Token Security: RSAC 2026 Innovation Sandbox Profile

← Back to comparison

This profile was compiled in March 2026 using AI tooling guided by security product strategy guidance from Lenny Zeltser's MCP server. The analysis was performed by AI without direct human validation, to demonstrate the capabilities of AI agents guided by an expert framework. Outside this demo, a human analyst would conduct iterative conversations with the AI agent to arrive at more accurate conclusions.

Overview Problem Product Competition Traction Team Trust RSAC Criteria Readiness Risks

Executive Summary

Token Security is an Israeli cybersecurity startup securing the identities of AI agents and non-human identities (NHIs) across enterprise environments. Founded in 2023 by two Unit 8200 veterans, the company raised $27M total (including a $20M Series A led by Notable Capital) and has landed enterprise customers such as HPE, HiBob, Udemy, and Elastic. Token Security enters the RSAC 2026 Innovation Sandbox with strong timing: agentic AI adoption is accelerating, and legacy IAM tools were not built to govern autonomous machine identities at scale.

Company Overview

Field	Detail	Evidence
Founded	2023	BusinessWire stealth launch (May 2024)
Headquarters	Tel Aviv, Israel (35 HaMasger St.)	Company website
US Presence	New York (CEO based)	LinkedIn profile of CEO
Total Funding	$27M across 4 rounds	TechCrunch (Jan 2025); Company website
Seed	$7M (May 2024), led by TLV Partners and SNR.vc	BusinessWire (May 2024)
Series A	$20M (Jan 2025), led by Notable Capital	TechCrunch (Jan 2025)
Other Rounds	AWS Startup Loft Accelerator (Feb 2024); Silicon Valley CISO Investments (Sep 2024)	Company website
Stage	Series A	TechCrunch (Jan 2025)
Employees	~30 (47% Israel, 17% US)	Company website
Annual Revenue	~$1M (estimated)	Third-party aggregator data (not company-disclosed)
Key Investors	Notable Capital (led Series A), TLV Partners (led Seed), SNR.vc, Silicon Valley CISO Investments (SVCI)	See investor details below
Angel Investors	Shlomo Kramer (co-founder of Check Point, Imperva, Cato Networks), plus executives from Palo Alto Networks, CrowdStrike, Check Point, and Venafi	PR Newswire (Jan 2025)

Investor Track Records

Notable Capital is a US-based VC with a deep cybersecurity portfolio including Orca Security, Drata, Torq, Gem Security (acquired by Wiz), Nozomi Networks (acquired by Mitsubishi Electric for $1B), and AlienVault (acquired by AT&T). Managing Partner Oren Yunger sits on Token Security’s board and runs Notable’s Rising in Cyber program, which named Token Security a 2025 honoree. (Notable Capital; PR Newswire)

TLV Partners manages over $1B AUM across five funds focused on early-stage Israeli startups. Cybersecurity exits include Aqua Security, Silverfort, Neosec (acquired by Akamai), and Laminar (acquired by Rubrik). Board member Rona Segev is a TLV partner. (TLV Partners; Times of Israel)

Shlomo Kramer co-founded Check Point (first commercial firewall) and Imperva, and is the founding CEO of Cato Networks. Forbes listed his net worth at $2.2B. He wrote the first angel check for Palo Alto Networks, now valued over $100B. His participation signals deep domain conviction. (Wikipedia; Fortune (Mar 2026))

Problem Definition and Market Opportunity

Enterprises now manage 45x more machine identities than human ones, according to Token Security. That ratio is growing as organizations deploy AI agents, microservices, and cloud-native architectures. (PR Newswire)

The problem breaks down into five categories, per Security Boulevard’s analysis:

Identity expansion. Enterprises now run hybrid identity estates of humans, AI agents, and service accounts. Legacy IAM tools were built for human users and do not model autonomous agents.
Scale. Non-human identities are created programmatically across CI/CD pipelines, cloud providers, and SaaS platforms. Manual governance cannot keep pace.
Visibility gaps. Credentials are scattered across code repositories, secrets managers, cloud consoles, and audit logs. No single pane of glass exists in most environments.
Accountability vacuum. When an API token or AI agent acts, tracing that action to a responsible human owner is difficult without purpose-built tooling.
Shadow AI. Employees deploy custom GPTs, copilots, and autonomous agents outside IT oversight, creating unmanaged identity sprawl.

The market is validated by major M&A activity. CyberArk acquired Venafi for $1.54B in 2024, the largest deal in the machine identity space. Oasis Security raised $40M in 2024 for a similar NHI focus. Gartner now tracks “Workload Identity Management” as a distinct market category. (TechCrunch; Gartner Peer Insights)

Real-world breaches reinforce urgency. The 2023 Okta breach exploited a compromised service account. The 2024 Microsoft incident traced back to a machine identity vulnerability. (TechCrunch)

Product Capabilities

Token Security’s platform operates on three pillars: Visibility, Control, and Governance. It uses a four-layer technical architecture. (Company website; Security Boulevard)

Architecture (four layers)

Data Access Layer. Integrates with cloud providers (AWS, Azure, GCP), CI/CD pipelines, IAM systems, GenAI platforms, databases, and secrets vaults.
Real-Time Inventory. Aggregates multi-source signals into a unified NHI model covering service accounts, API keys, AI agents, MCP servers, and certificates.
Risk Engine. Identifies over-authorization, orphaned accounts, sensitive access patterns, and permissions drift. Prioritizes findings by contextual risk.
Risk Map. Visualizes “NHI-authority-resource-dependency” relationships in a graph linking agents, humans, secrets, permissions, and data.

Core capabilities

Continuous Discovery. Automatically discovers AI agents, MCP servers, copilots, service accounts, and autonomous systems across cloud, SaaS, and on-premises environments.
Lifecycle Management. Enforces ownership, tracks creation-to-retirement, and decommissions orphaned identities automatically.
Security Posture Management. Identifies permissions drift, right-sizes access, and eliminates overexposure.
Identity Threat Detection and Response (ITDR). Detects behavioral anomalies and suspicious agent activities in real time.
AI-Driven Remediation. Triggers intelligent remediation workflows based on dynamic risk thresholds.
Intent-Based Least Privilege. Assigns permissions based on agent purpose rather than static credentials.

Notable product releases (2025)

MCP Server for NHI Security (May 2025). Industry’s first Model Context Protocol server enabling natural-language queries against NHI data. (BusinessWire)
AI Discovery Engine and Token AI Agent (Jul 2025). Reveals full scope of AI identities with real-time security insights. (Company blog)
AI Agent Lifecycle Management (Nov 2025). End-to-end governance from discovery through deprovisioning. (Company blog)
AI Privilege Guardian. Free interactive tool for right-sizing AI agent permissions. (Company website)
GPTs Compliance Insights (GCI). Open-source tool for discovering custom GPTs and identifying security gaps. (Company website)
MCP Server Discovery (Jan 2026). Automatic detection and inventory of MCP servers across enterprise environments. (Company website)

Integrations

The platform connects with AWS, Azure, GCP, Kubernetes, Snowflake, identity providers, source code repositories, secrets managers, and CI/CD pipelines. (Company website)

Certifications

ISO 27001 certified. (Company website)

Competitive Positioning

Token Security operates in the non-human identity (NHI) security and workload identity management space. The competitive landscape includes both well-funded startups and large incumbents.

Competitor	Focus	Funding/Status	Differentiation vs. Token
Oasis Security	NHI platform for hybrid environments	$40M+ (Series A extension, 2024)	Broader NHI focus; less emphasis on AI agents specifically
Entro Security	NHI discovery, NHIDR	Private, Israel-based	Strong SDLC integration; less lifecycle governance for AI agents
Astrix Security	NHI and third-party integrations	Private, Israel-based	Focuses on app-to-app connections; narrower AI agent coverage
Aembit	Workload IAM for AI agents	Private	Identity broker model; less discovery/posture management
CyberArk + Venafi	Privileged access + machine identity	$1.54B acquisition (2024)	Enterprise incumbent; not purpose-built for agentic AI
HashiCorp Vault	Secrets management	Public (acquired by IBM, 2024)	Infrastructure tool, not an identity security platform
Silverfort	Unified identity protection	Private, $116M+ raised	Broader identity scope; less NHI-specific

Token Security’s primary differentiator is its focus on AI agent identity as a first-class security domain. While competitors address machine identities broadly (service accounts, API keys, certificates), Token Security specifically targets the emerging category of autonomous AI agents that think, learn, and act independently. The company was one of the first to ship an MCP Server for NHI and AI Agent Lifecycle Management tooling. (Company website; Security Boulevard analysis)

The risk in this positioning is that NHI incumbents like Oasis and Entro could add AI agent governance features, and large players like CyberArk could expand their Venafi acquisition into this space. Token’s advantage depends on speed of execution and depth of AI-native capabilities.

Go-to-Market and Traction

Named customers. HPE, HiBob, Udemy, Elastic, GEHA, Klaviyo, BetterHelp, Lemonade, Bloomreach, Dayforce. These span enterprise software, insurance, edtech, healthcare, and ecommerce. (Company website, company claim, verifiable via customer logos and named CISO testimonials)

Customer testimonials with named CISOs. Tamir Ronen (HiBob Global CISO), Chad Kalmes (Udemy CISO), Mandy Andress (Elastic CISO), Jonathan Jaffe (Lemonade CISO), Brian Kerr (Klaviyo VP), Sharon Cohen (BetterHelp VP), Eric Ullmann (GEHA Director). (Company website, company claims; CISO identities verifiable)

Revenue. Estimated at ~$1M annually per third-party aggregator data. Not publicly disclosed by the company. [Evidence tier: Inferred from third-party aggregator]

Web traffic. 7,410 monthly visits with 311% year-over-year growth. US accounts for 63% of traffic, Israel 22%. (Company website)

LinkedIn. 4,958 followers with 154% year-over-year growth and 2.7% monthly growth. (Company website)

Awards and recognition:

RSAC 2026 Innovation Sandbox Top 10 Finalist. (RSAC)
The Information’s 50 Most Promising Startups of 2025 (Security and B2B category). (Company website)
Notable Capital Rising in Cyber 2025 honoree. (Company website)
Cyber Defense Awards Top InfoSec Innovators 2024. (Company website)
2026 SC Awards finalist: Most Promising Early-Stage Startup and Best Emerging Technology. (GlobeNewswire)

Thought leadership. Co-authored “AI Security Guide: A Maturity Model for Secure Agentic AI Adoption” with Descope and industry CISOs. Launched Token Research division for AI/machine identity threat intelligence. Presented at Identiverse 2025 and fwd:cloudsec. Speaking at Gartner IAM Summit 2026. (Company blog; LinkedIn activity)

GTM expansion. Hired VP Sales (Walt Carrington), VP Marketing (Russell Miller), and Head of Product (Oron Kaiser) to scale go-to-market. Expanded leadership team in January 2026. (GlobeNewswire; token.security/company/about)

Team and Credibility

Founders

Itamar Apelblat, CEO and Co-Founder. 14+ years of experience. Spent 9 years (2009-2018) at Israeli Military Intelligence Unit 8200 in security research and development roles, rising from researcher to team leader to consultant. Previously co-founded Fibo (fintech, 2018-2022) as CTO. Holds a B.Sc. in Computer Science from IDC Herzliya (Reichman University) and completed the Zell Entrepreneurship Program. NYU Paths to Peace fellow. Based in New York. (LinkedIn)

Ido Shlomo, CTO and Co-Founder. 15+ years of experience. Spent 13 years (2009-2022) at Unit 8200, rising from security researcher to Cybersecurity R&D Team Commander, Section Commander, and ultimately Cyber Security Branch Commander. This is a notably senior military career. Attended Reichman University (IDC Herzliya). Based in Tel Aviv. (LinkedIn)

Both founders served at Unit 8200 during overlapping years (2009-2018), which is where they likely developed their working relationship. The founding story originated from a real incident: at a prior role, Apelblat discovered an old contractor service account with full organizational access, highlighting the NHI governance gap. (TechCrunch)

Leadership Team

Name	Title	Background
Walt Carrington	VP Sales	Prior: SailPoint (global Manager of the Year), Salesforce. (LinkedIn)
Russell Miller	VP Marketing	3x cybersecurity marketing VP. Prior: Immersive, Apiiro (VP Marketing, won RSA Innovation Sandbox), Cisco CloudLock. MIT Sloan MBA. (LinkedIn)
Oron Kaiser	Head of Product	Prior: MineOS (Head of Product), Demostack, monday.com. Unit 8200 veteran (2008-2013). (LinkedIn)
Yahav Cohen	Head of Engineering	Promoted internally from core team engineer (Aug 2023) to team lead to Head of Engineering (Jan 2025). Prior: Vulcan Cyber, ViewersLogic. (LinkedIn)

Board Members

Oren Yunger, Managing Partner at Notable Capital. Leads Notable’s cybersecurity practice and Rising in Cyber initiative. (Company website)
Rona Segev, Partner at TLV Partners. (Company website)

Team Composition

The 30-person team skews technical (19%) and senior (23%), with talent sourced from Unit 8200 (3 alumni), Microsoft (2), Authomize/Delinea (3), and Opal Security (2). The Authomize connection is notable: Authomize was an identity security startup acquired by Delinea, suggesting Token has recruited domain-experienced engineers. (Company website)

Trust Readiness

ISO 27001 certified. (Company website, company claim, verifiable)
SOC 2. Not publicly disclosed.
Data handling. The platform integrates with existing infrastructure via APIs and does not appear to require inline deployment. Specific data residency and processing details are not publicly disclosed.
Open-source contributions. GPTs Compliance Insights (GCI) is released as an open-source tool. (Company website)
Pricing. Not publicly disclosed. Demo available via request. (Company website)

RSAC Judging Criteria

Token Security will present on March 23, 2026, to judges from Morgan Stanley, JPMorganChase, Verizon, Capitol Meridian Partners, and independent cybersecurity research. (GlobeNewswire)

RSAC does not publish an official judging rubric. The five criteria below are extrapolated from press descriptions of what judges evaluate: the problem a company addresses, the originality of its technology, its go-to-market strategy and team, market validation, and product demonstration.

Criterion	Score (1-5)	Assessment
Problem/Market	5	NHI and AI agent security is a top-tier enterprise concern in 2026. Validated by CyberArk’s $1.54B Venafi acquisition, Gartner’s new Workload Identity Management category, and accelerating enterprise agentic AI adoption. Timing is excellent.
IP Originality	4	The “machine-first” and “AI agent as first-class identity” framing is differentiated. Four-layer architecture with intent-based permissioning and MCP Server integration shows technical depth. However, the NHI space is crowded with well-funded competitors (Oasis, Entro, Astrix), so Token must demonstrate clear technical moats.
GTM/Team	4	Both founders bring deep Unit 8200 backgrounds. Shlomo Kramer’s angel investment adds credibility. Notable Capital and TLV Partners provide strong cybersecurity networks. Recent GTM hires (VP Sales, VP Marketing, Head of Product) signal commercial readiness. First-time founders are a minor risk, though Apelblat previously co-founded Fibo.
Validation/Revenue	3	Named enterprise customers (HP, Elastic, Udemy, HiBob, Klaviyo, Lemonade) with CISO testimonials are strong signals. However, estimated revenue is only ~$1M, and contract sizes/ARR are not disclosed. The company is still very early in commercial traction.
Product/Demo	4	Product has been in market since May 2024 stealth launch. Multiple product releases throughout 2025 show rapid iteration. MCP Server, AI Discovery Engine, and Lifecycle Management are all shipped products. Free tools (AI Privilege Guardian, GCI) provide on-ramps. Demo is available.

Overall RSAC Fit: 20/25. Token Security is a strong contender. The timing of agentic AI security aligns perfectly with the 2026 Innovation Sandbox theme. The company checks most boxes: real problem, shipped product, credible founders, enterprise customers, and quality investors.

Startup Readiness Assessment

This eight-dimension assessment appears in the comparison matrix on the main page. It evaluates broader startup readiness using dimensions from the security product analysis framework. Five dimensions overlap with the RSAC criteria above. Three are added: funding efficiency, category clarity, and incumbent defensibility.

Dimension	Score (1-5)	Assessment
Problem Clarity	5	NHI and AI agent security is validated by CyberArk’s $1.54B Venafi acquisition, Gartner’s new Workload Identity Management category, and a 45x machine-to-human identity ratio that keeps growing.
Capability Depth	4	Four-layer architecture with intent-based permissioning, MCP Server integration, and shipped AI Discovery and Lifecycle Management tools. The NHI space is crowded, so sustained differentiation requires continuous depth.
Market Timing	5	Enterprise agentic AI adoption is accelerating while legacy IAM tools cannot govern autonomous machine identities. Regulatory and analyst attention reinforces urgency.
Team Credibility	4	Both founders are Unit 8200 veterans. Shlomo Kramer’s angel check and backing from Notable Capital and TLV Partners add domain credibility. First-time founders are a minor risk, offset by Apelblat’s prior co-founding experience at Fibo.
GTM Proof	4	Ten named enterprise customers including HPE, Elastic, and Udemy, with published CISO testimonials. Revenue is estimated at only ~$1M, so commercial traction is still early despite strong logo coverage.
Funding Efficiency	4	$27M raised for ~30 employees across four rounds, with a strong investor syndicate and recent GTM leadership hires. Burn rate is manageable at this stage, though revenue must accelerate before the next raise.
Category Clarity	4	”Machine-first identity security” and “AI agent identity” are well-defined terms that map to Gartner’s Workload Identity Management category. Boundaries with NHI, secrets management, and AI governance remain somewhat blurry.
Incumbent Defensibility	3	CyberArk/Venafi has massive resources to expand into AI agent governance. Oasis, Entro, and Astrix compete directly. Cloud providers and identity platforms could build native agent governance, narrowing Token’s standalone opportunity.

Overall: 33/40.

Key Risks

Crowded NHI market. Oasis Security ($40M+ raised), Entro Security, and Astrix Security compete directly. CyberArk’s Venafi acquisition gives them massive resources to expand into AI agent governance. Token must out-execute on AI-specific features to stay ahead.
Early revenue. At ~$1M estimated annual revenue with 30 employees, the company has a high burn rate relative to commercial traction. The Series A runway will need to translate into meaningful ARR growth before the next raise.
First-time founders in a sales-intensive market. Enterprise identity security requires long sales cycles and relationships with CISOs. The recent VP Sales hire addresses this, but the team is unproven at scaling enterprise GTM.
Platform dependency risk. If major cloud providers (AWS, Azure, GCP) or identity platforms (Okta, Microsoft Entra) build native AI agent governance features, Token’s standalone value proposition could narrow.
Market definition ambiguity. The boundary between NHI security, workload identity management, secrets management, and AI agent governance is blurry. Token needs to own a clear category to avoid being absorbed into an adjacent market.
Geographic concentration. 47% of employees are in Israel with most technical talent there. US commercial expansion requires building a distributed sales and customer success organization.

Sources

← Back to comparison