In a major boost to the identity security ecosystem, California-based startup Veza announced that it has raised $108 million in fresh funding. The round was led by New Enterprise Associates (NEA), with participation from existing investors such as Accel, Google Ventures, and Founders Fund. This investment solidifies Veza’s position as one of the fastest-growing cybersecurity startups in the access governance and identity security space.
With this capital infusion, Veza plans to accelerate product development, expand its engineering and sales teams, and scale its operations across new global markets. The company also aims to deepen its enterprise offerings, enhance its AI capabilities, and further develop its integration with leading cloud platforms and SaaS providers.
What Veza Solves: The Identity Security Challenge
Veza entered the market with a sharp focus on one of the most pressing cybersecurity problems of the modern cloud era—identity and access security. In a time when organizations store and process sensitive data across hybrid environments, security leaders face a critical question: Who can take what action on what data?
Traditional identity and access management (IAM) tools often fail to deliver visibility across modern tech stacks. Organizations deploy these tools to assign roles and permissions, but they rarely gain a full understanding of how those permissions translate to real-world data access. Shadow permissions, misconfigurations, and overly permissive access policies expose companies to massive security risks.
Veza’s platform directly addresses this issue. It provides visibility into who has access to what, why they have that access, and what they can do with it. The company combines identity data from cloud platforms (like AWS, GCP, Azure) and SaaS tools (like GitHub, Salesforce, Snowflake) to offer a unified view of access rights across the enterprise.
By doing so, Veza enables security teams to enforce least privilege principles, audit permissions accurately, and manage access across rapidly scaling digital environments.
How Veza’s Platform Works
Veza built its platform on the concept of authorization metadata modeling. Instead of just reading IAM roles and static permission files, Veza translates these roles into real-time access relationships.
Here’s how it works:
- Ingestion: The platform connects to identity providers (like Okta, Azure AD) and infrastructure sources (like AWS, GCP, and GitHub).
- Normalization: It translates permissions into human-readable formats using a universal access graph.
- Visualization: It provides dashboards and workflows where security and compliance teams can track access, enforce policies, and take corrective action.
- Remediation: It allows teams to revoke unnecessary access instantly, automate access reviews, and enforce zero-trust principles at scale.
Veza also incorporates AI-based anomaly detection to identify risky behavior patterns, such as privilege escalation or dormant admin accounts. Organizations use this intelligence to act proactively, preventing internal threats and ensuring compliance with regulatory standards like SOC 2, HIPAA, and GDPR.
How the Company Plans to Use the $108 Million
Veza’s executive team laid out a clear roadmap for deploying the new capital. The company plans to allocate the funding across four key growth areas:
1. Product Innovation
Veza will invest heavily in R&D to build new modules and features. These include:
- Context-aware access policy recommendations
- Enhanced support for Kubernetes and microservices environments
- Role mining automation for complex enterprises
- Native integrations with AI model deployment tools
The company also plans to roll out multi-language support to serve global enterprises and build industry-specific policy templates for sectors like healthcare, banking, and government.
2. Global Expansion
Veza will open new offices in London, Singapore, and Bangalore to support regional clients. The company already serves several Fortune 500 clients in North America and Europe, and now wants to deepen its presence in Asia-Pacific and the Middle East.
To support this growth, Veza will hire regional sales, marketing, and solution engineering teams. It also plans to launch data residency-compliant versions of its platform to meet local regulatory requirements.
3. Go-to-Market Acceleration
Veza plans to expand its direct sales force and channel partnerships. The company will also build out a global partner ecosystem of MSSPs (Managed Security Service Providers), GSI (Global System Integrators), and advisory firms.
As enterprise budgets shift toward zero-trust and identity-centric security, Veza intends to capture demand through joint offerings and co-branded services.
4. Community and Developer Engagement
Veza plans to launch a dedicated developer portal with open APIs, SDKs, and documentation. The platform will allow enterprise developers to build custom workflows, automate access governance, and extend integrations with internal systems.
The company also plans to launch Veza Labs, a community initiative for CISOs, IAM professionals, and developers to share best practices, contribute use cases, and collaborate on identity security innovation.
Customer Success and Use Cases
Several industry-leading organizations already use Veza’s platform to manage access governance across thousands of users and systems. Here are a few examples:
- A major retail chain used Veza to detect misconfigured roles that gave 200 employees unnecessary access to sensitive sales data. With Veza’s help, the company reduced those permissions by 85% and passed a key audit ahead of schedule.
- A global fintech firm integrated Veza with its cloud infrastructure to implement just-in-time access for developers. This move decreased the company’s exposure window to potential insider threats by 72%.
- A healthcare provider used Veza to manage access across HIPAA-regulated systems and ensure secure patient data handling. The platform helped the provider reduce policy violation incidents and improved regulatory compliance metrics.
These case studies prove that Veza’s platform solves real-world problems and delivers measurable results.
Industry Experts Applaud Veza’s Approach
Cybersecurity experts and investors praised Veza’s differentiated approach. NEA’s General Partner, who led the funding round, emphasized Veza’s vision. “Identity security will define the next decade of cybersecurity. Veza provides unparalleled access clarity and empowers companies to enforce security proactively.”
Analysts noted that while traditional IAM vendors focus on provisioning and lifecycle management, Veza takes a real-time, visibility-first approach. This shift allows enterprises to spot and resolve issues before they become vulnerabilities.
Leadership Team and Strategic Direction
Veza’s leadership team brings deep experience from companies like Google, Okta, and Palo Alto Networks. The CEO, co-founder, and core product architects have spent years studying authorization challenges in cloud-native environments.
They plan to maintain a product-led culture, with customer feedback driving every roadmap decision. The team also promotes diversity and inclusion within its global hiring efforts, believing that a diverse team helps build stronger security tools for global enterprises.
Looking Ahead: IPO and Long-Term Vision
Veza has not officially announced IPO plans, but industry insiders speculate that the company could explore public markets within the next three years. The company has already built a strong reputation among CISOs and IT security leaders, and it expects revenue to grow 4x in the next 18 months.
Veza wants to become the gold standard in identity security, and with its new funding, the company now holds the capital and momentum to pursue that goal aggressively.
Conclusion: Veza Builds the Future of Identity Security
With this $108 million funding round, Veza has positioned itself at the forefront of the identity security revolution. It solves a problem that touches every modern enterprise—access governance—and does it with clarity, speed, and intelligence.
As cloud adoption continues to surge and regulatory scrutiny intensifies, companies must answer the question, “Who can do what with which data?” Veza gives them that answer in real time.
By expanding globally, investing in product innovation, and engaging a strong partner ecosystem, Veza continues to lead the charge in transforming how organizations protect digital identities—and in doing so, it helps build a safer digital world.