Led by XYZ Ventures, NHI platform positioned to secure every automated interaction across workloads, pipelines, AI agents, and multi-cloud environments
PALO ALTO, CA / ACCESS Newswire / October 21, 2025 / Defakto, the Non-Human Identity security company formerly known as SPIRL, today announced a $30.75 million Series B funding round led by XYZ Venture Capital with continued participation from The General Partnership, Bloomberg Beta and WndrCo. Coinciding with its launch, Defakto introduces the first complete Non-Human Identity and Access Management Platform purpose-built to secure every automated interaction, replacing static credentials and overprivileged service accounts with dynamic, verifiable identities for all non-human actors, from services, workloads and machines to pipelines and AI agents.
In most enterprises, non-human identities outnumber employees 45:1, yet modern infrastructure still runs on static secrets, API keys, long-lived tokens, and service accounts. The result is vault sprawl, service account bloat, and static secrets scattered across pipelines, clouds, and AI.
Legacy security approaches were designed for a world where human users were the primary actors. However, automated systems are creating a sprawling network of non-human identities, each with its own set of credentials and access privileges. This reliance on static credentials, overprivileged access, and manual management creates a massive, under-protected attack surface that is now a leading cause of data breaches.
"Every enterprise has invested in securing its people. But non-humans are now the majority of users, and their identities are still governed by outdated, secret-based models that create mounting technical debt," said Danny Oliveri, Cofounder and CEO of Defakto. "We didn't build another tool to give you more visibility or manage secrets. We built a platform to eradicate them, eliminate overprivileged access, and give enterprises the same foundation for machines and AI that IAM gave them for people."
"The shift to automation and AI makes non-human identity management unavoidable-every enterprise will need to solve this, and most are just starting to realize how deep the problem goes," said Ross Fubini, Managing Partner at XYZ Venture Capital. "Defakto has the only real answer we've seen. They're not managing secrets better; they're eliminating the need for them entirely. That's the kind of rethinking that defines a category."
Defakto tackles this problem head-on, providing:
- The Only Complete Non-Human IAM Platform 
 Purpose-built for end-to-end non-human identity lifecycle management.
- Proven, Standards-Based 
 Grounded in proven standards like SPIFFE and WIMSE for interoperability and future-proofing.
- Secrets, Eliminated 
 Removes static keys, tokens, and vault clutter that attackers exploit.
- Built for Developers 
 Security that integrates seamlessly into pipelines and workflows without friction.
- AI-Ready Security 
 Gives enterprise AI agents real identities to operate safely and at scale.
- One Platform for Multiple Clouds 
 Unifies identity across AWS, Azure, GCP, and hybrid environments.
The Company was founded by Eli Nesterov and Danny Oliveri. Nesterov, who led one of the world's largest SPIFFE deployments, experienced firsthand how legacy solutions failed to keep up with the scale and speed of modern infrastructure. For his part, Oliveri strengthens Defakto's vision and execution through decades of experience launching breakthrough security products. Defakto's customers include Global 2000 enterprises, securing their non-human identities at scale.
"Enterprises today can't enter the age of AI on a foundation of static secrets and overprivileged access," said Eli Nesterov, Cofounder and Chief Technology Officer of Defakto. "Defakto replaces that legacy model with dynamic identity, transforming security from a liability into an enabler. This is the future of infrastructure: autonomous, inherently secure, governable, and limitless in scale."
"Defakto is tackling one of the hardest problems in enterprise security-managing non-human identity at scale. With the growth of AI in enterprise, the problem will only get more complex. Watching Danny, Eli, and the team turn that vision into enterprise infrastructure that companies can depend on has been impressive, and we've been fortunate to build alongside them as they defined this new category," said Daniel Portillo, Cofounder of The General Partnership.
"What makes Defakto's work groundbreaking is that it doesn't just solve today's problems, it creates the foundation for enterprises to embrace automation and AI with confidence for decades to come because of their record of success with some of the biggest, most demanding customers in the world," said James Cham, Partner at Bloomberg Beta.
The Series B funding will be used to accelerate product development, expand go-to-market efforts, and further establish Defakto as the de facto standard for securing non-human identity. The round also included continued participation from Michael Coates (former CISO of Twitter), Adverb Ventures, and J.P. Morgan.
About Defakto
Defakto secures the next era of automation with the only complete Non-Human IAM platform, purpose-built for end-to-end NHI lifecycle management. By eliminating static secrets and overprivileged accounts, Defakto helps enterprises reduce breach risk, simplify compliance, and scale automation with confidence. Trusted by Global 2000 companies, Defakto was founded by leaders in large-scale identity deployments. The platform secures every automated interaction across workloads, pipelines, multi-cloud environments, and AI agents. Backed by XYZ, The General Partnership, and WndrCo, Defakto is defining the future of IAM for a world powered by automation.
Learn more at: www.defakto.security
Media Contact:
Escalate PR on behalf of Defakto
Defakto@EscalatePR.com
SOURCE: Defakto
View the original press release on ACCESS Newswire
