Tel Aviv-based cybersecurity startup Token Security has stepped out of stealth mode, having secured $7 million in seed funding for its platform to manage and protect machine identities.
Machine identities are the digital credentials used by machines, applications, services and devices to authenticate and communicate securely within a networked environment.
It is estimated that the average organization has 45 machine identities for every human identity. Managing and securing this plethora of identities poses a formidable challenge.
Traditional solutions focus on humans by creating lists of employees and contractors to manage system access. However, this method struggles to handle the increasing number of identities, which can lead to security risks.
Token Security shifts this focus to machines, monitoring their access and purposes, integrating with current systems and analyzing data to detect and prioritize threats.
“Legacy solutions deal with on-premise identities, which are mostly human. In the cloud and GenAI era though, identities are no longer human only, and they’re not in one place — they are all over the place,” explained Token Security cofounder and CEO Itamar Apelblat.
“The cloud is complex, and it’s evolving much faster than we can adapt to it. Attackers are leaving no stone unturned to find vulnerable identities. It’s well-known today that hackers don’t break in; they log in. We help security professionals regain control, while staying out of developers’ way,” he continued.
Apelblat cofounded Token Security in 2015 with CTO Ido Shlomo. Their backgrounds both include pivotal roles in Israel’s intelligence corps Unit 8200, blending startup innovation with corporate insights.
“We take the security organization all the way from being in the dark to remediating real risks and cutting down exposures to a minimum,” said Shlomo. “We discover, inventory and standardize data across identity and access management repositories. We cluster identities, credentials and entitlements for different teams … and prioritize the most critical identities and their vulnerabilities, reducing risk using remediation capabilities.”
Rona Segev, TLV Partners cofounder and managing partner, highlighted the necessity of evolving towards machine-first identity security.
“Today, machine-to-machine communication is the norm. Al creates new services with new identities, connections and permissions even with no humans in the loop,” she said.
“Organizations need to meet a seemingly impossible demand to sit firmly on two boats: they need to minimize security risks without jeopardizing operational integrity.”