Oasis Security, a New York-based startup founded in 2022, just raised $120 million in Series B funding led by Craft Ventures, with participation from Cyberstarts, Sequoia Capital, and Accel. Total funding now stands at $195 million. The company has grown new annual recurring revenue by 5x year-over-year, with most customers coming from the Fortune 500.
This isn't just another cybersecurity funding round — it's a signal that enterprises are waking up to a problem they didn't plan for: AI agents and machine identities now vastly outnumber human users, and traditional access management systems weren't built for this reality.
📊 Oasis Security by the Numbers
- Series B funding: $120 million (Craft Ventures leads)
- Total raised: $195 million
- ARR growth: 5x year-over-year (new revenue)
- Customer base: Majority from Fortune 500
- Founded: 2022 (3 years to Series B)
- Focus: Agentic Access Management (non-human identity security)
The Problem: Your Infrastructure Is No Longer Majority Human
Traditional Identity and Access Management (IAM) systems were designed for human employees — people logging in with usernames, passwords, multi-factor authentication, and role-based access control. But in 2026, that model is fundamentally broken. Machine identities (API keys, service accounts, bot credentials, AI agents) now outnumber human users in most Fortune 500 environments, often by 10x or more.
A financial services company with 50,000 employees might have 500,000+ machine identities accessing databases, APIs, and cloud resources 24/7. Most of those machine identities were created for short-term projects or experiments, but they still have standing permissions — permanent access to sensitive systems, even when not actively needed.
This creates three compounding risks. First, standing permissions for machine identities mean that every bot, agent, or service account has "always-on" access to systems, even when idle. If an AI agent was granted database access for a one-time data extraction six months ago, it still has that access today — creating unnecessary attack surface.
Second, lack of visibility means security teams can't answer basic questions like "Which AI agents have access to our customer database?" or "What permissions does this marketing automation bot actually have?" Legacy IAM tools don't track machine identity behavior the way they track human logins. Third, governance gaps leave enterprises exposed to compliance violations.
When auditors ask "How do you ensure AI agents only access data they need for specific tasks?", most companies have no answer. They're applying human-centric access controls to non-human actors, and it doesn't work.
⚠️ Traditional IAM vs Agentic Access Management
| Traditional IAM | Agentic Access (Oasis) | |
|---|---|---|
| Identity type | Human users (employees) | Machine identities (bots, agents, APIs) |
| Permission model | Role-based (standing permissions) | Intent-based (just-in-time access) |
| Access duration | Permanent (until manually revoked) | Task-specific (auto-expires after use) |
| Visibility | Login tracking, session logs | Real-time intent analysis, behavioral tracking |
| Scale assumption | Humans outnumber machines | Machines outnumber humans 10x+ |
Oasis' Solution: Intent-Based Access for AI Agents
Oasis Security's platform introduces what CEO Danny Brickman calls Agentic Access Management — a new access control framework designed for environments where machine identities vastly outnumber humans. The core concept is intent-based, just-in-time access: instead of granting AI agents permanent permissions to systems, Oasis evaluates each agent's intent in real time and grants only the minimum permissions required to complete that specific task.
When an AI agent needs to query a customer database, it doesn't get permanent database access — it gets temporary read-only access to the specific tables required for that query, and those permissions automatically expire when the task completes.
This approach eliminates standing permissions, which are the root cause of most machine identity security risks. If an AI agent was used once six months ago for a data extraction project, it no longer has lingering database credentials sitting unused in production.
The platform also provides unified policy control across all machine identities, enabling security teams to set rules like "No AI agent can access PII outside of approved workflows" or "Marketing automation bots cannot query financial databases" and enforce those policies across the entire infrastructure. Oasis operates across multi-cloud and hybrid environments, so enterprises can govern machine identities regardless of whether they're running on AWS, GCP, Azure, or on-premise infrastructure.
The real-time visibility component is critical for compliance. When auditors ask "Which AI agents accessed customer data in the last 90 days?", Oasis can generate an audit trail showing exactly which agents requested access, what specific permissions they were granted, how long they held those permissions, and when access auto-revoked. This level of granularity doesn't exist in traditional IAM systems, which were built to track human logins, not machine behavior.
For regulated industries like banking and healthcare, this visibility is the difference between passing an AI governance audit and facing compliance penalties.
Photo by Tima Miroshnichenko on Pexels
Why Fortune 500 Companies Are Paying Attention
The 5x year-over-year ARR growth and Fortune 500 customer concentration reveal two things: first, this problem is urgent enough that large enterprises are willing to deploy new security infrastructure to solve it, and second, Oasis has product-market fit in a category that didn't exist two years ago. Large enterprises don't deploy new access management platforms lightly — IAM is foundational infrastructure that touches every system.
The fact that Fortune 500 companies are adopting Oasis despite the integration complexity means they've hit a genuine pain point.
Multi-year enterprise agreements (which drive most of Oasis' new revenue) indicate that customers view this as a long-term platform investment, not a point solution. When a Fortune 500 bank signs a three-year contract for Agentic Access Management, they're committing to a new security architecture for AI deployment. This isn't a trial — it's a strategic shift in how they govern non-human identities. The investor lineup (Craft Ventures, Sequoia, Accel, Cyberstarts) validates the category.
These firms typically invest in infrastructure that becomes a new standard, not niche tools. Their participation suggests they believe Agentic Access Management will become mandatory for any enterprise deploying AI agents at scale.
✅ What This Means for Enterprise Security Leaders
If you're a CISO or VP of Security: The shift from human-centric IAM to Agentic Access Management is not optional — it's a necessary evolution as AI agents proliferate across your infrastructure. Every AI agent your company deploys (sales automation, customer service bots, data analysis agents, DevOps automation) creates machine identity risk. Traditional IAM tools can't track or govern these identities at scale. Oasis' 5x ARR growth and Fortune 500 adoption mean your peers are already investing in this capability. The question isn't "Should we manage machine identities differently?" — it's "How quickly can we deploy intent-based access before our agent sprawl becomes a compliance liability?"
If you're a CTO or VP Engineering: This funding round reflects a broader trend: AI deployment speed is now limited by governance and security, not technology. Your teams can deploy AI agents in days, but if you can't answer "What data does this agent have access to?" or "How do we ensure this agent only accesses customer data when explicitly needed?", you'll hit regulatory and compliance roadblocks. Oasis' approach — just-in-time access with automatic expiration — aligns security controls with how AI agents actually work (task-specific, ephemeral, high-frequency). The alternative is manually managing thousands of API keys and service accounts with standing permissions, which doesn't scale and creates audit nightmares.
The Bigger Trend: Access Is the New Perimeter
Danny Brickman's quote captures the paradigm shift happening in enterprise security: "Agent value is defined by access, and so is modern risk." In the cloud era, security perimeters dissolved — there's no longer a castle-and-moat model protecting corporate systems. But as AI agents proliferate, the new perimeter is access control.
The value an AI agent delivers is directly proportional to the data and systems it can access (a customer service agent with access to order history, inventory, and shipping data is far more useful than one with limited context). But that same access creates risk — if the agent is compromised, misconfigured, or overprivileged, the blast radius is massive.
Traditional security tools focused on detecting abnormal behavior after it happens (intrusion detection, anomaly monitoring, post-breach forensics). Oasis' approach focuses on preventing risky access before it happens (intent validation, just-in-time permissions, automatic expiration). This shift from detection to prevention is critical for AI agents, which operate at machine speed and can exfiltrate data or modify systems far faster than human attackers.
By the time a traditional security tool detects anomalous behavior from a compromised AI agent, the damage may already be done. Oasis' model ensures the agent never had unnecessary access in the first place.
Continue Reading
Enterprise AI Security & Governance:
- openai-functions-enterprise-comparison" style="color: #667eea; text-decoration: none;">MCP vs LangChain Tools vs OpenAI Functions: Which Enterprise AI Integration Should You Choose? — Comparing AI integration frameworks for security and governance
- Surf AI's $57M Series A: Autonomous Execution Beats Detection-Only Security — How AI agents are shifting from detection to prevention
- IBM and NVIDIA Close the Pilot-to-Production Gap: 83% Cost Savings (calculate your potential savings) at Nestlé — Enterprise AI deployment with governance built-in
The bottom line: Oasis Security's $120M Series B isn't just a funding milestone — it's a category validation. As enterprises deploy more AI agents, the gap between legacy IAM systems (built for humans) and Agentic Access Management (built for machines) will only widen. Fortune 500 adoption and 5x ARR growth signal that this is already happening. The question for security and engineering leaders isn't whether to adopt intent-based access for AI agents, but how quickly they can deploy it before machine identity sprawl becomes a compliance crisis.
If your organization is deploying AI agents at scale, the traditional approach (standing permissions, manual revocation, role-based access) won't work. Oasis' just-in-time access model aligns with how AI agents actually operate — task-specific, ephemeral, high-frequency. The alternative is trying to manage thousands of machine identities with tools designed for hundreds of human users. That doesn't scale, and it creates security and compliance gaps that auditors will find.
Connect with me on LinkedIn, Twitter/X, or via the contact form to discuss AI agent security and access management strategies.---
Continue Reading
Related articles:
-
Surf AI's $57M Series A: Why Autonomous Execution Beats Detection-Only Security — Accel-led funding validates a shift from traditional CSPM detection to AI agents that fix cloud s...
-
How to Red-Team Your AI Agents Before Production — Deploying AI agents without security testing is like shipping code without unit tests. Here's how...
-
Cresta Knowledge Agent: Why Augmentation Beats Automation for Contact Centers in 2026 — Cresta's new AI assistant delivers 13.8% productivity gains and $3.50 ROI at United Airlines and ...
Photo by