Back

Token Security

Company Overview

Token Security is a cybersecurity company focused on providing machine-first identity security solutions for cloud environments. The company was founded to address the growing challenges of managing and securing non-human identities in modern cloud-native infrastructures.

Token Security’s approach centers on shifting from a human-centric to a machine-first perspective on identity security. Their solutions aim to help organizations understand and control the full scope of identity exposure in cloud environments by starting from the point of view of machines and assets.

Products Overview

Token Security offers a machine-first identity security platform designed for cloud-native companies. Key features and capabilities include:

  • Discovery and mapping of all identities (human and non-human) across cloud environments
  • Attribution of identities to owners and dependencies
  • Exposure analysis to reveal security risks like stale identities, shared accounts, and unrotated keys
  • Risk prioritization based on business impact
  • Remediation support with contextual information and best practices
  • Agentless scanning and log analysis to create comprehensive identity maps
  • Integration with cloud platforms, identity providers, and other security tools

The platform aims to provide unified visibility, credentials risk management, and machine identity lifecycle control.

Founding Team

The founding team includes:

  • Itamar Apelblat - Co-Founder and CEO
  • Ido Shlomo - Co-Founder and CTO

Other key leadership includes: - Nissim Pariente - CPO - Adi Chemoul - VP Marketing

Problem and Market Fit

Token Security is addressing several key challenges in cloud identity security:

  1. The rapid growth of non-human identities (machines, apps, services) outnumbering human identities in cloud environments.

  2. Traditional perimeter-based security becoming obsolete as assets move outside firewalls.

  3. The fragmentation of identity management across multiple cloud directories and systems.

  4. Legacy identity solutions struggling to handle the dynamic nature of cloud services and machine identities.

  5. The complexity of managing identities in multi-account cloud architectures and microservices environments.

  6. Over-privileged accounts and excessive permissions granted to most users/roles.

The company positions its machine-first approach as uniquely suited to handle these modern cloud identity challenges that traditional human-centric tools struggle with.

Business Model

While not explicitly stated, Token Security appears to operate on a SaaS (Software-as-a-Service) model, offering its identity security platform to cloud-native companies. They likely charge subscription fees based on usage or the scale of identities managed.

Competitive Landscape

Token Security positions itself against legacy identity and access management vendors like Okta, CyberArk, Delinea, Ping Identity, and ForgeRock. They argue these established players are primarily focused on on-premises infrastructure and human identities, leaving gaps in addressing cloud-native and machine identity security needs.

The company aims to differentiate through its cloud-native architecture and machine-first approach, which they claim is better suited for modern cloud environments compared to solutions from legacy vendors.

Customers

While specific customers are not mentioned, Token Security targets cloud-native companies and organizations undergoing cloud transformation. Their solutions appear aimed at enterprises dealing with complex cloud infrastructures, microservices architectures, and a high volume of machine identities.

Relevant News

  • In May 2024, the company published a blog post on “Top 10 Non-Human Identity Risks to Recognize and Mitigate”, highlighting key security challenges in managing machine identities.

  • Earlier in May 2024, they released an article on “The Machine Identity Crisis”, discussing the evolving challenges of identity security in cloud environments.

  • The company appears to be actively producing thought leadership content around machine identity security, indicating they are working to establish themselves as experts in this emerging field.

Overall, Token Security presents itself as an innovative player in the cloud identity security space, focusing on the growing importance of machine identities in modern cloud infrastructures. Their machine-first approach and cloud-native architecture position them to address emerging challenges that traditional identity solutions may struggle with.

Classification: AI Tier 2

  1. Core AI: Create fundamental AI technologies/base models
  2. AI-Enabled: Core offerings rely on recent AI advances
  3. AI Adopters: Use AI to enhance existing products/services
  4. Non-AI: No AI in products/services

Token Security’s platform and services rely heavily on recent AI advances to provide cloud-native identity security solutions, classifying it as an AI-Enabled (Tier 2) company.