IT and secures identities by providing them with the exact right level of permissions, while also managing risk and ensuring compliance. 

"Many companies are in the dark about how to effectively manage authorizations," said Yodfat Harel Buchris, managing director at Blumberg Capital. "It can become impossible to manage and secure authorizations and identities, especially in today's workplace, with record numbers of employees working outside the perimeter. Authomize addresses this pain point with an innovative approach, enabling companies to keep growing and adapting to the rapidly changing norm without the security and operational risks."

Authomize has developed a unique technology called "SmartGroups", which aggregates data in real-time from multiple enterprise IT systems and dynamically infers the "right-sized" permissions. Using this data, the platform then offers predictive and prescriptive suggestions to IT and Security teams to enable them to take smart actions or automate processes.

"The team at Authomize has the right vision to ensure organizations are more productive, secure, and agile. Our digital environment has grown and become too complex for humans alone to manage and secure permissions without intelligent and automated processes," said Eran Bielski, General Partner at Entrée Capital. "We're thrilled to back Authomize on their journey to solve this monumental problem which plagues even the best of enterprises."

To learn how authorization is becoming the new perimeter, join us for a live webinar on July 14th at 2pm EST/11am PST, Gal Diskin, Co-founder and CTO of Authomize, Michael Coates, former CISO of Twitter and Yuval Cohen, former CISO of ServiceNow.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-22
This affects all versions of package jquery-ui; all versions of package org.fujion.webjars:jquery-ui. When the "dialog" is injected into an HTML tag more than once, the browser and the application may crash.
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege.
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack.
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...