Oasis Security just pulled in $120 million to solve a problem most companies didn't know they had: securing the identities of AI agents and other non-human systems now outnumbering human employees inside enterprises. The New York and Tel Aviv-based cybersecurity startup raised the funding from Craft Ventures, Sequoia Capital, Accel, and Cyberstarts, bringing its total funding to $190 million in less than two years since emerging from stealth. The timing reveals a critical gap in how companies protect themselves. As enterprises race to deploy autonomous AI agents across their systems, those agents need identities, credentials, and access pathways just like human employees do. But traditional security tools were built for people logging in, not fleets of autonomous systems making decisions and calling application programming interfaces (APIs) around the clock. The result is a surge in what security teams now call non-human identities (NHIs), and they're quietly becoming the majority of identities in large organizations. What Are Non-Human Identities and Why Should You Care? Non-human identities include service accounts, API keys, tokens, and now AI agents. These are the digital credentials that allow software systems to authenticate and interact with each other without human intervention. They're everywhere in modern infrastructure, often over-permissioned, and frequently overlooked by security teams focused on protecting human user accounts. The problem is urgent. One survey cited by Oasis found that 79% of IT professionals feel ill-equipped to handle attacks tied to non-human identities, even as adoption of AI agents continues to climb. This gap between deployment speed and security readiness has caught the attention of top-tier venture capital firms, signaling that the market sees this as one of the defining security challenges of the AI era. How Does Oasis Security's Platform Work? Oasis focuses on discovery and control. Its platform scans environments across cloud, software-as-a-service (SaaS), and on-premises systems to map every non-human identity, assess risk, and enforce policies. The company says its agentless Discovery Engine connects with more than 30 identity systems in minutes, giving security teams visibility without interrupting developers or operations. The platform tracks these identities, flags risky behavior, and offers automated fixes. In November 2025, Oasis introduced its Agentic Access Management framework, developed in collaboration with Sequoia Capital and a group of chief information security officers (CISOs). The framework outlines a governance model for securing machine-to-machine access and AI-driven systems, along with a maturity assessment tool to help organizations gauge their exposure. Steps to Secure Non-Human Identities in Your Organization - Map All Non-Human Identities: Use discovery tools to identify every service account, API key, token, and AI agent in your environment across cloud, SaaS, and on-premises systems. - Assess Risk and Over-Permissions: Evaluate which non-human identities have excessive access rights and determine which pose the greatest security risk to your organization. - Enforce Real-Time Policies: Implement automated policy enforcement and full audit trails to monitor AI agents and machine-to-machine access in operation. - Establish a Governance Framework: Develop a maturity assessment to gauge your organization's readiness and create a governance model for securing machine-to-machine access. Bogomil Balkansky, a partner at Sequoia Capital, framed the shift early: "Identity is the new perimeter, and non-human identity is the gaping hole in that perimeter". This perspective has resonated with enterprises, particularly in finance and other regulated sectors where access control is tightly scrutinized. Who Is Behind Oasis Security? Oasis Security was founded in 2022 by Danny Brickman and Amit Zimerman, both veterans of Israeli Defense Forces cyber units. The company emerged from stealth in January 2024 with $40 million in funding, including a $35 million Series A led by Sequoia Capital. A few months later, it added a $35 million extension backed by Accel, Cyberstarts, and Sequoia, bringing total funding to roughly $75 million at the time. The company's focus has tracked closely with the rise of AI agents. Since its Series A, Oasis has concentrated on one core problem: securing identities that don't belong to people. This narrow focus has gained traction with large enterprises, and the latest $120 million raise signals investor confidence that the market for non-human identity security is just beginning to scale. What Does This Funding Mean for the Broader Security Market? The $120 million raise reflects a broader shift in how venture capital views cybersecurity. Rather than betting on general-purpose security platforms, investors are backing startups that solve specific, urgent problems created by the AI era. Oasis is entering a crowded space that includes players like Astrix Security, though its early focus on AI-driven systems and strong backing from top-tier investors have helped it stand out. The new funding is expected to support product development, hiring, and go-to-market efforts, including partnerships such as the company's recent work with GuidePoint Security. Oasis is continuing to scale across its New York and Tel Aviv teams as demand grows. As AI agents multiply inside enterprises, the number of identities to secure is exploding, and most of them no longer belong to humans. This shift has opened a market opportunity that venture capital is now racing to capitalize on, with Oasis Security positioned as one of the early leaders in addressing what may become one of the decade's most critical security challenges.
