Identity graph tools.

Map identity across SaaS apps — find shadow accounts, dormant access, over-permissioned users.

One-quarter buildHot — multiple deals per month

Why now

SaaS sprawl + LLM agent access = identity is the new perimeter. ITDR (identity threat detection) is a budget line for the first time.

What the signal looks like

Repos with SaaS API integrations (Okta / Google / Microsoft / 50+ tools), graph database libraries, and ITDR rule engines.

Public examples

We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.

Veza-style identity platforms
Authomize shape
Open-source IAM graph tools

What this displaces

An Okta admin and a quarterly audit spreadsheet.

Our build-vs-invest call

Real budgets, real growth. The moat is the SaaS integration footprint + the threat-detection library. Fund teams shipping 30+ integrations in 90 days.

Common questions about this niche

Buyer?: CISO + IAM lead.
Pricing?: Per-identity or per-SaaS-app integrated.
Moat?: Integration breadth + threat-detection model.

Five breakout startups, every Sunday — before the round gets crowded

The free Acceleration Watch: five venture-backed teams accelerating on the engineering signal, translated into plain English — 21 to 47 days before the deck circulates. No code-reading, no card.

Get the free Sunday issue →

Signed The Data Nerd · pseudonymous narrator · methodology over personality

More inside Cybersecurity

LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.
Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.
Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.
OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.

See all 10 Cybersecurity sub-niches →

Five breakout startups, every Sunday — before the round gets crowded

The free Acceleration Watch: five venture-backed teams accelerating on the engineering signal, translated into plain English — 21 to 47 days before the deck circulates. No code-reading, no card.

Signed The Data Nerd · pseudonymous narrator · methodology over personality

More inside Cybersecurity

LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.

Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.

Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.

OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.