Artificial Intelligence & Machine Learning,
Governance & Risk Management,
Identity Governance & Administration
Israeli Startup Maps Enterprise Entitlements Beyond Traditional Identity Providers

In a significant move that has captured the attention of the tech world, a new identity management startup from Israel has officially launched with $60 million in funding. This financial backing aims to confront long-standing challenges in visibility, governance, and automation in identity management, an area ripe for innovation. The company, Oak, emerged from stealth mode and is poised to redefine how organizations manage not just human identities but also other types, including artificial intelligence (AI) agents.
The seed funding, which involves key investors such as Accel, Greylock Partners, and CRV, will bolster Oak’s efforts to utilize artificial intelligence to solve persistent identity challenges. CEO Shai Morag articulated that this funding will also allow the company to invest significantly in product development, engineering, research, and go-to-market strategies. Morag emphasized the revolutionary potential that AI holds for identity governance, stating, “There is a real opportunity right now to disrupt a lot of the old categories.” He pointed out that traditional identities have faced persistent issues that AI could help finally address.
Founded in January, Oak has been under the leadership of Morag, who has a proven track record in the tech industry, having sold cloud security startup Ermetic for a substantial $243.8 million in late 2023, with a two-year tenure as chief product officer at Tenable following the acquisition. Prior to that, he sold endpoint detection and response startup Secdo to Palo Alto Networks, further demonstrating his capabilities in leading successful tech enterprises.
Revolutionizing Identity Governance
In contrast to traditional identity governance platforms, which often depend on manual processes and periodic assessments that lack comprehensive visibility into enterprise identities, Oak is innovating with an AI-native platform. This platform focuses on continuous risk assessment and automation. The unified approach allows for managing not just human users, but also machine identities, service accounts, and AI agents.
“Everything should be more autonomous,” Morag asserted. He added that the conventional methods of identity management, which have been primarily compliance-based, are no longer sufficient. The aim is to implement a risk-based strategy that brings AI into the fold significantly. By continuously gathering detailed information on user activities, entitlements, application permissions, and resource access, Oak offers organizations the ability to fully understand their identity attack surface. This strategic advantage enables better risk decision-making, helping to identify privileged accounts and mapping ownership relationships.
Morag stressed that Oak’s framework could integrate all identity aspects seamlessly, guaranteeing comprehensive oversight of applications. He noted, “If you want to see the full identity attack surface, you really want to understand what’s the authorization and entitlements inside the apps.” This insightful perspective addresses the limitations of traditional identity governance systems, which often overlook critical app-specific entitlements.
Furthermore, the AI-assisted development that Oak employs reduces the time taken to create connectors from months to mere hours. This remarkable efficiency allows organizations to effectively integrate almost every application within their ecosystems. Enhanced integration leads to improved visibility into authorization models, entitlements, and identity relationships, considerably enhancing governance and mitigating security vulnerabilities.
AI Agents: The New Frontier in Identity Management
One of the key innovations introduced by Oak is the concept of AI agents, designed to reduce the manual labor involved in identity governance tasks. These agents analyze contextual information, including peer comparisons and application usage, and leverage that data to recommend or automate most access decisions. This capability not only streamlines operations but also empowers identity teams to focus on areas requiring human intervention.
Morag explained, “We also built a framework of AI agents that work for you as a force multiplier.” These agents can proactively identify issues and risks in a given system, effectively alleviating the operational burden on human teams. He compared the speed at which AI agents operate to that of human identities, which typically move at a slower pace and often necessitate approval workflows.
Morag believes that understanding the interplay between different identity types—human, service accounts, and AI agents—is crucial for effective governance. He highlighted that while service accounts generally execute code predictably, AI agents introduce complexities due to their autonomous decision-making capabilities. This evolution in identity types necessitates a rethinking of traditional governance controls.
As the digital landscape increasingly shifts beyond traditional perimeters, Morag also pointed to the competitive landscape, identifying SailPoint and Saviynt as Oak’s primary competitors. He suggested that many existing vendors still struggle with the architectural limitations of legacy platforms. The current market presents numerous opportunities, especially as many enterprises lack mature identity governance solutions altogether. Morag noted, “Everyone understands right now that 90% of breaches at the end of the day use identity and use entitlements, and that’s probably the biggest attack surface.” With cloud environments becoming the norm, the necessity for robust identity management has never been more pronounced.