Oasis Security just closed a $120M Series B led by Craft Ventures, with Cyberstarts, Sequoia Capital, and Accel following. Total funding: $195M. The money goes toward what might be the defining security challenge of the agentic era: governing machine identities that now outnumber human ones by a ratio of 82 to 1.
That stat, from Palo Alto Networks, frames the entire problem. Traditional IAM was built for humans logging in once and working all day. AI agents don’t work that way. They operate continuously, interact with multiple systems simultaneously, and often need broad access to function — which makes every one of them a potential attack surface.
Agentic Access Management (AAM)
Oasis calls its approach Agentic Access Management — a platform that evaluates what each machine identity or AI agent is attempting to do and grants only the permissions necessary to complete that specific task.
The system covers:
- Vaulted credentials for persistent secrets
- Federated access across identity providers
- Ephemeral permissions that expire after task completion
- Single policy layer applied uniformly across all machine identities regardless of infrastructure
The key architectural decision: one governance model for everything non-human. Whether it’s an AI coding agent in CI/CD, an autonomous customer service bot, or an MCP-connected research agent, the same policy engine applies.
Why This Matters Now
Three days before RSAC 2026 (March 23–27), the timing isn’t accidental. The conference is shaping up as the coming-out party for agent identity security, with Okta, SailPoint, Deutsche Telekom, F5×Skyfire, ConductorOne, Entro, Apono, and now Oasis all launching agent governance products in the same two-week window.
The common thread: enterprises are deploying AI agents faster than they can govern them. Microsoft’s own research, published the same day as Oasis’s raise, found that 97% of organizations experienced an identity or network access incident in the past year, with 70% tied to AI-related activity.
That’s not a future risk. That’s the current state.
The Commercial Signal
Oasis reports 5x year-over-year growth in new ARR, with the majority of clients drawn from the Fortune 500. Most new revenue comes through multi-year enterprise agreements — a signal that the platform is being embedded into core identity architecture rather than deployed as a peripheral audit tool.
CEO Danny Brickman: “Every organization deploying AI agents is taking on access risks they can’t yet see. The organizations scaling AI fastest are the ones who treated access as a foundational requirement, not an afterthought.”
The Agent Identity Stack Takes Shape
What’s emerging across all these launches is a layered agent identity stack:
| Layer | Players |
|---|---|
| Internal agent identity | Okta, Microsoft Entra |
| Cross-enterprise passports | Google, Deutsche Telekom |
| Commerce/internet identity | F5 × Skyfire |
| Access governance | Oasis, ConductorOne, Apono |
| Shadow agent discovery | Entro, AvePoint AgentPulse |
| Runtime enforcement | Singulr, Salt Security |
| Credential management | 1Password Unified Access |
Oasis sits in the governance layer — the policy engine that decides what agents can do, not just who they are. With $195M in funding and Fortune 500 logos, it’s making a serious bid to own that layer.
What OpenClaw Users Should Know
If you’re running OpenClaw agents with access to production systems — databases, APIs, cloud infrastructure — the 82-to-1 ratio applies to you too. Every agent session, every MCP connection, every tool call is a machine identity making access decisions.
The principles behind AAM apply at any scale:
- Least privilege by default — agents get only what they need for each task
- Ephemeral over persistent — credentials should expire, not persist
- Unified policy — one governance model across all agents, not per-tool exceptions
- Continuous evaluation — access decisions at every request, not just at login
The tooling is catching up to the problem. The question is whether enterprises will adopt it before the next major agent-related breach forces their hand.
Oasis Security’s $120M Series B was announced March 20, 2026. RSAC 2026 runs March 23–27 in San Francisco.