Cybersecurity startup Offroad has officially launched from stealth, securing $7 million in seed funding to pioneer an AI-driven approach to identity security. The funding round was led by Ibex Investors and Skywell Capital Partners, fueling the company's mission to automate risk investigation and remediation. Offroad aims to address the growing complexity of managing human, non-human, and AI agent identities across fragmented enterprise environments.
Addressing a Growing Security Challenge
Modern enterprises face a significant hurdle in managing identity risk, as critical context is scattered across numerous platforms like HR systems, SaaS applications, and cloud infrastructure. This fragmentation was already a challenge when dealing with human users, but the recent proliferation of AI agents has amplified the problem. Security teams are finding that traditional manual methods of investigation and remediation are no longer sustainable at this new scale.
An Agentic Approach to Identity Security
Offroad's platform introduces an "agentic identity security team" that functions as an autonomous extension of an organization's existing security operations. These AI agents are designed to gather context, uncover threats and posture risks, and resolve them with minimal human intervention. The system can either take direct corrective action where it is deemed safe or escalate issues to the appropriate personnel with all necessary context.
This approach provides operational leverage rather than simply adding to the deluge of alerts that security teams already face. According to Sean Mullins, a CISO and early user, the agents hand off actionable intelligence, which is a meaningful shift for teams stretched thin. Investor Adi Dangot Zukovsky of Ibex Investors echoed this sentiment, stating the market needs autonomous resolution, not just more tools that find problems.
Highlighting OAuth Application Risks
A prime example of this escalating risk lies with OAuth applications, which often gain broad, persistent access to critical business systems like Google Workspace or GitHub. These permissions can expose sensitive data, including emails, code, and files, yet security teams frequently lack the necessary context to evaluate their justification. Understanding the ownership, function, and potential risk of each application becomes a complex and often overlooked task.
To quantify this issue, Offroad conducted an audit of nearly 2,900 public OAuth applications and found that approximately one-third exhibited serious structural security concerns. These applications represent over 1.85 billion installs, highlighting a widespread vulnerability. In response, Offroad has launched ohauth.ai, a free security catalog to help teams better review and govern these application permissions and associated risks.
Experienced Leadership and Investor Confidence
The company is guided by a team with deep expertise in AI and cybersecurity. Co-founder and CEO Dan Bendler previously founded two successful AI startups, while co-founder and CTO Philip Shteyn is a former Captain in Unit 8200 and helped build Palo Alto Networks’ Cortex platform. Their combined experience provides a strong foundation for tackling the complex challenges of modern identity security.
CEO Dan Bendler stated that identity is no longer just a workforce access problem, as enterprises now operate with a mix of human, machine, and AI identities. He emphasized that the manual investigation model is becoming increasingly difficult to sustain in this new landscape. This vision is supported by investors who see a clear market need for a solution that moves beyond simple risk detection to full resolution.
With its successful $7 million seed funding and emergence from stealth, Offroad is poised to redefine the identity security market. The company's focus on using AI agents to autonomously resolve risks offers a promising solution for security teams overwhelmed by the complexity of modern digital environments. By shifting the paradigm from visibility to resolution, Offroad aims to secure enterprises against a new generation of identity-based threats.