Ask any CISO what keeps them up at night and identity security will be near the top of the list. Identity-related weaknesses play a material role in over 90% of incident investigations, yet the tools that enterprises rely on today haven’t kept pace.
Identity governance and administration (IGA) is the discipline of managing who (and what) has access to which systems, data, and resources across an organization. It’s one of the most critical functions of enterprise security, underpinning everything from employee onboarding to compliance audits and breach prevention.
However, automating IGA is one of the more dreaded projects in enterprise IT, meaning many companies manage access through spreadsheets, manual reviews, and homegrown scripts. In a world where AI-driven attacks are accelerating, and the cost of a breach continues to climb, this is an increasingly dangerous position to be in.
For those that choose to automate, implementations can often take over a year and cost millions in fees, typically only delivering visibility into a fraction of enterprises’ identity estate. As one identity leader at a large industrial company told us: “We spent around $3M in professional services over four years, plus $2M for licensing – and I still wouldn’t say we have IGA solved.”
80 to one: The identity imbalance
This is cause for concern, as the threats impacting identity governance and security are compounding with the introduction of a new class of identities: non-human identities. Service accounts, API keys, machine credentials, and now AI Agents – which outnumber humans by roughly 80 to 1 — all need to be governed. These identities are often over-privileged, poorly tracked, and invisible to legacy governance tools. At the same time, AI-powered attacks are making it easier for adversaries to exploit stale credentials, impersonate users, and traverse access paths faster than manual review processes can catch.
Legacy IGA vendors were built for a world of human users and static access policies, not one where machine identities outnumber people and attack vectors evolve weekly.
Enter Linx.
Linx is an AI-native identity governance platform designed to protect both human and non-human identities. Founded by Israel Duanis and Niv Goldenberg, both long-standing members of the Israeli cybersecurity ecosystem, the company is rethinking identity governance around visibility, risk detection, and speed.
Israel served in the IDF’s Unit 8200, led Threat Prevention at Check Point, and previously founded and sold a company. Niv brings product leadership experience from Microsoft and Transmit Security. They saw firsthand how enterprises were flying blind on identity risk — resulting in sprawling access, orphaned accounts, and ungoverned machine credentials — and believed AI could close those gaps in ways legacy platforms couldn’t.
What makes Linx different
At the core of Linx is an AI-native identity graph that maps human and non-human identities, their access, and their relationships across an organization’s entire environment. This is a fundamentally different architecture than legacy IGA platforms, which rely on static, tabular data models that struggle to represent the complexity of modern identity estates. The graph enables Linx to surface risky access paths, detect misconfigurations, and identify privilege creep across the full identity landscape in real time.
Built on top of this graph, the platform spans three modules: onboarding, offboarding, and access reviews. Identity Security Posture Management (ISPM) surfaces the risky access paths, over-privileged accounts, and misconfigurations that legacy tools miss. Non-Human Identity (NHI) extends governance to service accounts, tokens, and other non-human identities. It offers early support for AI Agent governance, a capability that is quickly becoming a requirement as enterprises deploy agentic workflows at scale.
From months to minutes
Linx also uses AI to build and maintain integrations dramatically faster than incumbents. Where legacy platforms often require hand-coded connectors that take weeks or months per application, Linx can generate new connectors in hours. These connectors are self-healing, meaning they adapt to changes in the underlying systems without manual intervention. Combined with the graph-based data model, this translates into time-to-value that is meaningfully faster than anything else on the market. Organizations typically deploy Linx in months, not years, with no systems integrator dependency, and start seeing actionable identity insights almost immediately.
An identity leader at a food services company with over 200,000 employees described what that looks like in practice: “Linx could replicate what took us months to do manually in about 10 minutes. We could very quickly see dormant accounts, over-privileged accounts, and MFA gaps all in one place.”
Ultimately, Linx gives security teams something legacy tools have struggled to deliver: a unified, real-time view of identity risk across both human and machine identities, delivered in a fraction of the time.
We are excited to lead Linx’s Series B alongside Index Ventures and Cyberstarts, and to partner with Israel, Niv, and the team as they build the next generation of identity governance. The identity market is at an inflection point, driven by AI on both the threat side and the solution side, and we believe Linx is well-positioned to define what comes next.
