Passwordless security startup SecureW2 Inc. said today it has closed on a hefty $80 million funding round from the software-focused venture capital firm Insight Partners LLC.

The funds will be used by the startup to accelerate its market expansion and the development of its security platform and hire new talent.

SecureW2 has built a zero-trust platform that makes it simple for companies to use certificate-driven authentication from identity and management software providers such as Okta Inc., Jamf Software LLC and Microsoft Azure. With its platform, this secure information can be used to automate dynamically the authorization of access to Wi-Fi, applications, virtual private networks and desktop logins. It works by leveraging digital certificates to ensure a frictionless login process for end users.

SecureW2 co-founder and Chief Executive Bert Kashyap said one of the main differences with his company’s platform and other zero-trust security providers is that its use of digital certificates makes passwordless security easier to consume, both from an information technology perspective, and also from the user perspective. Passwordless security is combined with zero-trust authentication of digital certificates for network services, something that Kashyap said is unique in the industry.

“This lays the foundation for digital certificates to be integrated into other zero-trust platforms too,” the CEO added. “Those platforms can benefit greatly from a centralized certificate ecosystem, such as by layering in device trust and user trust. Apple’s and Google’s recent push for device attestation via certificates is a great example of using certificates to ensure the authenticity of their devices and raises the bar for zero-trust.”

One of the biggest advantages of SecureW2’s platform is the insights it provides to administrators, with its reliance on security certificates providing greater context. For example, admins can quickly see who and what type of user is accessing an individual service or app, they can check what type of device being used is and see whether it’s corporate-issued or personal, and they can understand when and how specific users were authorized for access. It also provides data on each user’s role within the organization, and the conditions and restrictions attached to each one.

Kashyap saidSecureW2’s certificate-driven approach to authentication is superior to traditional identity-based authentication that relies on passwords. “There are security concerns with passwords, and the addition of multifactor authentication makes it less user-friendly,” he explained. “Certificate-based authentication is also more versatile and can be layered with other authentication approaches to form the basis of combined user/device trust, along with MFA.”

Admins also benefit from having a single pane of glass to control certificate lifecycle management, plus the ability to integrate SecureW2’s software with almost every popular device management system. What’s more, security teams can create their own custom certificates to customize access according to their organization’s requirements.

Kashyap said SecureW2’s software has already enabled millions of users and devices at thousands of organizations to adopt a modern, certificate-based approach to authorizing access, in line with zero-trust security principals that shift access controls from the perimeter to individual devices and users. With zero-trust security, employees can work securely from any location without the need for a traditional virtual private network.

Looking forward, Kashyap said, the association with Insight Partners would bring immediate benefits to existing customers. For instance, he said Insight Partners has dozens of cybersecurity startups within its portfolio, and SecureW2 will have the opportunity to work more closely with those companies. “As a result of this partnership, SecureW2 will be accelerating new products and channels to market and adding integrations to our ever-broadening ecosystem of technology partners,” he promised.

The startup has already announced a number of innovations this year alone, expanding its passwordless infrastructure access to application security access, thanks to the expanded capabilities of Microsoft’s Azure certificate-based authentication capabilities. In addition, it recently announced a new device attestation capability for Apple Inc.’s ecosystem, enabling extended policy controls for organizations that use Apple devices.

Insight Partners Principal Max Wolff said a growing number of businesses are looking for alternatives to traditional password-based security. “SecureW2 provides an easy-to-use, cloud-native solution to address this need,” he said. “It is already being used by hundreds of customers worldwide.”

Image: SecureW2