Permissions management startup AuthZed Inc. today announced that it has raised $12 million in new funding to accelerate its strategic expansion, particularly targeting small to midsized organizations.

Founded in 2020 by Jake Moshenko, Joey Schorr and Jimmy Zelinskie, veterans of CoreOS and RedHat, AuthZed provides a secure and scalable permissions management system for modern applications. Leveraging their expertise in distributed systems, the founders created AuthZed to simplify and enhance authorization processes for enterprises.

AuthZed seeks to address the growing complexity of user interactions in modern applications, which strains traditional authorization approaches and can lead to security vulnerabilities and bottlenecked development teams. Those vulnerabilities can be highlighted with broken access control topping Open Web Application Security Project’s Top Ten List of Web Application Security Risks.

AuthZed provides a universal, fast, scalable and easy-to-use solution for enterprise-ready permissions systems built on the open-source project SpiceDB. SpiceDB is an open-source, scalable and consistent permissions database designed by AuthZed that incorporates principles from Google LLC’s Zanzibar paper to manage fine-grained access control in modern applications.

The company empowers application teams to implement fine-grained access control, ensuring only authorized users can access specific data and features.

Key features include the ability to authorize anything anywhere, with users able to define fine-grained access for any object in an application or product suite. Users can manage permissions using a centralized schema and specify consistency requirements per authorization check. Tunable consistency features balance performance and correctness according to each use case.

Users can determine attribute-based access with SpiceDB Caveats, which the company says is a novel design for blending policy. The service, through observability tooling, can also act as a powerful Kubernetes operator with load-testing capabilities and can prioritize developer and platform engineering experiences.

AuthZed has seen strong uptake of its product, achieving six times growth in annual recurring revenue in 2023, off a undisclosed base, with customers across industries including healthcare, finance and gaming. Notable customers include Canva Pty. Ltd., WithClutch Inc., Turo Inc., Matillion Ltd., HackerRank Inc., Spot.ai Inc. and Avise Analytics Inc.

General Catalyst Group Management LLC led the Series A round, with previous investors Work-Bench Ventures Management LLC, Y Combinator Management LLC and Amplify Partners LP also participating.

“This funding will help our team continue to support our customers to add meaningful user experiences to their products powered by our scalable and flexible permissions system architecture,” said Chief Executive Moshenko. “Federation is a fundamental part of what makes the internet an interesting place and helping our customers’ end users securely share their most sensitive information with confidence and precision drives us forward.”

Including the new funding, AuthZed has raised $15.8 million to date.

Moshenko spoke with theCUBE, SiliconANGLE Media’s live streaming studio, in February 2023, where he discussed the company’s relationship with Cockroach Labs Inc. and how AuthZed is leveraging distributed SQL databases to enhance the performance and scalability of its permissions management system:

Photo: AuthZed