Veza, a leader in identity security innovation, has closed a $108 million Series D funding round led by New Enterprise Associates (NEA), joined by new investors Atlassian Ventures, Workday Ventures, and Snowflake Ventures. This latest investment, which also includes continued support from Accel, GV (Google Ventures), True Ventures, Norwest, Ballistic Ventures, J.P. Morgan, and Blackstone Innovations Investments, brings Veza’s total funding to $235 million. The company plans to use this capital infusion to accelerate its global go-to-market operations and advance its product development initiatives, meeting the growing demand for a modern approach to securing identity access.
Veza’s success reflects a broader shift in how enterprises are confronting the challenges of identity security. The company has solidified a strong product-market fit with its unified identity security platform, already protecting millions of users across major organizations, including Fortune 1000 giants such as Blackstone, CapitalOne, Intuit, Sallie Mae, and Snowflake. By addressing the shortcomings of traditional identity access management (IAM) systems, Veza provides enterprises with the tools needed to transition toward a truly data-driven, risk-reducing access control strategy.
Aaron Jacobson, Partner at NEA, emphasized the critical nature of this moment in cybersecurity, explaining that legacy identity access providers no longer meet the demands of modern enterprises. He praised Veza for its product innovation and its ability to deliver practical, impactful solutions. Tarun Thakur, Veza’s Co-Founder and CEO, echoed this sentiment, highlighting that identity has become the central front in cybersecurity battles. As organizations face increasingly sophisticated threats, Veza’s unified data model—which maps permissions, entitlements, and user activity—provides a foundation for smarter operational decisions and brings businesses closer to achieving least-privilege access control. Thakur also pointed to the urgent need for an evolved model, particularly as enterprises adopt generative AI (Gen AI), large language models (LLMs), and AI agents at an accelerating pace.
The complexity of managing enterprise access permissions today is staggering. Josh DeFigueiredo, Senior Vice President and Chief Information Security Officer at Workday, underscored the importance of Veza’s solution, explaining that answering fundamental questions about user access—what a user can access, what they can do with it, and what access they actually need—has become immensely difficult. Veza’s visibility and intelligence empower organizations like Workday to ensure that access is appropriately assigned, minimizing security risks.
Veza’s financial and operational momentum over the past year signals its ascension into the top tier of cybersecurity innovators. The company more than doubled its annual recurring revenue (ARR) year-over-year, expanded its customer base by securing ten Fortune 500 and sixteen Fortune 1000 companies across diverse sectors, and achieved an enterprise Net Revenue Retention (NRR) rate nearing 150%. Its workforce now exceeds 190 employees globally, with plans to add 30 to 40 new hires each quarter throughout the year. Veza also earned a flawless 100% “Willingness to Recommend” score on Gartner® Peer Insights™ Voice of the Customer for Identity Governance and Administration (IGA) as of October 2024.
Product innovation remains at the heart of Veza’s strategy. The company expanded its capabilities significantly by launching Access AI and Access Requests products, introducing Role Recommendations and Access Hub features, and integrating with over 250 systems including CrowdStrike, Snowflake, and Oracle platforms. Managing more than 20 billion permissions, Veza provides unmatched insights into the chaos many organizations face: a vast, unmanaged sprawl of entitlements and permissions that traditional tools are ill-equipped to handle—an issue only compounded by the rise of AI and autonomous systems.
Expert voices from across the cybersecurity landscape have endorsed Veza’s approach. Gartner’s recent research stresses the need for identity-first strategies, moving beyond perimeter-based security models. Kevin Mandia, founder of Mandiant, pointed out that identity is becoming the new core of cybersecurity, with Veza leading the way in unifying and automating identity control. Dave Zilberman of Norwest and Jake Seid of Ballistic Ventures both recognized Veza’s critical role in helping enterprises adapt to increasingly fragmented digital environments, where managing millions of human and non-human identities demands a far more intelligent, scalable solution.
Michael Magaro of Workday highlighted Veza’s access graph innovation and the trust it has earned among customers. John Stecher, CTO of Blackstone, praised Veza’s relentless speed of execution and ability to innovate rapidly, positioning it to capture a leading role in shaping the next generation of enterprise security.
Eric Wolford of Accel Partners framed Veza’s work as a vital response to the surge in identity-based attacks that accompany SaaS, cloud, and AI proliferation. Karim Faris of GV described Veza’s development of a unified identity-to-data authorization layer as a foundational step toward resolving the governance and security challenges of multi-cloud environments.
Peter Lenke from Atlassian Ventures pointed to the practical value of Veza’s integration with Atlassian Jira, enabling real-time monitoring of access requests and providing actionable intelligence across sprawling enterprise infrastructures.
As organizations rush to adopt Gen AI, agentic AI, and increasingly decentralized computing models, the question of who can access what—and under what circumstances—has never been more urgent. Veza’s modern approach, built on a clear understanding of data permissions and operational realities, is not just a security enhancement; it is fast becoming an operational necessity for the digital enterprises of the future.
Leave a Reply