Defakto Raises $30.75M to Eliminate Static Secrets for AI Agent Deployments
Defakto has secured $30.75 million in Series B funding led by XYZ Venture Capital to address a critical enterprise security bottleneck: non-human identities now outnumber employees 45:1, yet most organizations still rely on static credentials that create massive attack surfaces for AI agent deployments.
The fundamental problem is architectural—legacy identity systems designed for human users can’t handle the scale and dynamism of modern AI agent infrastructure, where services, workloads, machines, pipelines, and AI agents need secure authentication without exposing static secrets.
The Static Credential Crisis
Enterprise AI deployments face a compound identity crisis. Traditional approaches rely on API keys, long-lived tokens, and service accounts that create what Defakto calls “vault sprawl” and “service account bloat.” Every AI agent deployment multiplies these static secrets across pipelines, clouds, and automated systems.
“Every enterprise has invested in securing its people. But non-humans are now the majority of users, and their identities are still governed by outdated, secret-based models that create mounting technical debt,” said Danny Oliveri, Defakto’s co-founder and CEO.
The scale of the problem becomes apparent in enterprise environments where thousands of AI agents need secure access to databases, APIs, and cloud resources. Each agent typically requires multiple credentials, creating a sprawling network of static secrets that security teams struggle to manage, rotate, and monitor.
Dynamic Identity Architecture
Defakto’s approach eliminates static credentials entirely, replacing them with dynamic, verifiable identities that adapt to the ephemeral nature of AI agent workloads. The platform provides end-to-end non-human identity lifecycle management across AWS, Azure, GCP, and hybrid environments.
The company’s architecture builds on proven standards like SPIFFE (Secure Production Identity Framework For Everyone) and WIMSE (Workload Identity in Multi-System Environments) to ensure interoperability while eliminating the need for vault-stored secrets.
Co-founder and CTO Eli Nesterov, who led one of the world’s largest SPIFFE deployments, experienced firsthand how legacy solutions failed at scale. “Enterprises today can’t enter the age of AI on a foundation of static secrets and overprivileged access. Defakto replaces that legacy model with dynamic identity, transforming security from a liability into an enabler.”
Enterprise Adoption Evidence
The funding round attracted continued participation from The General Partnership, Bloomberg Beta, WndrCo, Adverb Ventures, and J.P. Morgan, plus industry veteran Michael Coates, former CISO of Twitter. This investor profile reflects the enterprise security market’s recognition that non-human identity management has become unavoidable.
Defakto already serves several Global 2000 enterprises, securing their non-human identities at scale. The company’s customers report eliminating vault sprawl while achieving seamless integration into existing development pipelines without friction.
The platform’s developer-first approach distinguishes it from traditional PAM (Privileged Access Management) solutions that weren’t designed for the automation-heavy requirements of AI agent deployments.
Market Infrastructure Shift
XYZ Venture Capital Managing Partner Ross Fubini highlighted the fundamental nature of the identity transition: “The shift to automation and AI makes non-human identity management unavoidable—every enterprise will need to solve this, and most are just starting to realize how deep the problem goes.”
This reflects a broader infrastructure maturation pattern where enterprises move from managing AI agents as edge cases within human-centric security models to architecting identity systems purpose-built for automated actors.
Bloomberg Beta Partner James Cham emphasized the timing: “What makes Defakto’s work groundbreaking is that it doesn’t just solve today’s problems, it creates the foundation for enterprises to embrace automation and AI with confidence for decades to come.”
AI-Ready Security Foundation
The Series B funding will accelerate product development and expand go-to-market efforts to establish Defakto as the standard for non-human identity security. The company positions itself as providing “AI-ready security” that gives enterprise AI agents real identities to operate safely at scale.
This addresses a critical deployment bottleneck where enterprises struggle to grant AI agents appropriate access privileges without exposing credentials that could be exploited if agents are compromised or behave unexpectedly.
The platform’s ability to provide granular, dynamic access controls becomes essential as enterprises deploy AI agents across regulated industries where auditability and compliance require clear identity trails for all automated actions.
Looking Forward
The non-human identity market represents a fundamental infrastructure category that will grow alongside AI agent adoption. As enterprises move beyond experimental AI pilots to production deployments, the security foundation must scale to support thousands of autonomous agents operating with minimal human oversight.
Defakto’s elimination of static secrets—rather than better management of them—signals the architectural rethinking required for enterprise AI infrastructure. The next 12-18 months will likely see enterprises architectural proper identity foundations or face competitive disadvantage as AI deployment velocity becomes a strategic differentiator.
The convergence of AI agents and enterprise security infrastructure continues to create new categories of specialized platforms. Defakto’s approach to non-human identity reflects the broader transition from human-centric security models to infrastructure designed for autonomous systems operating at machine speed and scale.
For enterprises building AI agent orchestration platforms, Overclock provides complementary infrastructure for coordinating complex agent workflows while integrating with enterprise identity and security systems like Defakto’s dynamic identity platform.