Veza, a platform that helps to secure identity access across apps, data systems and cloud infrastructure, today announced that it raised $15 million in a funding round led by Capital One Ventures and ServiceNow — valuing the company at $415 million.
Bringing Veza’s total raised to $125 million, co-founder and CEO Tarun Thakur says that the proceeds will be put toward product development, expanding Veza’s sales capacity and supporting its go-to-market execution.
“Veza was not looking to actively raise capital,” Thakur said. “The new investors were attracted to Veza because of the unique security challenges we address — the core problem of securing identity and authorization end-to-end. Veza was keen to take on these new investors because of the strategic market presence and insights that these professionals and organizations bring to the table.”
Data breaches continue to dominate headlines, costing organizations $4.45 million on average, according to IBM’s latest study. In a survey from One Identity — which, granted, sells identity management software — 95% of organizations say that they struggle with digital ID management.
That’s put companies on high alert — to the benefit of cybersecurity startups like Veza. While investment in cybersecurity has fallen below the record highs recorded in previous years, investors — including Capital One and ServiceNow, evidently — remain optimistic.
Thakur founded Veza in 2020 alongside Maohua Lu and Rob Whitcher, launching the startup out of stealth in April 2022. The three met at Thakur’s previous company, Datos IO, which was acquired by Rubrik roughly two years ago.
Veza, like other identity management solutions on the market, enables companies to enforce policies, monitor in real time for violations and risky permissions and automatically block or revoke unauthorized access to products and services. Leveraging what Thakur describes as an “authorization graph,” Veza attempts to make sense of the authorization metadata in a company’s internal apps and databases.
“Since traditional identity solutions are built on a relational database, they are transactional, lack the visibility into the modern enterprise and don’t show the reality of an organizations’ permissions,” Thakur said. “Our mission is to invent the future of access control, make it automated and put data security back within reach.”
Palo Alto-based Veza, which expects to employ 150 people by the end of the year, claims to have over a hundred customers today, including Wynn Resorts, Blackstone, Expedia, SoFi, Warby Parker, Wayfair, Zoom and Intuit. The company’s client portfolio has more than tripled since Veza came out of stealth, Thakur says, despite competition from SailPoint, CyberArk, Saviynt, Okta, Obsidian and others. And it has three years of runway.
“As breaches continue to rise and with the SEC’s new rules about cybersecurity disclosure, CIOs are now taking a very active role to share with their boards on privileged access dashboards and KPIs in order to build transparency on access debt that organizations have,” Veza said — referring to the U.S. Securities and Exchange Commission’s recently-passed rules on requiring the prompt disclosure of cybersecurity incidents. “These are becoming critical business initiatives and leading identity security is becoming increasingly top of mind for boards, CEO, CIOs, CTOs and CISOs.”