Cybersecurity · sub-niche
Identity graph tools.
Map identity across SaaS apps — find shadow accounts, dormant access, over-permissioned users.
One-quarter buildHot — multiple deals per month
Why now
SaaS sprawl + LLM agent access = identity is the new perimeter. ITDR (identity threat detection) is a budget line for the first time.
What the signal looks like
Repos with SaaS API integrations (Okta / Google / Microsoft / 50+ tools), graph database libraries, and ITDR rule engines.
Public examples
We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.
- Veza-style identity platforms
- Authomize shape
- Open-source IAM graph tools
What this displaces
An Okta admin and a quarterly audit spreadsheet.
Our build-vs-invest call
Real budgets, real growth. The moat is the SaaS integration footprint + the threat-detection library. Fund teams shipping 30+ integrations in 90 days.
Common questions about this niche
- Buyer?
- CISO + IAM lead.
- Pricing?
- Per-identity or per-SaaS-app integrated.
- Moat?
- Integration breadth + threat-detection model.
More inside Cybersecurity
- LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.
- Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.
- Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.
- OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.