Oort, an identity threat detection and response platform, today announced that it raised $11.5 million in a Series A round co-led by .406 Ventures and Energy Impact Partners with participation from Cisco Investments. The proceeds, which bring Oort’s total capital raised to $15 million, will be put toward supporting its go-to-market strategy, CEO Matt Caulfield tells bluehillco.
Caulfield co-founded Oort after stints at Citi, Lockheed Martin and Cisco (hence Cisco’s involvement in the Series A), where he led their Boston-based product innovation team. Joined by Didi Dotan, the former chief architect of identity at EMC and director of identity services at Cisco, Caulfield set out to launch a service that could detect and respond to identity threats — e.g. social engineering, phishing and malware — at “enterprise scale.”
“From a technical perspective, identity is everything. Gone are the days of pervasive endpoint and network security,” Caulfield told bluehillco in an email interview. “Identity is the only thing standing between attackers on the wide open internet and the assets and data of the enterprise. Investing in identity security is a must-have for enterprise security teams.”
There’s no question the market for identity security startups — startups that offer products to ID and authenticate people — is red-hot. VC firms poured $2.3 billion into identity vendors in 2021, up from $1.3 billion in 2020, according to Crunchbase data. Companies such as Socure, Transmit Security and Trulioo have raised hundreds of millions of dollars between them within the last few years, while others, like Auth0, have been snapped up by incumbents like Okta.
With the normalization of remote work giving rise to a raft of new identity security startups, including Illusive, Silverfort, Authomize, ConductorOne, Footprint and Silverfort, Oort has its sales work cut out for it. But Caulfield asserts that a factor in its favor is its “data-driven,” yet “human-centric” approach to orchestrating the user accounts employees use across their organization’s various digital services.
“The number of vendors and the noise created by security vendors is tremendous. This makes it difficult for chief information security officers and security teams to find and evaluate new solutions,” Caulfield said. “Rather than focusing on the securing machines and bits and bytes, we focus on the user — the human — behind the identity.”
The Oort platform, built on Snowflake’s security data lake architecture, ingests streaming event and identity data from different sources (including external sources like Webroot’s Brightcloud) to create statistical models that are then used to detect threats like social engineering. Oort works with existing systems such as Okta and Microsoft Azure AD and offers tools for performing common identity security tasks, like fixing vulnerable user accounts, investigating a user’s authentication history and risk factors, monitoring for potentially suspicious user behavior and removing accounts with unused access.
The tech evidently won over the business of Collibra and Avid Technology, who are among Oort’s 10 enterprise customers. Caulfield says that recent high-profile identity attacks like the breach of Uber’s internal network have driven interest in Oort’s platform, too, unsurprisingly, as have the digital transformations catalyzed by the pandemic.
“The broader slowdown has not, as of yet, affected security buying patterns,” Caulfield said, adding that Oort’s Series A extends the company’s runway “well into” 2024. “Enterprise security and the shift from old approaches based on devices and networks to Oort’s approach that centers on users, identities and the humans behind them, positions them to capture the shift that is already underway.”
Oort currently employs 18 people across the U.S., Israel and Uruguay. The company plans to grow to 25 people by the end of 2022.