Veza emerges from stealth and announces $110 million in funding

Veza announces it is emerging from stealth to help organizations modernize data security for the hybrid multi-cloud era.

Veza, which was founded in 2020, is also announcing funding totaling more than $110 million from top-tier venture firms, including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures, as well as angel investments from notable industry leaders, including Kevin Mandia, Founder and CEO, Mandiant; Enrique Salem, former CEO, Symantec and Partner, Bain Capital; Lane Bess, former CEO, Palo Alto Networks; Manoj Apte, former CSO, ZScaler; Joe Montana, Liquid2 Ventures; and, security leaders Niels Provos, Karthik Rangarajan, and many more.

Data is rapidly and irreversibly moving to the cloud, but organizations around the world are still missing a critical piece of data security: authorization. Because legacy and first-generation data security solutions don’t work in hybrid multi-cloud environments, data and security leaders face significant challenges related to ransomware, digital transformation, cloud adoption, loss of customer trust due to data breaches, and failed audit and compliance.

With the amount of data tripling from 2020 to 2025 and incidents of cyber crime doubling every year, organizations need a data security solution that can give them the power to understand, manage, and control who can and should take what action on what data.

“When we founded the company two years ago, we were driven to help advance the state of data security for decades to come,” said Tarun Thakur, CEO and Co-Founder of Veza. “Data and security teams have been inundated with tools, and yet have not been able to answer a fundamental question: Who can and should take what action on what data? Thanks to the dedication of our team, and the invaluable feedback from our customers, Veza has demonstrated the power of authorization metadata as the source of truth to help organizations modernize data security for the hybrid multi-cloud era. We are committed to helping enterprises trust confidently so they can unlock the value of their data.”

Veza is a data security platform that is built on the power of authorization. The platform supports both on-premise and cloud systems, and makes it possible for data and security teams to understand the sensitive nature of data; manage human identities; and service accounts across hundreds and even thousands of disparate data systems, apps, and cloud services. Veza’s core differentiation is its Authorization Metadata Graph. This includes:

• A high-performance streaming engine that integrates out-of-band and agentless, with multiple cloud and on-premises identity, data, apps, compute and infrastructure systems
• A canonical object model that organizes identities, relationships and granular data objects
• A translation layer that processes multiple system-specific permissions and converts them into a natural language for data and security professionals, delivered in a single control pane
• Data Security applications, including: real-time search about who has access to what; authorization-rich workflows for access governance and privilege management; pre-built least-privilege violation alerts and associated recipes to fix them; automated rules and queries for remediation; recommendations; and much more.

“Finally, a start-up taking on cybersecurity’s biggest challenge: Our collective ignorance to our own data environments,” said Nicole Perlroth, special advisor to Veza; former New York Times cybersecurity reporter and advisor, Cybersecurity and Infrastructure Security Agency. “Until now, no senior executive has been able to say with a straight face that they know where their data lives and who has access to it. Veza gives them no excuse. This platform marks a huge advance for cyber defense.”

Numerous Fortune 500 and emerging organizations across multiple industries, including finance, health care, hospitality, media and technology, high-tech, trust Veza. Veza’s customers include: ASAPP, ATN International, Barracuda Networks, Choice Hotels, InComm, Nozomi Networks, The Translational Genomics Research Institute (TGen), and many more.

“Authorization is a fundamental security requirement for any company creating value from data,” said Craig Rosen, Chief Security & Trust Officer, ASAPP. “It’s time for a modern approach that allows companies to see beyond authentication and master the complexities inherent to authorization in a multi-cloud world. Veza takes the intricate problem of aligning identities to data to truly understand who has access to what and simplifies it in a way that’s easy to consume for any organization, no matter its size.”

“Axon’s mission is to protect life and protect truth by enabling public safety through technology. And that focus on safety certainly extends into the security of the entire Axon ecosystem,” said Jenner Holden, Chief Information Security Officer, Axon. “Using Veza, our security teams have gained valuable visibility across our systems — apps, infrastructure, and data — to better understand who can access what, helping drive stronger privileged access security practices.”

“Securely managing authorization for the cloud can be an area of quicksand for CISOs and IT teams, since multi-cloud environments are extremely broad,” said Eric Wolford, Partner at Accel. “Veza helps teams manage this complexity with ease. As a result, the company has already seen impressive adoption among a variety of enterprise customers.”

“It turns out you need a lot of trust to implement zero-trust,” said Jake Seid, Co-Founder and General Partner, Ballistic Ventures. “That’s because what built big security companies in the past, creating safe spaces defined by just securing networks and endpoints, no longer makes sense in a hybrid multi-cloud world. Veza’s insight is that, in this new world, authorization is what brings trust to zero-trust.”

“Organizations need a data security product built both for the on-premise and multi-cloud world. Veza’s comprehensive approach pulls together authorization metadata from disparate systems and presents them in a single schema: the metadata authorization graph,” said Karim Faris, General Partner at GV. “It’s the only company that can show you the truth of your data permissions — or authorization — across your organization’s entire cloud ecosystem. We’re excited to work with Tarun Thakur and the Veza team on the road ahead.”