Oort raises $15 million to defend enterprises against identity-based cyberattacks

Oort announced the completion of a $15 million funding round, including both Seed and Series A investments. Oort will use the funds to grow and further accelerate its go-to-market (GTM) strategy.

The funding round was co-led by .406 Ventures, a Boston-based early-stage venture capital firm specializing in cybersecurity, as well as Energy Impact Partners (EIP), a New York-based global investment platform, and included Cisco Investments. They join existing investors including 645 Ventures, Bain Capital Ventures and First Star Ventures.

“Every high-profile security breach of 2022 comes down to one thing, and that’s identity. From the Okta breach in January perpetrated by the Lapsus$ group to the recent string of attacks on Twilio and Uber, traditional security controls have failed,” said Matt Caulfield, founder and CEO, Oort. “The modern workforce is changing, and we need to change with it. Oort is on a mission to help our customers adopt an identity-first approach to enterprise security, starting with Identity Threat Detection and Response (ITDR).”

Oort’s team combines years of domain expertise across identity, networking, and security working at industry leaders such as Cisco and RSA. Prior to Oort, Caulfield led the award-winning Boston Innovation Team at Cisco. Didi Dotan, Oort’s CTO, served as Head of SecureX Sign On and Chief Architect of Cisco Defense Orchestrator at Cisco and was previously Chief Architect of Identity at RSA.

“Compromised credentials and poorly-configured access controls are among the biggest security risks to today’s enterprise. Oort’s platform puts identity first to help IT and security teams immediately contain identity sprawl and secure vulnerable user accounts,” said Greg Dracon, partner, .406 Ventures. “Oort is positioned to lead the industry by unifying disparate identity sources and giving CISOs the visibility they need to fully understand their perimeter. We are thrilled to support Oort in its continued growth.”

As a turnkey platform, Oort provides immediate value to security teams by giving them full visibility and control over their identity attack surface. Deployable in minutes, Oort gives CISOs the insights they need to understand and secure their population of employees and contractors against social engineering and insider threats.

“With the increasing cyber risks to enterprises today, we know that an identity-first solution is critical to every security strategy,” said Shawn Cherian, partner, EIP. “Oort’s existing experience in this space, coupled with their first-hand understanding of what CISOs need to secure critical infrastructure, position them well to lead the Identity Threat Detection and Response market. We’re excited to be Oort’s partner as they define this new category of security technology.”

In March 2022, Gartner introduced the term “Identity Threat Detection and Response” to describe tools and best practices built to defend against attacks actively targeting IAM infrastructure and credential misuse. Oort’s API-driven, cloud-native and agentless solution, which works with existing identity systems such as Okta and Microsoft Azure AD to enable comprehensive ITDR in minutes, is positioned to lead the category.

“Identity is now foundational for security operations (identity-first security),” said Mary Ruddy, VP analyst, Gartner. “ITDR adds an additional layer of security to even mature identity and access management (IAM) deployments. As identity becomes more important, threat actors are increasingly targeting the identity infrastructure itself. Organizations must focus more on protecting their IAM infrastructure.”

To secure its own platform, Oort has gone through rigorous testing to meet industry standards and receive critical certifications including SOC 2 Type 2. Oort is built on Snowflake’s security data lake architecture, which helps them store and query massive volumes of data, and AWS Lambda, which allows Oort to automatically scale their data streaming architecture to accommodate enterprise organizations of any size.

“Oort gives our team immediate visibility into our identity attack surface and the insights we need to investigate users and take action,” said Dmitriy Sokolovskiy, CISO, Avid Technology. “The powerful simplicity of the tool and its integrations means we need fewer security analysts to get the job done. With Oort, our security policies are directly tied to technical controls supporting these policies.”