Startup Axis Security looks to redefine private application access

While the Axis Application Access Cloud is a long-term VPN replacement, it also lets users connect to apps without touching the network, making it ideal for managing partners and contractors.

Axis Security co-founders Dor Knafo (L) and Gil Azrielant (R)

Today San Mateo CA-based Axis Security is emerging from stealth. The company uses a zero-trust model to provide cloud-native private application access that is both simple and secure. With an agentless model that touches neither the network nor the applications, the company’s Axis Application Access Cloud is well suited for managing external users like contractors and partners. Out of the gate, they are selling through a SaaS model to large enterprises, although the midmarket is in the longer-term roadmap. And while they are selling direct initially, they are already working on broadening out a channel strategy that will include both VARs and MSSPs.

Axis also announced that they have raised a total of $17 million in funding, with venture firm Cyberstarts providing the seed funding and Ten Eleven Ventures leading the Series A round. The investors include Dan Amiga, founder of Fireglass, and board of director member Michael Fey, former president of Symantec and Blue Coat, both of whom have a connection to Axis’s CEO and the origin of its technology.

“I worked at Fireglass, a web isolation company, for almost five years,” said Dor Knafo, Axis Security’s CEO and co-founder. “It was a successful startup acquired by Symantec in 2017. People used Web isolation technology in interesting ways, including as a reverse proxy to expose their applications to contractors and employees working at home securely – without giving them network access. Moving them from the network using web isolation technology is a purpose-built solution to solve the problem.”

Knafo said that larger companies have multiple use cases where this technology has value.

“The Fortune 500 companies we talk with are struggling with many different challenges around complex networks and solutions, where they have to manage employees and identities,” he said. “We are focused on connecting users to applications, not specifically replacing a network or VPN.”

Replacing the VPN, a 1990s technology, has attracted a lot of interest from tech startups in recent years, and while that’s not Axis’s primary purpose, it is certainly part of the long-term vision.

“Many are trying to replace the VPN now, but we have identified that this will help customers today as well as five years from now, when they finally do replace their VPN,” said Gil Azrielant, Axis’s CTO and co-founder. “Until then, they can use it to interact with third party contractors while the VPN is still on.”

“It’s interesting how much that has come up in early conservations — third party contractors and M&A cases,” noted Tamir Hardof, Axis Security’s CMO. “It’s a high priority pain point for them to address.”

“The contractor and partner access is a big issue for them, and many customers have said this resonated for them,” Knafo added. “They want secure and simple access to these people.”

The security comes from the way the company uses its zero trust access technology.

“As opposed to practically all solutions, we have a continuous authorization approach,” Azrielant said. “Every request is validated against a protocol. This provides security with so much more visibility.”

Tamir Hardof, Axis Security’s CMO

“Some zero trust solutions that address access to applications are complex to deploy and manage around the network,” Hardof said. “We are an application layer overlay and can avoid the network complexity. That’s really important to customers. Simplicity is a key differentiation for us.”

Because Axis’ technology intersects with several others, and because they address multiple use cases, they have a lot of competition.

in many cases we replace VPN when it is necessary, so the VPN players are competitors,” Knafo indicated. “Application Delivery Controller players do it the wrong way, but they are also in this market. Zscaler’s private access solution  provides a replacement, but we are closer to the applications and the users.”

In their early proof-of-concept stage, Axis has focused on very large customers.

“Today, we are focused on those big enterprises that require complex management capabilities,” Knafo said. “We sell it directly to CISOs and we believe the addressable market, because we are SaaS, is those that are highly regulated, like banks, who haven’t wanted to work with SaaS before. It’s not a vertically specific application, however.

“We believe the demand also exists in the midmarket, but it’s too early to tell,” Knafo continued. “Many of my friends that are in big companies say we should go midmarket in later stages.”

The channel is clearly situated in Axis’ plans.

“Everyone involved here is channel friendly and comes from a channel background,” said Hardof, which that background in his case being from CheckPoint and Juniper. “We are talking to some channel partners now about working together down the road. The product is being developed with the channel in mind – both VAR type reseller and MSSP type relationships. In cybersecurity, a lot of customers rely on channel relationships and we see it as an important model for us.”

The Axis Security Application Access Cloud is available now as a SaaS application.