Containing the breach: Elisity and the rise of microsegmentation

In January 2025, Conduent, one of the largest government contractors in the United States, suffered a major cyberattack.

The breach exposed sensitive data from systems used across multiple states, impacting at least 25 million people and disrupting services ranging from health insurance to child support payments.

Investigations later revealed that attackers had been expanding their access inside Conduent’s systems for nearly three months before being detected, moving laterally through the interconnected systems.

Lateral movement now occurs in more than 70% of successful breaches, turning what could be contained incidents into operational crises.

Segmentation — dividing networks into isolated zones so that access to one system doesn’t grant access to others — is designed to stop this. But traditional approaches still leave broad, location-based zones, leaving room to roam within them.

Microsegmentation takes the concept further. Think of it like a submarine, says James Winebrenner, CEO of Elisity, an identity-based microsegmentation platform — like “being able to close the door and lock it and make sure that if there’s a leak on that side, it’s not going to get to you.”

Rather than grouping systems by location, it isolates individual devices, users, and applications by identity, thereby strictly controlling movement within the network.

The problem is that creating these doors has historically been so complex and disruptive that most organizations never implement them, leaving critical infrastructure exposed. Elisity changes that by enforcing identity-based policies overlaid on existing infrastructure, and turning a company’s existing network infrastructure into security checkpoints. Even if attackers get in, they can’t move laterally.

Rebuilding without disruption

The idea for Elisity came from a shared frustration that had been building for years. The founding team — Burjiz Pithawala, Sundher Narayan, and Srinivas Sardar — had worked together at Cisco and later at Viptela, a software company that simplified how enterprises managed area networks.

Customers loved the ability to manage wide area networks (WAN), but local area networks (LAN) were still manual, hardware-based, and slow to configure. Applying segmentation within a LAN required organizations to rehaul their physical network infrastructure, explains Winebrenner.

“The challenge that we’ve had for the last two decades, has been the only way to accomplish this was literally to rip up the network and replumb it from the ground up. That’s incredibly disruptive in…environments like manufacturing floors [and] hospitals,” Winebrenner explains.

Elisity was founded in 2018 to close the gap between modern, software-defined infrastructure and the reality of LAN security to make segmentation easy to deploy. “What we sought to do [was] decouple the segmentation strategy from the underlying network constructs, which tend to be…very challenging to make changes in.”

“Microsegmentation is a core foundational element of the broader zero-trust strategy.”

Instead of tying security policies to physical infrastructure like IP addresses or network zones, Elisity ties them to identity — who is accessing the network, and the context around that access.

From the outset, the team focused on validating the idea in the market. Before pitching to investors, founding CEO Pithawala shared early prototypes with corporate security leaders to gauge interest.

That groundwork gave Elisity early momentum. By the time the company officially emerged from stealth in August 2020, with $7.5M in seed funding and the launch of its inaugural product, Elisity Cognitive Trust, it already had four customers testing the product.

Making segmentation deployable

In practice, the Elisity Microsegmentation Platform sits on top of existing network infrastructure. It correlates signals from the systems an enterprise already runs—identity providers (Microsoft Active Directory, Entra ID), cyber-physical systems security platforms like Armis*, endpoint protection platforms like SentinelOne*, and IT service management (ServiceNow)—into the ElisityIdentityGraph™, a continuously updated, real-time record of every user, device, and workload in the environment.

“The difference in the way we approach implementation…is we onboard customers’ existing infrastructure non-disruptively. No downtime, no reboots,” explains Winebrenner.

“We grab telemetry in real time from the network as soon as we onboard…We then marry that information up with all the other systems of record that the customers have in place already…to make very quick policy recommendations.”

The launch of Micro Edge in 2022 made that visibility enforceable. By running directly on existing network infrastructure, Elisity turns the network itself into a control plane, with each switch acting as a real-time enforcement point. Rather than add hardware or new infrastructure, organizations can apply identity-based policies wherever traffic flows.

That same model allows companies to test policies before enforcing them, which addresses one of the biggest barriers to adoption.

“One of the biggest challenges…is enforcement anxiety,” says Winebrenner. “When I turn that policy on, what’s going to break? We’ve made it very easy to simulate that policy for a day, a week, a month, and for customers to be able to get very comfortable with the fact that that policy is going to be effective.”

The road to record growth

As interest surged following its launch, Elisity put its early funding into scaling its engineering, sales, and go-to-market teams. Winebrenner, another Viptela alum with 25 years of cybersecurity and network infrastructure experience, joined as CEO in November 2020, with Pithawala transitioning into the Chief Product Officer role.

During the COVID-19 pandemic, Elisity focused on life sciences and manufacturing industries, where uptime is critical and traditional segmentation wasn’t viable. “As the world has figured out how we’re going to operate post-Covid, we’ve added a lot of additional customer verticals,” says Winebrenner, such as healthcare and energy, with new customers including GlaxoSmithKline, Bupa, and manufacturing company Shaw Industries.

“What we’ve been talking about for the last four and a half years… people are now starting to say, ‘Wait, I think you guys are on to something.’”

A $26M Series A in 2021 propelled Elisity into a period of rapid growth. Over three years, the company increased revenue by 8,860%.

In April 2024, Insight Partners led Elisity’s $37M Series B, which was used to extend its platform’s AI capabilities. It reached record momentum with 214% year-over-year growth in the first half of that year and a 5x surge in active policies in the last quarter.

When networks become autonomous

The rise of AI, particularly autonomous agentic systems, introduces a new layer of complexity. Networks that were once made up of human users and their devices are now increasingly populated by software Agents interacting with systems, data, and each other.

“They surprisingly behave a lot like humans,” says Winebrenner, which means “the need to have more control and more least privilege access in place has only increased.” Every Agent, like every user, should only have access to exactly what it needs to do its job, and nothing more.

“People want to move very, very fast, but the guardrails simply aren’t in place yet.” 

The challenge is speed, says Winebrenner, comparing the current moment to the dawn of the iPhone. “This proliferation of agentic AI feels very 2008 to 2009…where the technology is moving faster than the controls around it.” Organizations that embrace AI without the right controls or configurations risk introducing new attack surfaces.

The CISOs he speaks to understand the stakes. “[They’re] very, very aware that this is going to fundamentally change the way their business [operates],” says Winebrenner. “They want to lean in and enable it, but the velocity with which a lot of this adoption is happening is scary.”

For Elisity, it’s less a pivot than a natural extension as identity and least privilege are applied to AI systems themselves. What’s moving across the system is changing, but the architecture stays the same.

*Note: Insight Partners has invested in Elisity, Armis, and SentinelOne.