SecureAuth: How This Authentication And Access Management Company Is Addressing a $25+ Billion Market

By Amit Chowdhry • May 26, 2023

SecureAuth is a company that is known as a leader in authentication and access management. To learn more about the company, Pulse 2.0 interviewed SecureAuth CEO Paul Trulove.

Paul Trulove’s Background

Paul Trulove

As CEO of SecureAuth, Trulove has the tremendous opportunity to drive the vision and strategy for the company as they embark on a new phase of growth.

“Just over 15 years ago, I was fortunate to stumble across an emerging area of cybersecurity, identity, and access management (IAM), when I joined SailPoint. I quickly developed a passion for the technology and spent the next 14 years driving the product vision for SailPoint with an amazing group of people,” said Trulove. “I finished my time at the company as Chief Product Officer, overseeing the product management responsibilities for SailPoint’s market-leading identity management portfolio. During my tenure at SailPoint, I helped the company navigate from a VC-backed startup, through a PE buyout, to its successful IPO on the NYSE in 2017.”

Early-stage start-ups and products were always a focus for Trulove. Before joining SailPoint, Trulove was formulating innovative product strategies, launching new products in early-stage ventures, and growing products into category leaders at a variety of technology companies including Newgistics, Sabre, and Pervasive Software.

“On a more personal note, while SecureAuth is based in SoCal, I still live in Austin, TX where I grew up – one of the few people in tech that can say that!” Trulove added.

Formation of SecureAuth

How did the idea for SecureAuth come together? Launched in 2005, the original vision for the company was to turn any enterprise into a provider capable of enforcing identity governance and access security in a single and cost-effective solution. Its early growth was fueled by the cloud and mobile phenomenon and the security requirements of these disruptive computing platforms.

As SecureAuth recognized a rapid transition in terms of customer needs in late 2021, the company acquired a startup called Acceptto which was working on several exciting innovations that fit with SecureAuth’s overall vision for next-generation IAM. Today, SecureAuth is a leading access management and authentication company whose mission is to deliver the most secure, seamless, and simple authentication experience for companies around the world.

SecureAuth was acquired by K1 Investments in 2017 and is part of their portfolio of category-leading SaaS companies.

Favorite Memory Working For SecureAuth

What has been Trulove’s favorite memory working at SecureAuth?

While Trulove is still relatively new to SecureAuth (he started as CEO in January of 2022), his favorite memory is seeing the team pull together to serve customers. And as an authorization and access management provider, the company is a critical path for customers and how they operate on a day-to-day basis. Watching the SecureAuth team go above and beyond to make sure the customers are taken care of is exciting to be a part of.

“I also enjoy getting to spend time in person with our remote-first team members. While everyone loves the opportunity to work remotely every day, seeing people face-to-face in our Irvine, CA or Buenos Aires offices – or at other events – is great for our company culture,” Trulove noted.

Challenges / Macroeconomic Climate

What are some of the challenges you face in building the company and has the current macroeconomic climate had any effect on the company?

“Every company has a unique set of challenges. At SecureAuth, we are no different. One of our unique challenges comes from the recent merger of the original SecureAuth organization and Acceptto. While both companies were founded for similar purposes and to serve similar customers, the teams and cultures were different. We are working on a wide range of programs to build a new SecureAuth culture that represents who we are today and who we want to become,” Trulove explained. “In addition, as a remote-first team, we have to work even harder to develop and reinforce our vision, strategy, and operational plans. Over the past year, I have worked closely with my senior leadership team to find creative ways to over-communicate with the geographically dispersed team.”

In terms of the macroeconomic climate, Trulove believes every company is experiencing some type of impact from the current environment.

“The good news is that for SecureAuth, the impact is more positive than negative. Organizations are still making investments in cybersecurity-related projects, which is fueling our growth. And, as other companies have been forced to reduce staffing, we are able to hire some of those great people to join us at SecureAuth,” Trulove pointed out.

Core Products

What are SecureAuth’s core products and features?

SecureAuth has two core products: SecureAuth IdP and Arculix by SecureAuth.

1.) Arculix is the company’s newest product and is based on the product acquired from Acceptto. It is a purpose-built authentication and access management solution backed by a powerful risk engine that eliminates passwords to deliver a frictionless experience with improved security. And the solution also extends the security of existing IdPs (like Microsoft, Ping, and OKTA) with its passwordless capabilities. Plus, Arculix enables organizations to exceed cyber insurance and ZTA compliance requirements. It is a multi-tenant SaaS solution that can also be deployed by customers in a private cloud environment.

2.) SecureAuth IdP is the company’s original product. It provides customers with a complete access management platform, including a wide range of authentication capabilities.

Both products target IT, Identity, and Security professionals at mid- to large-sized organizations that require the latest technologies such as passwordless, risk-based continuous authentication, device trust, and invisible MFA – to thwart the ever-growing number of credential-related attacks while making it a frictionless experience for users.

Evolution of SecureAuth’s Technology

For over a decade, SecureAuth has delivered authentication and access management solutions to large enterprises across the world. From an industry perspective, SecureAuth has served banking, finance, healthcare, government, technology, and retail organizations, but the solutions are not industry specific.

SecureAuth’s technology has evolved in 3 primary areas since launching. First, as cloud computing took off over a decade ago, many organizations quickly moved beyond the data center. SecureAuth had to evolve its solutions to be able to help users authenticate into new cloud platforms and SaaS applications.

Also related to the cloud, organizations started thinking about running their IAM platforms from the cloud or moving to SaaS-delivered solutions. This was the next big pivot for the company. SecureAuth offers its IdP product in its original form – as an installed and customer-managed solution – or as a cloud-hosted and managed solution by SecureAuth. Similarly, Arculix started out as a multi-tenant SaaS product, but it has evolved to support private cloud deployment for large customers with unique needs, and it can even be hosted by a customer on-premises in their data center.

The third area of evolution is driven by artificial intelligence and machine learning. From its inception, IAM has been plagued by manual processes and hard-coded rules and policies. To help companies break free from static authentication and access management solutions, the company adopted a novel technique to measure the level of assurance dynamically. It is based on a patented technique that calculates a dynamic level of assurance for every user by leveraging behavioral modeling. This approach delivers passwordless continuous authentication through anomaly detection and serves the objectives of both IT operations and security/risk mitigation teams, while also improving the user experience.

Most Significant Milestones

What have been some of SecureAuth’s most significant milestones?

SecureAuth navigated through numerous milestones over its almost 20-year history. For the original founding team, selling the business in 2017 to K1 Investments was a significant milestone. And more recently, acquiring Acceptto in November 2021 was a major turning point for the company as it set sights on driving changes to access management and authentication using AI/ML-based technologies. Plus, it also coincided with a new executive team stacked with IAM industry veterans being appointed.

Last year, the company launched Arculix, the company’s new risk-based passwordless continuous authentication. And this past January, the company was granted 7 new patents by the USPTO. These patents focus on their unique biobehavioral methods for authenticating a user’s claimed identity.

“Now more than ever, we are committed to providing customers with the most innovative solutions for protecting identities and the applications and data they access. I am very impressed with what the team at SecureAuth has accomplished in such a short amount of time and look forward to continuing the momentum in 2023,” Trulove pointed out.

Customer Success Stories

The SecureAuth Identity Platform and Arculix, the company’s passwordless continuous authentication solution, offer some of the most secure, flexible, and adaptable identity and access management products in the market. And they have the broadest set of features available across hybrid, on-prem, and cloud deployments.

A large retail chain known for its large, wilderness-themed stores and a wide array of hunting, fishing, and outdoor gear had implemented SecureAuth’s SSO and MFA capabilities to improve employee productivity and security. And the adaptive authentication solution provided the foundation needed to help them attain their Zero Trust initiatives.

SecureAuth has a publicly traded Asian e-commerce company that uses Arculix to secure its entire workforce using passwordless, mobile, and device trust capabilities. SecureAuth also has several customers in healthcare. In particular, one healthcare giant required improved physician efficiency and security for accessing their Electronic Prescriptions for Controlled Substances (EPCS). SecureAuth enabled the team to balance strong security with a fast authentication process.

Total Addressable Market

What total addressable market (TAM) size is SecureAuth pursuing?

The global Identity and Access Management Market will grow from an estimated $13.4 billion in 2022 to $25.6 billion by 2027, at a CAGR of 13.7% during the forecast period. And according to a Gartner 2021 report, Access is the largest and fastest-growing segment of IAM: $16 billion by 2025, according to a Markets and Markets report.

“In today’s increasingly digital world, identity, and access management is an important part of how people access technology safely and conveniently,” Trulove shared.

Differentiation From The Competition

What differentiates SecureAuth from its competition?

Arculix by SecureAuth is known as a purpose-built authentication solution powered by a data science approach to security that eliminates siloed processes that are built more for enablement, not security (e.g. VPN, VDI, SSO). And Arculix is differentiated from its competition in four main ways.

1.) Continuous authentication security throughout the user’s journey: Attain a more continuous, patented risk-based approach to authentication – not just during the event, but before authentication and post-authorization.

2.) Device Trust: Establish the root of trust at the device level, not merely at SSO. Secure both Mac / PC workstations and mobile devices and enable a robust audit trail showing all login attempts and a dynamic level of assurance risk score based on behavior, location, and a plethora of other risk factors.

3.) Invisible MFA: MFA fatigue and MFA bombing attacks are real. Invisible MFA technology delights users with fewer prompts yet strengthens security. Exceed cyber insurance and ZTA compliance requirements with next-gen methods.

4.) One Login and Done: Passwordless login once to access any file, any application, or any VDI from your desktop or mobile device without being asked to identify yourself again.

Future Company Goals

What are some of SecureAuth’s future company goals?

SecureAuth is looking to be a driving force in helping people use technology safely and easily. And as the world becomes increasingly digital, users are facing the daunting task of keeping up with a wide variety of user names, passwords, and other ways to authenticate into devices, applications, and data storage systems. Without a better way to provide access to these environments, security lapses are expected to get worse and users will become increasingly frustrated. SecureAuth wants to solve these issues.

“Our goals are to provide seamless and secure solutions that enable users of all types to gain access quickly,” Trulove concluded.