Oasis raises USD $120 million for AI access control

Oasis Security has raised USD $120 million in a Series B funding round led by Craft Ventures, bringing total funding to USD $195 million.

The round also included existing investors Cyberstarts, Sequoia Capital and Accel. Founded in 2022, Oasis focuses on managing access for non-human identities and AI agents inside large organisations.

The financing comes as companies add more autonomous software agents and machine identities across internal systems, creating a security challenge for tools originally designed to manage human users rather than software acting on its own.

Over the past year, Oasis says it has seen rapid commercial growth, with new annual recurring revenue increasing fivefold year over year. A majority of its customer base comes from the Fortune 500, and most new annual recurring revenue is tied to multi-year enterprise agreements.

The company argues that access management has become a central issue as businesses expand their use of AI agents. It cited data from Palo Alto Networks showing machine identities outnumber humans by 82 to one, underscoring the scale of the challenge facing security teams.

Access controls

At the centre of the company's pitch is what it calls Agentic Access Management, or AAM. The goal is to control what AI agents and other machine identities can access across corporate systems, and to allow that access only when needed for a specific task.

Its platform is designed to remove standing permissions and replace them with just-in-time access, while applying a single policy layer across different parts of a company's infrastructure. The system also evaluates what a machine or agent is trying to do before granting access.

That approach addresses a growing concern among security leaders that AI agents may receive broad, long-lasting permissions that are difficult to monitor or revoke. In practice, that can create a new class of risk if automated systems can connect to sensitive databases, internal tools or production environments without tight controls.

The software covers a range of access models, including vaulting, federation and temporary permissions. The aim is to give organisations visibility and enforcement before an automated action takes place, rather than relying only on monitoring after the fact.

Investor backing

The latest round was led by Craft Ventures, with support from existing backers, signalling continued investor interest in security tools built around the spread of AI inside large enterprises.

In a market where many security vendors are adapting existing identity tools for machine use, Oasis is positioning itself around the idea that non-human identities need their own governance model. That includes service accounts, software workloads, scripts and AI agents, all of which can accumulate access rights over time.

According to the company, the new funding will be used to expand research and development on its AAM platform. It also plans to broaden support across AI agent frameworks and enterprise systems, while expanding sales operations internationally.

Those priorities reflect what appears to be growing demand from large organisations trying to connect AI tools to existing systems without weakening internal controls. For many enterprises, that challenge sits at the intersection of identity management, cybersecurity and AI deployment.

Customer growth

Oasis says it already works with dozens of Fortune 500 companies. It did not disclose customer names, but said its technology is becoming embedded directly into customers' identity architecture as an access layer for agent-based infrastructure.

That suggests buyers are treating the software as part of core identity and security operations rather than as a limited pilot product. Multi-year agreements may also indicate that customers expect the problem of non-human identity sprawl to grow rather than fade.

The company was founded by Danny Brickman and Amit Zimerman. It argues that AI adoption inside enterprises will depend not just on model quality or workflow design, but on whether organisations can govern what automated systems are allowed to do.

Brickman framed the issue as one of hidden risk created by AI deployment.

"Cybersecurity is defined by how we protect against abnormal and risky events. In the era of AI, that definition is being reshaped by access. Agent value is defined by access, and so is modern risk. Every organization deploying AI agents is taking on access risks they can't yet see. Oasis was built to change that. We're seeing this play out across our customer base: the organizations scaling AI fastest are the ones who treated access as a foundational requirement, not an afterthought. That's the problem Oasis was built to solve," said Danny Brickman, CEO of Oasis.

Craft Ventures said the rise of AI agents is forcing companies to rethink how non-human identities are managed.

"AI is reshaping enterprise infrastructure, and access has become one of the most important control layers in that transition," said Michael Robinson, Partner at Craft Ventures. "As AI agents proliferate, organizations need a fundamentally new approach to managing non-human identities and agentic access. Oasis has emerged as the clear leader in this category, and we are proud to partner with Danny, Amit, and the team as they build the platform defining access management for the agentic era."