SGNL.ai, the industry’s first Continuous Access Management company, announced that M12, Microsoft’s Venture Fund, has made a strategic investment in the company. The M12 investment is part of a $10 million strategic round that includes funding from Cisco Investments and other investors. This latest set of investments brings SGNL’s total funding to $22 million since its founding in 2021.
CIO INFLUENCE:Â Elation Health and Ribbon Health Partner to Deliver Exceptional Referral Management
“With the increased frequency of session hijacking and compromised credentials, it is critical for organizations to achieve a zero standing privilege security posture. Complex identity environments require dynamic authorization that is more robust than what has traditionally been available,” said Scott Kriz, CEO of SGNL.ai. “We are inspired by the support of M12, and excited to have them as a strategic partner as we help organizations achieve their security goals through Continuous Access Management.”
The new investment will be used by SGNL to scale product development, expand continuous access management capabilities, and support its expanding number of enterprise customer deployments. It immediately follows SGNL’s participation in the Microsoft Security Copilot Partner Program Private Preview announced at Ignite last month as well as Cisco Investment’s strategic investment announced that same week.
Alignment with M12
M12 is on a mission to accelerate the future of technology through investments, insights, and meaningful partnerships with Microsoft. The fund makes investments in companies, like SGNL, that are innovative and disruptive to the enterprise.
“SGNL’s innovative technology solves a pressing need in the enterprise identity space,” said Todd Graham, Managing Partner, M12. “The time has come for a more targeted and dynamic approach to access management, and we think that SGNL has the right vision and team to be a leader in this industry.”
Business-Critical Innovation For The Enterprise
In the first nine months of 2023, the total number of data breaches and leaks had outpaced those of 2022, a 17% increase, according to data from the Identity Theft Resource Center. And those breaches are costly, with the global average, according to the 2023 Cost of a Data Breach Report by IBM Security, being $4.45 million, a 2.3% increase from 2022 and a 15.3% increase from 2020.
Identity providers like Okta, Microsoft Entra, and Duo establish user identity at login. Once authenticated, a user’s session is handed off to the application to manage,typically granting broad access and making them targets for session hijacking and misuse. Single sign-on (SSO) and multi-factor authentication (MFA) are not designed to address this issue.
To combat this challenge, organizations need to establish a Zero Standing Privilege security posture. SGNL’s Continuous Access Platform was built to do exactly that, enabling conditional and contextual access to systems and data to be managed at scale.
Context from key systems like Workday or ServiceNow, as well as existing identity roles and groups from Azure AD or Okta, are mapped in the SGNL Graph Directory to provide quick access decisions.
Leveraging this business context and Continuous Access Evaluation Protocol (CAEP) events, SGNL allows companies to reduce the risk of data breaches and security incidents caused by session hijacking or compromised accounts.
CIO INFLUENCE:Â GDIT Forms 5G and Edge Accelerator Coalition with AWS, Cisco, Dell Technologies, Splunk and T-Mobile
Ways SGNL can be leveraged within enterprises include:
- Cloud infrastructure: Protect critical infrastructure like AWS or Azure by only granting privileged access based on organizational policy such as ticket assignment or device status.
- DevOps: Secure CI/CD pipelines by only allowing GitHub actions based on organizational policy such as an on-call rotation or using a managed laptop.
- SaaS applications: Eliminate standing access in SaaS applications by only allowing access to sensitive data based on real-time business context such as user citizenship or customer location.
CIO INFLUENCE:Â RangeForce Adds MITRE D3fend and ATT&CK Frameworks to Cyber Defense Readiness Platform
[To share your insights with us, please write to sghosh@martechseries.com]
