Defakto: Building the Identity Layer for the Agentic Era
When we first met the Defakto team, they didn’t pitch us on better security tooling. They didn’t start with a dashboard, a platform, or a slide on posture. They started with a blunt observation: Most of your infrastructure isn’t human anymore — and we’re still securing it like it is.
They’re right, and it’s an increasingly dangerous scenario.
Every cloud, every CI/CD pipeline, every AI agent that gets spun up is another machine asking for access. Each one is a non-human identity (NHI) with a token, a secret, or a service account sitting around somewhere. And every one of those is at risk of getting breached, exploited, or forgotten about until it’s too late.
Companies have spent hundreds of millions securing human users, from provisioning SSO to managing devices to setting up MFA. But if you look under the hood of any modern enterprise, you’ll find that non-humans outnumber people 45 to 1. They’re the ones making most of the API calls, pushing deploys, triggering workflows, and running production.
All that, and we’re still securing them with static credentials duct-taped together across clouds and vaults. It’s a massive surface area that no one is equipped to oversee right now.
In this reality, Defakto is doing something both simple and radical. They’re not managing secrets better. They’re eliminating them altogether. In the process, they’re replacing zombie tokens, long-lived service accounts, and vault sprawl with real, dynamic, cryptographically verifiable identities for workloads, pipelines, and agents.
This has proven far superior to the in-denial status quo. Defakto’s customers include some of the largest companies in the world, and they’re already running it in production across multi-cloud environments.
When Danny Oliveri teamed up with Eli Nesterov, the combination was undeniable. Eli, who ran identity at hyperscale with one of the world’s largest SPIFFE (Secure Production Identity Framework for Everyone) deployments at Bytedance, brought unmatched technical depth and firsthand experience solving identity at massive scale. Danny, whom we’ve known for years, brought the enterprise GTM expertise and operational discipline required to turn that innovation into a category-defining company. Together, they represent the perfect balance of technical conviction and executional excellence.
We decided to lead Defakto’s $30.75M Series B because we believe they’re setting the new baseline for how AI-era infrastructure gets secured. It’s not niche or another feature — this is category defining work at the beginning of the agentic platform shift.
It’s clear to us here at XYZ that machine-first infrastructure is inevitable. Now it has a foundation you can actually trust. So if you’re thinking about the future of infra, AI safety, or how to secure the systems that increasingly run everything, learn more about what Defakto is building.
Or better yet, come help them build it!
