Widespread cloud adoption has created a new security challenge for enterprises. The cloud environment that underpins speed, efficiency, and flexibility from an infrastructure perspective is also fragmented, complex, and opaque from a security standpoint. Machine identities outnumber human identities by approximately 20 to 1, external firewalls have become powerless as identity has become the new corporate security perimeter, while the rise of DevOps and the “shift-left” movement in security have blurred the definition of a privileged user.

In this context, identity holds the keys to accessing sensitive corporate resources in IaaS/PaaS environments such as AWS, Microsoft Azure, and Google Cloud Platform, and has become the biggest attack vector. JP Morgan’s recent CIO Survey found that identity and access management is now seen as the biggest security priority for enterprises. A recent survey of CISOs in the US found that 79% had experienced a cloud data breach in the last 18 months, and three of their top five challenges related to access policies in the cloud. One of the biggest cybersecurity breaches in recent years, the Capital One incident, was primarily the result of mismanaged permissions.

CISOs we have spoken with cite the management of access privileges as a major pain point: their existing Privileged Access Management (PAM) tools have limited use in the public cloud, prompting them to rely on infrequent manual audits to map and control access permissions. Several CISOs estimate that the number of permissions they currently grant can be 10x greater than ideal, as they lack any real-time granular information on individual user needs and activity.

It is therefore clear that existing tools and processes do not fully meet the security demands of complex cloud environments that feature hundreds of identities, roles, and access policies – all of which need to be continuously monitored and managed. The volume and complexity of authorizations that must be granted have grown rapidly in the cloud, but the tools to help enterprises manage these securely have not kept pace.

Into this space is stepping Ermetic, a Tel-Aviv based company founded only last year, but which has already shown the potential to become an important player in cloud security, with an innovative approach for managing identities and authorizations in IaaS/PaaS environments. Its product surfaces rich permission graphs that map both individual identities and specific resources – allowing security and engineering leaders to observe, for example, every identity that has access to a sensitive storage service such as an AWS S3 bucket, or the full scope of resources a particular user has access to. This directly addresses the lack of visibility and context that has made permissions so difficult to manage in the public cloud.

In addition, Ermetic allows its customers to analyze and model authorization policies, using access and activity patterns to eliminate excessive privileges. These capabilities equip enterprises to enforce the least-privilege principle, which means only giving access to the information and resources that are needed, by creating a more easily auditable environment and in turn condensing the attack surface. They allow Ermetic to provide a solution for multi-cloud environments that neither the in-built security tools of major IaaS/PaaS vendors nor legacy PAM providers with their roots in the on-premises world, can match.

Ermetic is an early mover into what we expect to become a thriving “cloud-native PAM” category, building on Accel’s track record of partnering with identity security leaders such as 1Password, BetterCloud, Callsign, Centrify, and ForgeRock. Its Series A has come at a relatively young stage of the company, which reflects both the scale of the opportunity and the proven quality of its management team.

We’re thrilled to be partnering with Shai, former co-founder of endpoint detection and response startup Secdo; Arick, former co-founder of incident response business Sygnia; as well as Michael and Sivan, whom we’ve had the pleasure of working with already at Accel-backed Aorato, an early leader in active directory security. Their previous companies were acquired by enterprises such as Microsoft, Palo Alto Networks, and Temasek.

Together, they make up a founding team with strong commercial and technical experience, whom we’ve had a real pleasure getting to know closely over the past few months. That, along with Ermetic’s relevance to enterprises that face complex cloud security demands, makes us excited about solving one of the most complex identity puzzles in the cloud together.

‍

Europe and Israel’s startup founder factories

Former employees of European and Israeli unicorns are founding the next wave of startups as the region’s flywheel of talent continues to spin. Join us as we explore trends from the emergent companies, and examine the journey from unicorn employee to tech founder. Download the report below.

Download the latest founder factories report

At a glance

1,451

The number of tech-enabled startups founded by former employees of 248 European and Israeli unicorns

59%

The percentage of these new startups that have already gone on to secure private funding

55%

More than half of companies built by former employees were founded in the same city as the unicorn, resulting in thriving tech hubs developing in cities where unicorns have been created

Insights

“

The European and Israeli tech ecosystem continues to be a powerhouse of innovation and ambition. Despite a difficult macroeconomic climate, we're seeing a surge in entrepreneurial talent, particularly in sectors such as fintech and AI. Our data shows a striking trend: nearly 1,500 startups sprouted from the roots of European and Israeli unicorn companies, once again demonstrating that they continue to be thriving founder factories. This region is not just launching startups; it's creating seasoned founders equipped with deep industry insights and, in the current environment, the experience to build enduring and resilient businesses that can achieve sustainable growth.”

Harry Nelis, Partner at Accel

2023 Key takeaways

While Spotify, Delivery Hero, Zalando and Criteo continue to top the list, producing 151 tech-enabled startups between them, a new wave of founder factories is on the rise
Fintech unicorns dominate the top 10 as Revolut, Klarna, N26 and Wise rank fifth, sixth, seventh and ninth respectively
35% of tech startups to spring out of fintech unicorns were also in fintech

Click here to read more takeaways and insights from the 2023 report

Our Series A in Vorlon: Detect and Remediate API Security Threats

Our investment in Sprinto: Turning Compliance into a Driver of Growth for Businesses

Our Seed Investment in Val Town: Making Programming Accessible, Collaborative, and Fun

At a glance

1,451

59%

55%