Astrix Security is the first platform designed to control and manage the lifecycle of non-human identities, enabling enterprises to manage their NHI attack surface and prevent supply chain attacks. Pulse 2.0 interviewed Astrix Security co-founder and CEO Alon Jackson to gain a deeper understanding of the company.
Alon Jackson’s Background
What is Alon Jackson’s background? Jackson said:
“I started my professional career as a major in the Israeli 8200 unit where I served for more than 8 years. I was head of cloud initiatives and led over 100 people. I knew I liked working in the security industry but also had an urge to create something innovative. Before founding my own company (Astrix), both my co-founder Idan Gour, and I knew we wanted more experience so we both left the 8200 unit and leapt into the private sector. I worked at Argus as head of research & development where I hacked into cars and worked primarily on the offensive side of things. A few years later, Idan and I joined forces again to create Astrix Security.”
Formation Of The Company
How did the idea for the company come together? Jackson shared:
“While in the Israeli 8200 unit for almost a decade, Idan and I became friends and had an idea to start our own security company. We each took professional jobs to gain more experience and then took a few months off for ideation, learning about startups, etc. During that time we saw that there are a lot of security tools out there that help with user access management but not one tool to help secure machine and automated connections (APIs, OAuth tokens, etc.) We were starting to see how everything was interconnected, especially with the emergence of AI – and there we saw our opportunity.”
Favorite Memory
What has been your favorite memory working for the company so far? Jackson reflected:
“The most memorable thing I’ve done so far with Astrix was being named an RSA Innovation Sandbox finalist and presenting on stage amongst other top startups in our industry. The RSA Conference is known for this startup competition so to be recognized as one of the 10 boldest new innovators in the industry was an incredible acknowledgement and privilege. I’ll never forget that moment of walking onto the Innovation Sandbox stage to pitch to the panel of cyber experts what Astrix is all about and the problem we’re solving – that’ll be ingrained in my memory bank forever.”
Core Products
What are the company’s core products and features? Jackson explained:
“Astrix Security provides enterprise customers like Agoda, Priceline, Netapp, and Figma, with the industry’s first solution that’s purposely built to manage and secure non-human identities and access. The solution’s holistic visibility into all non-human identities automatically detects and remediates over-privileged, unnecessary, and malicious access to prevent supply chain attacks and data leaks. The Astrix platform helps security teams seamlessly remediate risky access with automated workflows integrated into their organization’s daily IT service management tools.”
Challenges Faced
What challenges have Jackson and the team faced in building the company? Jackson acknowledged:
“Astrix Security was born from an idea that no one else was addressing, which immediately challenged us to build an entirely new market and define its meaning and scope. We worked with analysts to coin the term “non-human identities (NHIs)”, and started educating this new market about NHIs and the risks they pose to organizations. While this journey was incredibly exciting and we knew we were on the verge of something groundbreaking, it also came with a significant sense of responsibility. We were creating the first solution to tackle this identity issue, navigating our customers’ immediate needs while also forecasting the future threat landscape within this emerging sector and strategizing how to anticipate those changes.”
Evolution Of The Company’s Technology
How has the company’s technology evolved since launching? Jackson noted:
“As the threat landscape has changed, so too has Astrix’s technology. Foundationally, Astrix Security is the industry’s first solution purposely built to manage and secure non-human identities and access, even before this gap was understood. Using an agentless approach, Astrix allows security teams to quickly discover all their non-human identities in one place, and automatically detects and remediates over-privileged, unnecessary, and malicious access that exposes their organizations to attacks. Now, with AI driving the proliferation of API keys, service accounts, and other NHIs in the enterprise, our mission has never been so critical and complex. The Astrix platform will go beyond governance to ensure secure access of human and non-human identities to the enterprise’s most sensitive environments and data.”
Significant Milestones
What have been some of the company’s most significant milestones? Jackson cited:
“Astrix has been grateful enough to experience many milestones in just being a 3-year old company. From recently securing its Series B Funding round with lead investor Menlo Ventures and Anthropic (as part of their new Anthology fund) to uncovering a zero-day vulnerability in the Google Cloud Platform (GCP), now dubbed “GhostToken,” that allowed a malicious app to become invisible and unremovable, effectively leaving a Google user’s account infected with a backdoor app forever. We were recognized by Gartner as a Cool Vendor in Identity-First Security and were an RSA Innovation Sandbox finalist in 2023. We were also very proud to host the first-ever NHI Security Conference last year with the Cloud Security Alliance (CSA) in New York and presented a joint survey that revealed critical gaps in NHI protection. We also just recently led and contributed to the recent OWASP NHI Top 10. We’ve been lucky enough to have an incredible team that created a lot of “firsts” in this space.”
Customer Success Stories
When asking Jackson about customer success stories, he highlighted:
“Yes, we work with many Fortune 500 companies and large enterprises including Workato, who face the growing challenge of managing non-human identities in a cloud-first environment, where service accounts, third-party integrations, and extensions proliferate. With Astrix, Workato achieved what Senior Director of Business Technology and Cybersecurity Shyam Bhojwani describes as a “360-degree overview” of their NHIs. “That’s huge for us,” he says. “Building this level of visibility in-house would have been extremely tough, but Astrix makes it easy.” The platform provided critical insights into how NHIs interact across the company’s ecosystem, from third-party apps to vendor relationships. You can read more about our relationship here.”
Funding
When asking Jackson about the company’s funding details, he revealed:
“Yes, we recently closed a Series B round led by Menlo Ventures through their Anthology Fund, a strategic partnership with Anthropic, alongside Workday Ventures and previous investors Bessemer Venture Partners, CRV, and F2 Venture Capital – bringing the total funding raised to $85M for Astrix.”
Total Addressable Market
What total addressable market (TAM) size is the company pursuing? Jackson assessed:
“Our target market consists of organizations with 1,000+ employees, technology-oriented that are cloud-first or are moving to the cloud, from all verticals with a focus on the following: computer games, computer HW, computer networking, computer and network security, computer SW, E-learning, financial services, information technology and services, internet, and online media.”
“We are equally targeting commercial accounts (1,000 – 5,000 employees) and enterprise accounts (5,000+ employees). While our current focus is North America, we are now expanding to other markets like EMEA. Our overall market reaches tens of thousands of organizations worldwide.”
Differentiation From The Competition
What differentiates the company from its competition? Jackson affirmed:
“Since its founding in 2021, Astrix has dedicated itself to securing enterprises’ most vulnerable entry points and contributing to the evolving field of non-human identity security, including coining the term, “non-human identities ”. Now, with AI driving the proliferation of API keys, service accounts, and other NHIs in the enterprise, our mission has never been so critical and complex.”
“While other startups followed our steps in capitalizing on the NHI gap, we continue to lead the way with a proactive approach to security, going beyond posture and providing our customers a threat-driven solution to the NHI threat. From near-real-time anomaly detection to third-party breach response and policy enforcement, our solution continues to innovate and help companies not only manage NHIs, but also secure them.”
Future Company Goals
What are some of the company’s future company goals? Jackson concluded:
“As a company, we want to continue our trajectory of leading the industry and solving future problems posed to the NHI market. As I mentioned before, agentic AI is projected to make at least 15% of day-to-day work decisions (Gartner). With organizations increasingly relying on “virtual employees” to help support human workflows, the very definition of the “workforce” will evolve, forcing enterprises to rethink their current identity and access management strategies. To continue our mission in securing the enterprise’s largest identity blindspot, we will push boundaries in enhancing our platform to tackle new identity risks posed by AI agents and other NHIs that emerge in the future.”
