Clutch Security launches to transform management of NHIs
Clutch Security emerged from stealth and unveiled its Universal Non-Human Identity (NHI) Security Platform. The company also announced a $8.5 million funding round led by Lightspeed Venture Partners, with participation from Merlin Ventures, and notable angel investors.
Clutch’s mission is to deliver end-to-end NHI security and proactively bridge NHI security gaps across the entire organizational landscape, without affecting business velocity.
The proliferation of NHIs (e.g. API keys, secrets, tokens, and service accounts) in enterprises, spanning across cloud, SaaS, on-prem, vaults, code repositories, CI/CD pipelines, and data warehouses, presents unique management and security challenges.
In addition, the rapid rise of AI is one of the drivers for the exponential growth of NHIs within enterprises. AI’s role in automating tasks and processes necessitates the creation of numerous NHIs to interact with various systems and applications.
As enterprises deploy AI at scale, the number of NHIs grows swiftly, leading to a 1:45 human-to-non-human ratio. The paradigm has shifted: due to their massive scale, distributed nature, privileged access, and lack of dedicated security controls, NHIs have become the weakest link and the easiest attack vector for adversaries.
Clutch provides a solution to these challenges with its Universal NHI Security Platform. Clutch empowers security teams with complete visibility, encompassing any NHI type across the entire organizational landscape. The Clutch platform allows security teams to easily understand which NHIs exist, their full context, and associated risks through simplified yet detailed Identity Lineage visualization.
Clutch offers comprehensive NHI security and management functionality, including risk identification and prioritization based on severity and business impact, and provides tailored actionable remediation playbooks to address identified risks effectively.
When any NHI-related suspicious or abnormal behavior occurs, Clutch immediately detects those behaviors and enables swift response and incident resolution, while being seamlessly integrated with existing security workflows, protecting enterprises from potential breaches. It also enables unique Zero Trust protections, allowing enterprises to proactively thwart risks.
“As more and more enterprise infrastructure gets automated, non-human identities are rapidly becoming the weakest link, and require a different type of security solution,” said Guru Chahal, Partner at Lightspeed Venture Partners.
“The team at Clutch has deep domain expertise and context that allows them to build a comprehensive platform that solves the challenges enterprises have around non-human identities. It’s been incredible to watch them build a world-class team and get the platform to customers in record time,” Chahal added.
As the zero trust-driven platform, Clutch enables security teams to fortify defenses based on organizational risk and friction appetite, proactively reducing exposure to potential threats. By certifying and verifying all NHIs, Clutch empowers enterprises to ascertain and verify the trust level of their identities, enabling a comprehensive NHI Zero Trust architecture. This results in increased business velocity without compromising security, all on a platform specifically built for scale.
“We spent decades on the frontlines assisting organizations in contending with cyber attacks, and witnessed the emergence of Non-Human Identity threats and their devastating impact,” said Clutch Security CEO Ofir Har-Chen.
“We built Clutch to equip security teams with a universal solution delivering complete visibility, context, security, and management for all NHIs, helping them not only to identify risks early and remediate effectively, but also to proactively strengthen their defenses while certifying and verifying NHIs. With support from great investors and industry leaders, our goal is to lead the market in NHI security,” Har-Chen continued.
“Understanding Non-Human Identities is crucial in cybersecurity, especially for enterprises operating in multi-environment or heavily cloud-based settings like ours.” said David Stender, CISO at BankUnited. “Clutch fortifies companies by protecting these digital identities with clear visibility and full context. Their platform addresses the challenges of this rapidly growing digital landscape, creating a more secure and resilient operational environment.”
In addition to the previously mentioned investors, Clutch is also backed by CCL (Cyber Club London), and industry leaders and angel investors, including Nir Polak, Founding Investor, co-founder, chairman of the board and formerly CEO at Exabeam; Shlomo Kramer, the co-founder of cyber-security companies Check Point, Imperva, and Cato Networks; Armon Dadgar, co-founder and CTO of HashiCorp, and more.
“Partnering with Clutch represents a significant step forward in enhancing enterprise security. As non-human identity-related threats have emerged as a major trend, Clutch’s innovative and holistic approach is both timely and essential. The team’s deep domain expertise ensures they are well-equipped to tackle these challenges head-on. We are excited to support Clutch’s mission and look forward to seeing them set new standards in the industry,” says Shay Michel, Managing Partner of Merlin Ventures.
source: HelpNetSecurity
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024