Highlights:

  • In the last few years, companies like Socure, Transmit Security, and Trulioo have raised hundreds of millions of dollars.
  • Built on Snowflake’s security data lake architecture, the Oort platform takes in the streaming event and identity data from different sources to make statistical models that are then used to find threats like social engineering.

Oort, an identity-centric enterprise security platform, announced that it had raised USD 11.5 million in a Series A round led by .406 Ventures, Energy Impact Partners, and Cisco Investments. CEO Matt Caulfield said that the money, which brings Oort’s total capital raised to USD 15 million, will be used to support its go-to-market strategy.

Caulfield co-founded Oort after working at Citi, Lockheed Martin, and Cisco, where he led their product innovation team in Boston (thus Cisco’s involvement in Series A). With support from Didi Dotan, the former chief architect of identity at EMC and director of identity services at Cisco, Caulfield went on a mission to launch a service that could find and stop identity threats like social engineering, phishing, and malware at “enterprise-scale”.

“From a technical perspective, identity is everything. Gone are the days of pervasive endpoint and network security,” Caulfield told TechCrunch in an email interview. “Identity is the only thing standing between attackers on the wide-open internet and the assets and data of the enterprise. Investing in identity security is a must-have for enterprise security teams.”

Undoubtedly, the market for identity security start-ups – ones that provide products to ID and authenticate people – is red-hot. Crunchbase data shows that VC firms put USD 2.3 billion into identity providers in 2021, up from USD 1.3 billion in 2020. In the last few years, companies like Socure, Transmit Security, and Trulioo have raised hundreds of millions of dollars. Other companies, like Auth0, have been nipped by bigger companies like Okta.

With new identity security companies like Illusive, Silverfort, Authomize, ConductorOne, Footprint and Silverfort popping up because remote work is becoming more common, Oort has its work cut out for it when it comes to sales. But Caulfield says that one thing working in its favor is its “data-driven” yet “human-centric” way of coordinating employees’ user accounts for their organization’s different digital services.

Caulfield said, “The number of vendors and the noise created by security vendors is tremendous. This makes it difficult for chief information security officers and security teams to find and evaluate new solutions. Rather than focusing on securing machines and bits and bytes, we focus on the user — the human — behind the identity.”

Built on Snowflake’s security data lake architecture, the Oort platform ingests streaming event and identity data from different sources, including external sources like Webroot’s Brightcloud, to make statistical models that are then used to find threats like social engineering. Oort integrates with existing systems such as Okta and Microsoft Azure AD and gives you tools to fix vulnerable user accounts, check a user’s authentication history and risk factors, watch for suspicious user behavior, and remove inactive accounts.

Collibra and Avid Technology, two of Oort’s 10 enterprise customers, decided to use the technology. Caulfield says that the pandemic and recent high-profile identity attacks, like Uber’s internal network hacking, have also sparked interest in Oort’s platform. This isn’t a big surprise.

Caulfield said, “The broader slowdown has not, as of yet, affected security buying patterns.” He also said that Oort’s Series A gives the company “well into” the 2024 runway. “Enterprise security and the shift from old approaches based on devices and networks to Oort’s approach that centers on users, identities, and the humans behind them, positions them to capture the shift already underway.”