The Founder Who Turned Three Cyber Breaches into a $24M Startup

Uncategorized

The Founder Who Turned Three Cyber Breaches into a $24M Startup

The biggest security threat today isn’t human — it’s the machines talking to each other behind the scenes. Entro founder Itzik Alvas shares how three breaches inspired a new category in cybersecurity, why “non-human identities” are the next attack surface, and how design, clarity, and creativity became their most powerful GTM differentiators.

Posted on October 16, 2025

Written By: Brett

The following interview is a conversation we had with Itzik Alvas, CEO of Entro Security, on our podcast Category Visionaries. You can view the full episode here: $24M Raised to Build the Future of Non-Human Identity Management

Brett
Hey, everyone, and welcome back to Category Visionaries. Today we’re speaking with Itzik Alvas, CEO & Co-Founder of Entro Security, a non human identity management platform that’s raised 24 million in funding. Itzik, welcome to the show.

Itzik Alvas
Thank you. Thank you for having me, Brett.

Brett
No problem. Super excited. So, whenever we have founders from Israel on, we always like to ask the question. And that question is, you know, from your time in the military service, what did you learn? I’m sure there were a lot of life learnings and a lot of life lessons that shaped you. But what would be one big takeaway that you had from that experience?

Itzik Alvas
Perseverance, I assume, like one, if any. If I only need to choose one, definitely. That. Also, my time in the Israeli Defense Force, I was part of the cyber intelligent unit over there, and I was on the offensive side of cyber. And, you know, we’ve done some big stuff over there, some national scale, and usually it takes a while, and usually you run and, you know, you’re running through some closed doors. So definitely perseverance and. And learning a lot, and learning from feedback and improving and trying again.

Brett
As you were in the military, did you have this idea in the back of your head that someday I’m going to go and build a cybersecurity technology company, or when did that idea start to develop in your brain?

Itzik Alvas
Yeah, I had no idea. I had no idea. When did it? That’s a good question. I think, like, maybe one year before I started, I was facing, you know, big problem with non human identities and secrets. That’s. That’s the problem we actually solve right now with enter security, how to manage them, how to secure them. So, okay, so post my service, the Israel Defense Force, I moved into the public market and I was doing cyber defense over there and worked on, usually on management positions. So prior to enter, I was responsible for the internal security and infrastructure of one of Microsoft’s clouds. Microsoft have three main clouds, and I was responsible for the internal security of one of them. And were breached twice by non human identities over there. And part of that was CISO, a chief information security officer of an healthcare organization.

Itzik Alvas
And were breached over there as well, by non human identities and secrets. So after being breached for the third time. And after not being able to find solution that will help me resolve the problem, you know, I started to think maybe I should build something. And that led me to the path of, you know, building my own startup. So I joined Fawcett with a friend of mine from the army. Adam Schriki is now the Co-Founder and CTO. And yeah, in very high level, that’s why we started enter. That’s where I started to think about.

Brett
That and take us back to the early days of the company. So it looks like that was summer 2022. What did the first three to six months look like for you?

Itzik Alvas
Before the seed raise or after the seed raise? That was very different.

Brett
Let’s go after the seed race.

Itzik Alvas
Yeah, so we already have a plan in mind. Like, we already knew what we want to build and how we want to build it and what it’s gonna take. So the very first month is like very operational, finding offices, finding, you know, recruiting the right team and starting to move, but again, very operational. Like you will need everything. You need a bank account, you need a domain, you need all of those stuff. And we listed everything we need to do prior to the seed money. Like we had a complete list, so we started to execute. So we started to execute about that.

Itzik Alvas
And then out of the gate you want, you know, some design partners, you want some customers paying or not paying, whatever, but you want someone that understand the problem, want to solve the problem, and is willing to give you feedback about what you’re doing to make sure that you’re advancing it right direction. So definitely worked out to find those as well.

Brett
What about your market category? So when I did the introduction, I introduced you as a non human identity management platform. What is that? What does that mean?

Itzik Alvas
Yeah, that’s a great question. That’s a, that’s a very new category. We helped pioneer that. So were the first company out there to do that, and now there are a lot of companies. We’re definitely well positioned to continue leading that category, but it’s fairly new one. So what does it mean? I think we need to frame secrets and unhuman identities for a second because that’s the problem area. Those are the things that NTO helps to secure. So non human identities are essentially programmatic access keys, like service accounts, API keys, connection strings, cloud access tokens, if you about those, I get a essentially programmatic credentials that applications are using in order to access and authenticate against resources the application needs. So if the application needs to authenticate against the database.

Itzik Alvas
It needs some sort of credential to help facilitate that authentication and that’s a non human identity. And the main problem is that developers, DevOps users are the ones who are creating permissioning. Them, using them are without security oversight and they scatter them around so they, you know, committing them into code, they are sending them over slack and no one is actually managing their lifecycle, no one is deleting them, no one is making sure their permissions are right side and because no one is able to manage them and because those are being created and used outside of the security side, today, non human identity targeted attacks are the second most frequent attack vector out there. And that’s why Entro Security is such a success. That’s why we are trying to help organization to securely use them and manage their life cycle.

Brett
What about marketing? When I visit your website, I noticed that it doesn’t look like all the other cybersecurity companies out there. What I see, at least in cybersecurity, is a lot of companies just kind of look the same, it has the same feel. It seems like you’ve been very intentional with the branding of the company. Can you talk to us about the branding and the general branding strategy?

Itzik Alvas
Hopefully it feels fun for you. So yeah, the usual cybersecurity companies are blue and white and somewhat black and very serious approach. But I led security for a long while and, you know, I wanted something that looks and feels more, you know, young and fun and that’s definitely the approach that we went to. Yeah, the main, the main goal was to make it as fun as B2C, but definitely still B2B company.

Brett
Yeah, it definitely comes across that way. And I think what’s cool about it is it’s very memorable. And I think that’s probably the most important thing that I see a lot of founders get wrong, is they play it safe and then they’re not memorable. But I think you’re better off being memorable than unknown. That’s another guest that I had on recently shared and it seems like you’ve followed a similar approach there to just make it fun and make it memorable.

Itzik Alvas
Yeah, for sure. For sure. Yeah, for sure. That was definitely a big portion of it.

Brett
Has there been any downside to that? Like do you think you’ve ever lost any deals or anything from someone looking at the branding and saying, okay, it’s not a serious company?

Itzik Alvas
I don’t think so. Like, I don’t know if someone came into the website and left because they feel like that’s not serious enough for them. Hopefully, you know, the logos out there and the customer acquisitions and the stuff we’re doing means more. But yeah, I don’t think so. I think that, you know, people appreciate what we’re doing and hopefully they appreciate that we’re a young, fun company and very innovative. So I like maybe, but I’m not sure. And I hopefully that’s not the case.

Brett
What else from a marketing perspective are you doing that’s novel and different and why? That’s top of mind. I was just at black hat and I was just walking around there and it really seems like everyone is doing and saying the same thing. What are you doing that’s different from a marketing perspective? How are you rising above all the noise that’s out there in cybersecurity?

Itzik Alvas
Yeah, that’s a great question. We needed to build that category. We needed to drive a lot of market education about why is it a serious problem. Our organizations are trying to handle that right now, how they should solve that, why the current ways or the old ways are not really helpful and so forth. In order to do that, you should definitely be creative. So yeah, you know, different events and going after analysts and probably we haven’t invented the wheel, but we have a very solid plan about our marketing approach.

Brett
How do you approach events? Is there anything, you know, interesting there or anything different there to stand out and make them as worthwhile as possible?

Itzik Alvas
Yeah, that’s a great question. I think that you should force yourself, what is your goal coming into that event? So, you know, brand awareness. So you mentioned Blackhat and the big boots over there. I’m not sure if they are very helpful in terms of, you know, legion and creating new leads and creating pipelines, but they are great for brand awareness and for positioning and some other, you know, events are the other way around. They are great for pipeline creation but not that great for brand awareness and so forth. So I think you need to understand what you’re trying to get out of that event. And then, you know, you can align the other stuff like the size of the boot on which people to bring in and what to do over there and so forth.

Itzik Alvas
So it’s, you know, the best answer is always depend. So depends.

Brett
That’s fair enough. Now what about the go to market motion? What’s the go to market motion look like?

Itzik Alvas
So we’re selling direct and via partners. Our sales for based in the US. I’m based in Boston and my vp of sales is based over here. And other sales folks are based over here, but then we have some others in the rest of the US, so we’re selling direct and via channels for now.

Brett
What about fundraising? As I mentioned there in the intro, 24 million raised so far. What have you learned about fundraising throughout this journey?

Itzik Alvas
A lot for sure. So like, I don’t know even where to start. I think it’s very different between the seed and day round. So I think I need to see. You need to mainly sell an idea, but that should be somewhat of a calculated risk in terms of you’ve done your market research, you interviewed your customers, you are getting to repetitive circle with your market around the questions that you’re asking them and the answers you are getting from them. And you need to show that you will be able to reach the $1 million mark with the money you’re asking and kind of proving that, but mostly selling an intangible dream. I’m going into the round. It’s different right now. You should have customers, you should have reached the $1 million mark. Your customers should use your product, love your product.

Itzik Alvas
All of them should use it in the same way, by the way, like if you’re, if each customer is using a different portion of the product, that’s not, not as good as it can be. So there are a lot of differences between raising a seed money and raising an a round.

Brett
If we think ahead for the next twelve months, what are the top priorities look like?

Itzik Alvas
Yeah. Customer acquisition, keeping our current position and awareness in the vertical, and of course expanding our capabilities and product. Definitely expand our platform.

Brett
And final question, let’s zoom out three to five years into the future. What’s the big picture vision look like? Paint a picture for us.

Itzik Alvas
Yeah. To lead the identity market, for sure. And there are a lot of companies that have done great things with the identity market. Most of them are more often on premise solutions and the cloud is much larger. So definitely lead the identity market. It’s a huge one.

Brett
Amazing. Love the vision. All right, now we are going to wrap up here. Before we do, if there are any founders that are listening in and they want to follow along with your journey, where should we send them? Where should they go?

Itzik Alvas
Yeah, you can reach out at LinkedIn or follow page or just go to our website and you can find me over there as well.

Brett
Awesome. Well, thanks so much for taking the time. Really appreciate it.

Itzik Alvas
For sure. Thanks for having me, Brett.