Israel Duanis

We're at one of those rare moments where an entire software category gets rewritten from scratch. Not improved. Replaced. AI isn't making identity governance faster - it's making the old architecture obsolete.

When Niv and I started Linx two years ago, we made a bet: that the identity governance category was overdue for a fundamental rethink, and that AI-native architecture - not AI bolted onto legacy infrastructure - would be what made that possible. That the future of IGA wasn't periodic reviews and manual workflows. It was continuous, autonomous, and built for a world where humans, machines, and AI agents all coexist inside the same enterprise.

Today, I'm proud to announce that Linx Security has raised a $50M Series B, led by Insight Partners, with continued support from Cyberstarts and Index Ventures - bringing our total funding to $83 million. And alongside this round, we've launched Linx Autopilot: the industry's first AI agent purpose-built for Identity Governance and Administration.

This isn't just a funding milestone. It's a signal that the IGA category is at an inflection point - and that Linx is leading it.

Why Now

The identity landscape has been transformed by three forces converging at once.

First, AI agents are proliferating inside every enterprise - not as experiments, but as active participants in business workflows. They hold credentials. They access sensitive systems. They act with autonomy. And almost none of today's governance frameworks were built to manage them.

Second, the attack surface has exploded. One breach, one over-privileged service account, one dormant credential - and the damage can be catastrophic. Boards know it. CISOs feel it daily. The compliance frameworks are finally catching up.

Third - and this is what excites me most - the technology is finally ready. AI-native architecture makes it possible to do in seconds what traditional tools take weeks to accomplish: detect, evaluate risk in context, and act. Not reactively. Continuously.

IGA was always treated as a necessary evil. A compliance checkbox. Something you suffered through. We built Linx on the premise that it doesn't have to be that way.

What We're Building - and Why It Matters Now

The enterprise of 2026 doesn't look like the enterprise IGA was designed for. AI agents are being provisioned inside every workflow. Non-human identities now outnumber human ones. The attack surface isn't growing linearly - it's multiplying. And the governance frameworks built for a world of on-prem directories and annual access reviews were simply never designed for this reality.

Linx is built AI-native from the ground up - not AI layered onto legacy architecture. That distinction matters more than it might sound. It's what allows us to move from periodic, reactive governance to something fundamentally different: continuous, autonomous identity security that operates at the speed of the business and the speed of the threat.

Think of it as having a security operator working 24/7 on your behalf - one that monitors every identity in your environment, detects risk in context as it emerges, and acts before the damage is done. When a privileged account behaves unexpectedly, it responds. When an AI agent is provisioned with excessive permissions, it sees it. When an employee moves roles and leaves ghost access behind, it remediates - before an attacker finds it first.

Security teams don't lose control. They gain leverage. The tedious, repetitive work gets handled autonomously. The decisions that require human judgment get escalated. That's what modern identity governance looks like - and that's what we're delivering.

To the People Who Made This Possible

None of this happens without the people.

To Niv - twenty years of shared history, and I still learn something from you every week. Building this company alongside you has been one of the great privileges of my career. You push this product to places I wouldn't have imagined.

To Sarit - your technical vision and relentless standards are woven into every line of this platform. What you've built with the engineering team is something we'll be proud of for a long time.

To our entire Linx team - 100 people who bet on a vision and made it real. Every customer win, every product breakthrough, every late night - that's us, together. I'm incredibly proud of what we've built as a team.

To Teddie, Elan and the Insight Partners team - your belief in where this market is going gave us a true partner for the next chapter. And to Gili at Cyberstarts, and Shardul at Index Ventures - you've been with us from the beginning, and your conviction in this vision has never wavered. We don't get here without all of you.

And to our customers - the security leaders and identity practitioners who chose to build with us early, challenged us to be better, and trusted us with what matters most. You are the reason we do this. Your trust is the highest validation we know.

What Comes Next

The market isn't just ready, it's asking for it. Every security leader we talk to, every enterprise scrambling to govern AI agents they provisioned last quarter with no visibility into what they can access, confirms what we believed two years ago: this category was overdue, and the moment is now.

What comes next is simple to say and hard to execute: we scale. We're growing the team, accelerating the Autopilot roadmap, and going deeper with the enterprises already trusting us to govern millions of identities in production.

The IGA category is being rewritten. The window to define what the next generation looks like is open.

We intend to define it.

‍

- Israel Duanis, CEO & Co-Founder, Linx Security

How Forrester defines the new workforce identity stack

Forrester defines workforce identity security platforms as unified platforms that govern, administer, and enforce identity security safeguards across workforce users, human and nonhuman, to protect networks, applications, and data. These platforms pull together identity data sources, SSO, MFA, access management, and identity governance, then layer on AI-driven identity intelligence and analytics.

In other words, this is no longer “just IAM.” The platform is expected to:

• Deliver identity-centric security and help prevent identity-based attacks by eliminating security gaps and reducing the attack surface.
• Maintain regulatory compliance and audit readiness across frameworks like SOX, GDPR, PCI DSS, and DORA.
• Improve workforce productivity with streamlined onboarding, access requests, SSO, and self-service.

Forrester also calls out the growing pressure from nonhuman identities and AI:

• The proliferation of nonhuman identities (NHIs) like service accounts, workloads, APIs, and AI agents is now a primary challenge that drives identity sprawl and business risk.
• The agentic AI workforce is named as the top disruptor, requiring new governance, lifecycle, and risk detection models, along with support for emerging AI security protocols and standards.

This is exactly the world Linx was built for: a mix of humans, machines, and AI agents that all need access, all the time.

Where Linx shows up in the Forrester Landscape

The report covers 32 vendors globally. Linx Security is listed among those vendors, alongside hyperscalers, long-time IAM players, and a small number of specialized identity security platforms.

Forrester then breaks the market into:

• Core use cases: identity and access policy administration, workforce onboarding and offboarding, secure workforce access, and regulatory compliance reporting.
• Extended use cases: IAM process automation, identity governance, identity security posture management, identity threat detection and response, machine and AI agent identity management, and third-party access management.

In the extended use case matrix, Linx is listed in three specific areas:

1. Identity governance
2. Machine and AI agent identity management
3. Identity security posture management

Those three are not generic checkboxes for us. They are the center of how the Linx platform is designed.

Why these areas matter, and how they map to what Linx does

1. Identity governance: modern IGA that people actually use

Forrester treats identity governance as one of the extended use cases that differentiates workforce identity platforms beyond basic IAM.

In practice, that means:

• Running access reviews that do more than produce spreadsheets.
• Enforcing least privilege without creating months of manual role modeling.
• Proving to auditors, at any time, who has access to what and why.

Linx leans into modern IGA with AI-assisted access reviews, contextual recommendations, and immutable, auditor-ready reports. The goal is simple: get your certifications done faster, with higher quality decisions, and leave behind an evidence trail that stands up in front of a regulator or a board.

2. Machine and AI agent identity management: securing the agentic workforce

Forrester calls out the proliferation of nonhuman identities and the rise of agentic AI as both a primary challenge and the top disruptor in this market.

This is where Linx has been investing heavily:

• Treating AI agents, service accounts, and workloads as first-class identities, not an afterthought.
• Giving security teams visibility into what those agents can reach, and what they actually use.
• Applying the same least-privilege, lifecycle, and review controls to nonhuman identities that you already expect for human users.

As enterprises push more work into autonomous agents, this becomes a board-level risk question, not a tooling detail. Seeing Linx recognized in this emerging use case is a strong signal that we are aligned with how the category will evolve over the next few years.

3. Identity security posture management: from “who has access” to “what should we fix first”

Forrester describes how workforce identity platforms are increasingly defined by AI-driven identity security intelligence. They are expected to detect drift and misconfiguration, and support real-time identity threat detection and response.

That is essentially the identity security posture management problem:

• You need a complete map of identities, entitlements, and relationships.
• You need to know which patterns represent real risk, not just noise.
• You need a path to remediate excessive or toxic access, not just report on it.

Linx tackles this with graph-based visibility across SaaS, cloud, and business apps, layered with AI that flags excessive privileges and risky access paths. Then, instead of stopping at “observability,” we allow teams to actually remediate from within the platform, with automation where appropriate and human review where needed.

What this means for customers

This Forrester Landscape is not a ranking or a Wave. It is a map of who is in the game and how the market is shifting. Being included is step one. Being listed in extended use cases that sit at the heart of the next identity decade is the more important part.

For our customers and partners, the message is straightforward:

• You are not alone in feeling that traditional IAM and legacy IGA were not designed for today’s mix of humans, machines, and AI agents.
• Analysts now describe the market in terms that match the problems you are bringing to us every week: posture management, governance that works at scale, and control over nonhuman identities.
• Linx is recognized as one of the vendors focused on exactly those problems, not as a generalist tool trying to be everything to everyone.

We will keep sharing more detail on how we approach identity governance, posture, and AI agent control over the coming months. For now, this report is a useful validation that the hard problems you are asking us to solve are the same ones reshaping the entire workforce identity security market.

Find the full report here: Forrester Workforce Identity Security Platforms Landscape.

After a little over a year of relentlessly hard (and fun!) work alongside my co-founder, Niv Goldenberg, I’m excited to share that today Linx Security is emerging from stealth.

Already working with large-scale companies across a large variety of industries such as financial services, retail, real estate, technology companies and others, Linx is helping them dramatically shrink their identity attack surface and close major gaps in compliance—by enabling them to finally get control over their whole identity lifecycle.

Here is how we got to where we are today.

From physics to 8200 to identity security

Niv and I go back a long time. Twenty years back, in fact.

We first met while working together in the army’s cybersecurity unit (8200, the NSA equivalent). The sheer urgency and complexity of the projects we were tasked with played a critical role in molding our approach to problem-solving. And we found a mutual passion for tackling challenges head-on—especially, the types of challenges that others had already given up on.

Our shared passion continued through university, where we collaborated on physics and computer science projects. And it carried through to our professional roles—myself as the Director of Engineering at Checkpoint Security, and Niv as the VP of Product at Transmit Security. But we always knew that one day, we would tackle some of the world’s most complex issues together.

From our origins in physics to 20+ years in the cybersecurity space gave us dual abilities: one, the ability to ask the right questions (which is never as straightforward as it seems), and two, the ability to find the most practical way to resolve the problem—quickly. “Who should have access to what?” is such an easy question to ask, but so difficult to resolve. But as soon as this problem is solved, it would significantly relieve the pressure from enterprises where most of them have moved to having identity as their main perimeter. A complexity that we feel fortunate to have the opportunity at Linx to solve.

The evolution of identity security

Identity Authorization used to be simple. It was a closed system, on-prem, based on one source of truth—the Active Directory.

Meaning the biggest problem for companies was authentication and verification. Ensuring only authorized users had access to your systems, assets, and information.

But just as the law of conservation of momentum states, momentum is constant in an isolated system unless an external force is applied.

And that’s exactly what happened to identity. In a very short period of time, it had multiple, external forces thrown at it—which significantly increased its momentum, causing identity management and security to spin out of control.

First, it was the shift of infrastructure and applications to the cloud—beyond the control of on-prem solutions. Second, this shift to the cloud led to a rapid increase in the scale of human identities—we see this today, with one person owning multiple online aliases and login credentials. And third, the fast introduction of machine identities to organizations.

Further complicating matters, at large organizations, identity is fractured across three siloed teams: identity, security, and IT. Each team tackles identity from a different perspective, using their own tools for their specific responsibilities within the lifecycle. This fragmented approach creates a complex mess, filled with security and compliance risks – even with the wealth of existing solutions available.

And even though countless solutions existed for identity verification, authentication, and security, companies were still struggling to get identity under control.

We thought—why? Why does it have to be so hard? Why does it have to be so complicated?

That was the moment we knew we had found the challenge we wanted to solve.

So we rolled up our sleeves and got to work.

Uniting security, identity, and IT teams to get control over identity security

The result is what you see today: Linx, a refreshingly different identity security platform that is a significant departure from existing solutions.

Linx enables organizations to finally get the whole identity lifecycle under control with a radically modern approach that unites identity, security, and IT ops teams—by mapping the hidden relationships between employees, their digital identities, and the apps, software, platforms, and programs they have access to.

By providing the right tools, visibility, and understanding, along with deeply contextual insights and automated workflows, Linx allows these teams to work together efficiently and seamlessly to control and secure identity. Enabling organizations to ultimately shrink their identity attack surface and close gaps in compliance.

To our customers, we thank you for your ongoing support and trust. And to Index and Cyberstarts, and to our advisors—your guidance has been instrumental in making this product a reality.

To my co-founder, Niv, and the rest of our amazing team—I'm incredibly proud of what we've accomplished so far, and I can't wait to share even more details about our product and vision as the months unfold.

We are excited for what the future holds as we untangle the complexity of identity security. Once and for all.