Identity security in enterprises has become increasingly complex, with organizations struggling to manage thousands of applications across different environments while maintaining consistent security controls. The fragmented landscape of identity and access management tools, combined with evolving protocols and regulatory requirements, has made it nearly impossible for companies to maintain strong security postures. Orchid Security has emerged as a pioneering solution to this challenge, leveraging Large Language Models (LLMs) to revolutionize how enterprises handle identity security orchestration. The company’s platform automatically discovers and assesses both self-hosted and SaaS applications, providing deep visibility into identity controls and enabling automated remediation without requiring application recoding. Their innovative approach has already demonstrated impressive results, with customers reporting 90% faster application onboarding times and 75% reduction in professional services costs. Major enterprises including Costco and Repsol have adopted Orchid’s solution to transform their identity security management.
AlleyWatch caught up with Orchid Security CEO and Cofounder Roy Katmor to learn more about the inspiration for the business, the company’s strategic plans, recent round of funding, and much, much more…
Who were your investors and how much did you raise?
Orchid Security raised a $36M Seed round, co-led by Team8 and IntelVC.
Tell us about the product or service that Orchid Security offers.
Orchid delivers an identity-first security orchestration platform. While identity technologies, privacy regulations and cyber threats are constantly evolving, rendering native identity controls outdated, Orchid empowers organizations to maintain a strong and consistent posture. The platform continuously discovers both self-hosted and SaaS applications, assesses their identity controls (and gaps), and remediates compliance and cyber exposure- all from a single point of control and without extensive effort or application recoding. Companies using Orchid have cut application onboarding time by 90%, reduced professional services costs by 75% and increased identity security posture by 83%.
What inspired the start of Orchid Security?
While entrepreneur-in-residence at Team8, one of Israel’s most successful VC funds, I was tasked with exploring emerging theses in the security space. One, in particular, stood out and sparked my quest – the challenge of onboarding applications and adopting the latest identity security controls.
Leveraging its extensive CISO network and over the course of three years, Team8 identified a top-three enterprise concern, a top-three budget investment, and most surprisingly, a top-three source of dissatisfaction all related to identity consumption. The issue appeared to stem from enterprises struggling to integrate and maintain applications within their identity stack, resulting in failure to meet regulatory and security policies within the fragmented identity space.
How is Orchid Security different?
Orchid Security provides an identity overlay infrastructure that enables enterprises to seamlessly consume and manage identity security across the organization. Despite the challenges posed by fragmented identity infrastructure, no vendor has been able to deliver a generic, no-code, no-configuration solution that retrofits and unites identity controls across the entire organization.
Utilizing emerging technologies — primarily LLMs that were not available a few years prior — to interpret application instructions can reveal identity-related context and reasoning in each application’s design, providing the missing piece needed to address the complexity of identity and access management. This was the jumpboard required for the development of a ground-breaking Identity-first Security Orchestration solution. The solution is then able to discover all applications in use throughout an enterprise, including all self-hosted applications, assesses their identity flows to highlight exposure, and enable the remediation of that exposure to strengthen and maintain the organization’s identity security posture, without any recoding.
What market does Orchid Security target and how big is it?
Orchid Security targets the enterprise market, which on average handles 1,200 different applications hosted on-premise, in the cloud, or delivered as SaaS. To assess and manage these applications against the identity stack, within an ever-changing threat and regulatory environment, enterprises typically turn to System Integrators. Based on data from a leading analyst firm, approximately $5.25B is projected to be spent on integration, implementation, optimization and other services related to identity and access management in 2025.
What’s your business model?
The business model is based on the number of applications managed through the Orchid Security platform. Sales are direct or through certified business channels.
How are you preparing for a potential economic slowdown?
By automating, speeding and scaling the onboarding, assessment and management of applications against the identity stack, Orchid Security reduces on average 75% of professional services costs that enterprises typically spend on System Integrators for these aspects.
What was the funding process like?
Orchid’s funding came from a blend of two leading, yet distinct investors: Team8, which helped explore the identity security thesis through its extensive CISO network, playing a pivotal role in refining both the problem and the necessary solution; and Intel Capital, which joined the round after a meaningful early design partnership program, recognizing the value from firsthand experience.
What are the biggest challenges that you faced while raising capital?
Through an extended problem validation process followed by a highly sought-after design partnership program to ensure strong product-market fit, we were fortunate that the fundraising process was both preemptive and smooth.
Through an extended problem validation process followed by a highly sought-after design partnership program to ensure strong product-market fit, we were fortunate that the fundraising process was both preemptive and smooth.
What factors about your business led your investors to write the check?
There are two, one is the market pain, and the second, the solution.
Looking at the market pain, Team8 repeatedly heard this challenge from their CISOs at enterprises, who continuously requested research and delivery of an innovative solution for this problem. IntelVC felt this pain within their own enterprise, and wanted to invest following the research results which showed that the platform is able to address this growing market need.
In terms of the solution, Orchid Security is a new infrastructure solution, an enabler, and not an added feature or a replacement of a different existing tool. Investors understood Orchid’s Security key role as the next must-have in enterprise’s IT stack.
What are the milestones you plan to achieve in the next six months?
Over the next six months, Orchid plans to achieve several key milestones to further accelerate our growth and impact.
- Scale Operations: We are focusing on scaling our internal operations, ensuring we are equipped to support a growing customer base while maintaining the high level of service and security our clients expect, mainly in NA and EMEA.
- Expand Customer Base: We aim to onboard additional global 2,000 companies and deepen relationships with existing customers like Costco and Repsol, ensuring that our platform continues to meet their evolving identity security needs.
- Enhance Product Features: We will continue to refine and expand our platform’s capabilities, particularly focusing on enhancing our no-code, no-configuration on-boarding capabilities with leading IAM providers.
- Strengthen our GTM Partnerships: We plan to forge new strategic alliances to expand our reach and ensure that Orchid remains at the forefront of identity security innovation.
These milestones will lay the foundation for further growth, allowing Orchid to drive significant value for both our clients and the identity security landscape.
What’s your favorite winter destination in and around the city?
Cold Spring (New York) – A small town located on the Hudson River, Cold Spring was once home to notable figures in the scientific community during the 19th and early 20th centuries. A visit there feels like stepping into a place where quiet revelations and discoveries took place. The surrounding natural beauty, combined with the historical landmarks, makes it an inspiring spot for those interested in the ideas that have shaped the modern world. Inspiring!