Again in 2018, Refael Angel, a former safety software program engineer at Intuit, had an concept for a brand new method to guard encryption keys — the random string of bits created to scramble and unscramble knowledge — on the cloud. He met with Shai Onn after which Oded Hareven, with whom Angel had labored 5 years earlier, to search for indicators of product-market match. After discovering it, the three co-founders collectively constructed a service for managing passwords, API keys and digital certificates, which advanced into a totally fledged enterprise — Akeyless — over the course of the following a number of years.
At the moment, Akeyless is flourishing, Angel tells me — regardless of fierce competitors from incumbents like Hashicorp Vault, AWS Secrets and techniques Supervisor and Google Cloud’s Secret Manager. Akeyless has prospects throughout the retail, fintech, insurance coverage and gaming sectors, amongst others, together with Wix and Outbrain. And the corporate’s income has elevated 350% over the previous 12 months.
“The pandemic and ensuing workforce traits, similar to work-from-home initiatives, have solely elevated the necessity for workers to entry company IT sources remotely and have accelerated the adoption of cloud applied sciences and elevated the variety of secrets and techniques wanted,” Shai advised TechCrunch in an electronic mail interview. In software program growth, “secrets and techniques” consult with credentials like passwords and entry tokens. “Equally, the financial downturn and tech slowdown stand to solely additional encourage organizations to hunt software-as-a-service-based options that supply sooner deployment, low to zero upkeep, world auto-scalability, decrease whole value of possession and better adoption charges.“
To put the groundwork for future development, Akeyless immediately closed a $65 million Collection B spherical — $45.5 million in fairness and $19.5 million in debt — led by NGP Capital with participation from Team8 Capital and Jerusalem Enterprise Companions. Bringing Akeyless’s whole funding to this point to $80 million, the brand new capital provides the corporate at the very least two and a half years of runway and will likely be put towards varied gross sales, advertising, customer support and product growth initiatives, Hareven stated by way of electronic mail.
“It will permit us to navigate the present financial local weather and proceed to offer our much-needed answer to the market,” he added.
Akeyless’s co-founders attribute the startup’s success partly to the comprehensiveness of its product choices. Akeyless each encrypts and indicators the certificates, credentials and keys that organizations use to offer entry to their techniques, apps and knowledge. The platform performs cryptographic operations utilizing fragments of an encryption key that reside throughout completely different areas and cloud suppliers. The fragments are by no means mixed — not even in the course of the encryption and decryption course of, Hareven claims — and one of many fragments is created on the shopper aspect to make sure Akeyless has zero information of the keys.
The core downside Akeyless makes an attempt to sort out is what Hareven refers to as “secret sprawl.” As an organization’s IT atmosphere expands, so does the quantity of passwords, API keys and certificates that the corporate makes use of to allow authentication between processes, companies and databases, he notes. These passwords and keys are present in code, configuration information and automation instruments, introducing threat that might lead to knowledge breaches.
In keeping with a 2021 survey from code safety platform GitGuardian, three code commits out of 1,000 expose at the very least one secret. GitGuardian estimates that app safety engineers on common must deal with over 3,400 secrets and techniques occurrences. And in a separate report from Forrester printed in the identical 12 months, builders revealed that 57% of their employers skilled a safety incident associated to uncovered secrets and techniques inside the previous two years.
Akeyless’s answer is centralizing secrets and techniques via plug-ins for present IT, dev, and safety instruments and capabilities like catastrophe restoration, Hareven continued. Secrets and techniques saved by the platform are made accessible in all of an organization’s environments.
“Whereas fashionable secret administration options tackle the safety challenges of [development] environments, many organizations are nonetheless compelled to depend on siloed and disconnected instruments for securing secrets and techniques in legacy environments,” Hareven stated. “Our prospects are expressing a necessity for the convergence of legacy instruments to scale back dangers and enhance compliance throughout all environments and use circumstances.”
Akeyless definitely occupies a big and worthwhile sector — Grand View Analysis predicts that the marketplace for password administration software program will likely be value as much as $2.05 billion by 2025. However it’ll must fend off rivals like Doppler, which lately raised $20 million for its platform to assist firms handle their app secrets and techniques. One other problem will likely be convincing holdouts to embrace secrets and techniques administration as a self-discipline; based on one report, solely 10% of organizations have been utilizing secrets and techniques administration options as of 2019.
If Akeyless’s co-founders have issues, they didn’t present it. On the contrary, Hareven pointed to the group’s observe report in cybersecurity — Onn’s earlier safety enterprise, Fireglass, was acquired by Symantec for $250 million — and famous that Akeyless is increasing, with plans to double its 80-person workforce by the tip of subsequent 12 months.
Hareven didn’t point out throughout our dialog, however Akeyless can also be more likely to profit from the continued broader VC curiosity in cybersecurity. Enterprise capital investments in safety startups eclipsed $13 billion this 12 months, according to PitchBook knowledge, up from $11.47 billion in 2020.
“The truth that we’re a software-as-a-service supplier and freed from the ‘on-premise technical debt’ of versioning and assist makes our economics way more environment friendly, permitting us to reply sooner to market wants and quickly innovate,” Hareven stated.