Defakto raises $30.75 million to secure non-human identities
Defakto, previously known as SPIRL, has secured a Series B funding round amounting to $30.75 million led by XYZ Venture Capital, with continued backing from The General Partnership, Bloomberg Beta, and WndrCo.
This funding round coincides with Defakto's introduction of a platform designed to address security for non-human identities in enterprise environments. The company's solution targets automated interactions across digital infrastructures, including workloads, pipelines, artificial intelligence agents, and multi-cloud settings, by aiming to eliminate the widespread use of static credentials and service accounts with overextended privileges.
Funding details
The Series B raise will be used to speed up product development, drive sales efforts, and reinforce Defakto's position in the non-human identity security space. Additional participants in the round include Michael Coates, former Chief Information Security Officer of Twitter, Adverb Ventures, and J.P. Morgan.
Non-human identity challenges
According to Defakto, the prevalence of non-human identities within organisations has surged, with such identities now outnumbering human employees at a ratio of 45:1. These non-human actors-services, machines, pipelines, and AI agents-typically operate using static secrets, API keys, tokens, and service accounts. The company highlights that this results in 'vault sprawl,' proliferation of service accounts, and scattered secrets across modern pipelines and cloud environments. The reliance on legacy security approaches, originally designed for environments dominated by human users, now leads to increased risk due to static credentials and elevated access permissions, which have become a significant factor in data breaches.
Danny Oliveri, Cofounder and Chief Executive Officer at Defakto, commented on these challenges:
"Every enterprise has invested in securing its people. But non-humans are now the majority of users, and their identities are still governed by outdated, secret-based models that create mounting technical debt. We didn't build another tool to give you more visibility or manage secrets. We built a platform to eradicate them, eliminate overprivileged access, and give enterprises the same foundation for machines and AI that IAM gave them for people."
Platform features
The company's newly launched platform is described as purpose-built for managing the lifecycle of non-human identities. It is based on industry standards, including SPIFFE and WIMSE, intending to ensure interoperability across different systems and future scalability. Defakto states its system removes static keys and tokens, integrates with developer workflows, provides verifiable identities for enterprise AI agents, and supports multi-cloud operations across providers such as AWS, Azure, and Google Cloud Platform.
Supporting views from investors and founders
Ross Fubini, Managing Partner at XYZ Venture Capital, stated:
"The shift to automation and AI makes non-human identity management unavoidable-every enterprise will need to solve this, and most are just starting to realize how deep the problem goes. Defakto has the only real answer we've seen. They're not managing secrets better; they're eliminating the need for them entirely. That's the kind of rethinking that defines a category."
Eli Nesterov, Cofounder and Chief Technology Officer at Defakto, explained the approach the company takes to security:
"Enterprises today can't enter the age of AI on a foundation of static secrets and overprivileged access. Defakto replaces that legacy model with dynamic identity, transforming security from a liability into an enabler. This is the future of infrastructure: autonomous, inherently secure, governable, and limitless in scale."
Daniel Portillo, Cofounder of The General Partnership, also commented on Defakto's progress:
"Defakto is tackling one of the hardest problems in enterprise security-managing non-human identity at scale. With the growth of AI in enterprise, the problem will only get more complex. Watching Danny, Eli, and the team turn that vision into enterprise infrastructure that companies can depend on has been impressive, and we've been fortunate to build alongside them as they defined this new category."
James Cham, Partner at Bloomberg Beta, added:
"What makes Defakto's work groundbreaking is that it doesn't just solve today's problems, it creates the foundation for enterprises to embrace automation and AI with confidence for decades to come because of their record of success with some of the biggest, most demanding customers in the world."
Background and outlook
Defakto was founded by Eli Nesterov and Danny Oliveri, building on experience with large-scale identity deployments. According to the company, customers include large enterprises in the Global 2000, which use Defakto's platform to secure non-human identities at scale. The focus for the near future, as stated by the company, will be product enhancement, go-to-market expansion, and reinforcing its role as a standard-setter in non-human identity security.