Rezonate: Interview With CEO & Co-Founder Roy Akerman About The Identity Protection Company

By Amit Chowdhry • Nov 25, 2024

Rezonate is a company that empowers organizations to protect their identities by monitoring identity privileges and activity and enabling rapid remediation. Pulse 2.0 interviewed Rezonate CEO and co-founder Roy Akerman to learn more about the company.

Roy Akerman’s Background

What is Roy Akerman’s background? Akerman said:

I’m the CEO and co-founder of Rezonate, a fast-growing identity-centric security startup based in Boston and Tel Aviv. Before Rezonate, I headed Israeli Cyber Defense Operations, where I was responsible for defending Israel’s critical infrastructure and public companies against cyber attacks, cyber terror, and digital espionage. My mission during over 20 years of service was to develop cutting-edge technology and lead cyber defense operations. I was also part of the founding team of NISA, Israel’s equivalent of the NSA, and established alliances with numerous countries and business partners.”

“Eight years ago, I moved to Boston to pursue my MBA at MIT Sloan. Following that, I served as the VP of Product Incubation at Cybereason, where I founded three market-changing lines of business, including Cybereason’s flagship XDR product and its strategic partnership with Google Cloud. My journey has always been about pushing boundaries and innovating in the cybersecurity space around new challenges.”

Formation Of Rezonate

How did the idea for Rezonate come together? Akerman shared:

“The shift to the cloud has been monumental, even accelerating during economic downturns for cost-saving and efficiency. Traditional endpoint and network-centric security needed to evolve to include cloud-forward environments. Users and machines have become the new focal points for both defenders and attackers. With 85% of attacks stemming from compromised identities, it was clear the old systems were lacking the ability to sufficiently protect them. That’s why my partner, Ori Amiga, and I saw a unique opportunity to challenge these outdated approaches on both the cybersecurity and identity and access (IAM) sides with an innovative identity-centric security solution, leading to the founding of Rezonate.”

Favorite Memory

What has been Akerman’s favorite memory working for the company so far? Akerman reflected:

“It is always satisfying to surface and mitigate strategic and critical identity and access security issues upon the first days of a proof-of-concept (POC), bringing value to our customers on day one. However, one of my best memories is when, on the first day of a POC with a very large customer, our identity security posture and ITDR engine detected the beginning of a targeted, sophisticated attack on their admin. Luckily for the customer, they had just deployed Rezonate a few hours after an attacker cloned the SIM card of an admin, reset his password and MFA, and worked on laterally moving from the identity provider (IdP) to the cloud and on-prem (exactly as was done in the MGM attack). On that first day, we not only detected and stopped the attack, but the Rezonate platform found five different users who were susceptible to the same attacks and we mitigated the access risks, removing the opportunity for the attacker. We closed the deal on that same day.”

Core Products

What are the company’s core products and features? Akerman explained:

“At Rezonate, we offer a comprehensive cloud identity protection platform with key features:

  1. Unified Identity Visibility: Through our Identity Storyline, Rezonate provides the most complete view of who can access your cloud infrastructure and SaaS applications, how they are accessing these apps, and what risks or threats are impacting them, allowing for immediate action on any security issues.
  2. Identity Security Posture Management (ISPM): Rezonate streamlines compliance and enhances identity hygiene by continuously monitoring and optimizing security controls and integrating seamlessly with existing IAM and security tools.
  3. Identity Threat Detection and Response (ITDR): Proactively monitoring for suspicious access activity and identity compromise attempts, Rezonate offers real-time detection and response to protect against identity-related threats and prevent lateral movement.

These capabilities enable security teams to secure their digital ecosystems effectively, meet compliance requirements, and scale their security efforts with automation and insights.”

Challenges Faced

What challenges have Akerman and the team faced in building the company? Akerman acknowledged:

“As with any early-stage startup, our initial challenge was validating product-market fit and timing our market entry. We’ve seen significant validation that companies need a solution like Rezonate. Organizations struggle with deploying and maintaining legacy identity governance and administration tools and, at the same time, have lost confidence in some security tools. Many security teams lack the visibility and context to adequately measure risk, detect security issues, and prevent attacks. They’re now exploring solutions to identity security, and there is certainly a lot of noise and confusion in the space, with a lot of claim to fame (promised but under-delivered features), and the use of the same terminology and acronyms (i.e., ITDR) to convey very different capabilities.”

“Our challenge is ensuring these teams discover Rezonate and understand the value Rezonate’s platform brings, not just to IAM teams, but also to Security, GRC, and IT teams. We actively listen to our customers, learning from their experiences to continuously improve our solutions. This collaborative approach helps us address their specific needs and enhance our offerings to better serve them.”

Evolution Of Rezonate’s Technology

How has the company’s technology evolved since launching? Akerman noted:

“Since launching, Rezonate has significantly expanded its technology. We’ve integrated with more systems and applications, enhancing our visibility into the full identity storyline. We’ve also added robust risk profiling capabilities to help prioritize security efforts, and were one of the first in the market to offer remediation workflows to make the problems go away and not just blow the whistles of alerts.”

“As a natural extension of identity security posture management, we’ve added identity compliance capabilities to streamline those efforts, help our customers get a handle on their audit reporting, and improve their overall audit performance. For example, our new compliance dashboard allows continuous monitoring of identity security controls and their violations. This feature enables automatic and guided remediations, verification of compliance statuses, and navigation through major compliance frameworks such as ISO27001, SOC2 Type II, and NIST 800-53.”

“Most recently, we announced a strategic integration with CrowdStrike, expanding our ITDR capabilities to include endpoints and on-prem environments. This collaboration allows CrowdStrike to leverage our expertise as they extend into the cloud.”

“Looking ahead, we’re excited about the potential of AI innovations and the new possibilities they will bring to our customers. By continuously evolving and listening to our customers, we ensure that Rezonate remains at the forefront of identity security.”

Significant Milestones

What have been some of the company’s most significant milestones? Akerman cited:

“Ah, so many pivotal and exciting moments! A few that stand out for me are: 

  1. Securing our first customer, TX Group, early in our development process, and seeing how our approach quickly resonated with them. As one of our early adopters, they keep designing concepts and ideas while always sharing invaluable critical feedback to help us continuously improve.
  2. Launching our unique “Identity Storyline” which truly changes how identity and security leaders strategize on identity security, significantly reducing the time and effort required for risk reduction.
  3. Appointing our first VP of Sales in EMEA and establishing successful partnerships in non-English-speaking markets has been a highly fruitful endeavor. We recently onboarded two identity veterans from top industry leaders. It was thrilling to see their excitement and belief in Rezonate’s potential to be the next big thing as they committed to joining us on this journey.
  4. And, of course, being recognized as a Gartner Cool Vendor in Identity-First Security. Getting this recognition for our innovative approach from analysts who review dozens of companies, startups, and veterans is not only a strong validation but also a reflection of our efforts to create faster, smarter solutions.”

Customer Success Stories

When asking Akerman about customer success stories, he highlighted: 

“Absolutely! One of the core problems/challenges is that access management sometimes has “set-and-forget” symptoms. Early and often during the implementation, we find contractors or SaaS applications with an obsolete service or terminated POC that was still fully connected, some in an unprotected, insecure way, and with high privileges. In other places, we found activities by employees that were terminated. These critical findings and their mitigations reduce the attack surface tremendously, are taken very seriously by the security and IAM team, and earn a lot of confidence in our platform.”

“Sometimes, identity and access security operations can lead to savings in operational or licensing costs. For example, we have saved many organizations a great deal of their budget by flagging unused licenses, dormant accounts, and applications, as well as optimizing improper security log collections that were previously costly.” 

“Finally, with ITDR, we have ‘ruined’ a couple of ‘surprise’ pen-testing on our customers. Some drills that the security team or SOC were not supposed to know about, but once a pentester touched an identity or tried to take over some accounts, Rezonate alerted and stopped those attacks.”

Funding

When asking Akerman about the company’s funding details, he revealed:

“Rezonate completed a seed funding round in December of 2022. We are backed by incredible investors including Flybridge, Merlin, and State of Mind Ventures.”

Total Addressable Market

What total addressable market (TAM) size is the company pursuing? Akerman assessed:

“We are targeting a focused high-growth segment within the identity security market which, as of January 2024, Forbes reported that the total addressable market for identity security is $50 billion. This market is a high-priority area for cybersecurity spending, driven by the increasing frequency of identity-related breaches.”

“Within that market, the global Identity Threat Detection and Response (ITDR) market is projected to grow to $35.6 billion by 2029 according to MarketsandMarkets.”  

“Our focus is on delivering comprehensive solutions in Identity Security Posture Management (ISPM) and Identity Threat Detection and Response (ITDR). By leveraging these capabilities, we aim to capture a significant share of the growing identity security market and help organizations enhance their security posture across various environments.”

Differentiation From The Competition

What differentiates the company from its competition? Akerman affirmed:

“Rezonate adds an unparalleled layer of visibility and control over the existing identity infrastructure, covering a wide range of cloud platforms, SaaS applications, and identity providers. Our Identity Storyline is a game-changing feature that provides high-level views with granular depth into access pathways, privileges, risks, and exposures for all identities – human and machine- which is currently unattainable without extensive manual effort and data aggregation from various sources. We are providing a bridge between the cybersecurity team and the identity and access management team that closes the gaps allowing them to make faster, more compliant decisions and quickly respond to threats and risk as it happens.”

“What sets us apart is our fusion of proactive identity security posture management with real-time threat detection and response. And, we offer the ability to automate remediation or trigger actions into other systems across both functionalities. This integration of visibility, control, and automated response makes Rezonate a comprehensive solution that enhances the security posture of any organization without disrupting its existing infrastructure.”

Future Company Goals

What are some of the company’s future company goals? Akerman concluded:

“Identity is the most critical attack vector, and organizations are feeling the pain now more than ever. Our primary goal is to expand our team to grow our reach and maximize our positive impact on organizations. We plan to rapidly grow our marketing, sales, and development teams across North America and Europe over the next year. Our roadmap is focused on expanding SaaS and platform coverage, enriching our core capabilities with AI, and diving deeper into adaptive identity governance.” 

“Finally, we will be expanding our channel partner network. We aim to ensure that Rezonate remains at the forefront of identity security, providing comprehensive and effective solutions to meet our customers’ evolving needs.”