2025: A Year of Momentum and Innovation for Token Security

As we look ahead to 2026, we are proud to reflect on a transformative year for Token Security. Our mission to secure the rapidly growing realm of non-human identities – from legacy machine credentials to cutting-edge AI agents – has driven every milestone we reached. This past year saw major funding, explosive growth, groundbreaking product launches, and industry recognition, all fueling our push to deliver the leading solution for AI agent identity security. In this year-end review, we celebrate the progress and momentum that will carry us into 2026.

Funding and Growth Milestones

One of the defining moments of 2025 was our successful Series A round of funding. In January, Token Security raised $20 million in Series A financing led by Notable Capital, just eight months after emerging from stealth. This brought our total funding to $28M and validated our vision of agentic AI and machine identity protection. More importantly, it enabled us to accelerate expansion, from product development to go-to-market initiatives, and we haven’t looked back since. Our platform gained rapid adoption by enterprises (with early customers like HPE and HiBob, Betterhelp, Dayforce, and others trusting our solution), reinforcing the market need for securing machine and AI-driven accounts.

This capital infusion helped turbocharge our growth. Every new customer and team member is a testament to the trust in our vision and the hard work of our team. We’ve never been more energized to solve one of cybersecurity’s most urgent challenges.

Breakthrough Innovations in AI Agent Security

Our development team delivered a series of first-of-its-kind solutions this year, solidifying Token Security’s reputation for innovation. In 2025, we introduced multiple groundbreaking products and tools that are helping enterprises secure the “agentic” future of AI:

• First MCP Server for Agentic AI and NHI Security: We launched the industry’s first Model Context Protocol (MCP) Server for Agentic AI and NHI Security, an AI-powered interface that lets security teams query and manage AI and machine identities through natural language. This release set a new benchmark for how AI and security operations can work together to protect AI agents and non-human identities at scale.
• AI Discovery Engine and Token AI Agent: In July, we unveiled our AI Discovery Engine, the first solution purpose-built to reveal the full scope of AI-related identities across enterprise infrastructure. We also introduced the Token AI Agent, a conversational assistant that provides real-time security insights via natural language. Together, these innovations give teams unprecedented visibility into AI agents and the ability to ask questions like “What are our riskiest AI agent identities?” and get instant answers. This is a game-changer in enabling agile, AI-driven security operations.
• AI Agent Lifecycle Management: In November, we extended our platform’s governance capabilities to autonomous AI. Our new AI Agent Identity Lifecycle Management capabilities allow security, IT, and IAM teams to manage AI agent accounts from discovery through deprovisioning, just as they would human users. For the first time, organizations can continuously discover AI agents (e.g., custom GPTs, MCP servers, autonomous agents), ensure they have human owners, enforce least-privilege access, and “retire” unused agents before they become ghost or orphaned accounts. This end-to-end approach eliminates blind spots and ensures AI agents don’t operate outside of approved oversight.
• AI Privilege Guardian: To help enterprises embrace AI safely, we launched the AI Privilege Guardian, a free interactive tool that helps right-size permissions for AI agents. This tool allows developers and security teams to define an AI agent’s purpose, scope its access to the minimum necessary, and simulate its actions to ensure that each agent operates on a strict least-privilege basis. By preventing over-privileged AI agents, organizations can avoid supercharged insider risks and easily enforce best practices.
• GCI Tool: As custom AI models proliferate, we also released an open-source tool called GPTs Compliance Insights (GCI) to shine a light on hidden AI agents. The GCI Tool helps enterprises discover custom GPTs running in their environment, identify each agent’s owners and access scopes, and detect potential security or compliance gaps. In an era where anyone in a company can spin up a GPT-based agent, this tool provides much-needed visibility and governance.
• MCP Server Discovery: Automatically detect and inventory MCP servers across your environment to surface where they exist, who owns them, and what tools or data they can access. This feature in the Token Security Platform gives security teams immediate visibility into this fast-growing attack surface so they can assess risk, enforce policy, and remediate exposure before it becomes a breach.

Each of these innovations brings our customers closer to a secure, well-governed AI-powered infrastructure. By inventing solutions for problems that didn’t even exist a year or two ago, we’re ensuring Token Security users stay one step ahead in the face of fast-moving technology shifts.

Building an AI-Secure Community

Beyond our products, 2025 was also about thought leadership and community collaboration to secure the broader AI ecosystem. In August, we teamed up with Descope and a group of forward-thinking CISOs to publish the AI Security Guide: A Maturity Model for Secure Agentic AI Adoption. This comprehensive guide (authored by experts from companies like Vercel, Live Oak Bank, Deloitte, and more alongside Token Security) provides a four-phase framework to help organizations safely navigate the shift to autonomous AI agents. By sharing best practices – from managing “shadow AI” experiments to implementing policy-based controls for AI workflows, we’re empowering businesses to innovate with AI responsibly and confidently.

We also launched Token Research, a new research division dedicated to investigating emerging threats in AI and machine identity security. Staffed by veteran security researchers, Token Research focuses on deep technical analysis, vulnerability discovery, and threat intelligence around AI agents and non-human identities. The team hit the ground running, publishing findings on issues like misconfigured AI chatbots and speaking at industry events on cloud API flaws. By contributing these insights to the community, we aim to help all organizations pre-empt risks introduced by rapid AI adoption. In the spirit of responsible disclosure, our researchers are not only identifying vulnerabilities, but also equipping the world with knowledge and tools to remediate them.

• Ariel Simon presented “Hidden Dangers in Azure: Over-Privileged Roles and API Vulnerabilities” at Identiverse 2025 and “Permission Impossible: Hidden Dangers of Azure RBAC and API Vulnerabilities” at fwd:cloudsec Europe
• Dan Abramov and Eliav Livneh presented “Logs don’t mean a thing: Unraveling IaC-Managed Identity Ownership” at fwd:cloudsec North America
• Eliav Livneh presented “Source IP Spoofing in Cloud Logs” at fwd:cloudsec Europe

Industry Recognition and the Road Ahead

Our momentum has not gone unnoticed. This past November, Token Security was honored to be named one of The Information’s “50 Most Promising Startups of 2025,” highlighted for our strong growth and pioneering approach to identity-first AI security. In fact, Token Security was one of just eight companies selected in the Security & B2B category, a recognition based on our revenue traction, customer adoption, and leadership in securing AI agents across enterprises. This accolade is a meaningful validation of the hard work our team and customers have invested to tackle the unique challenges of agentic AI and non-human identity security. It energizes us to continue setting the standard in this growing market.

With 2025 in the rearview mirror, we feel a profound sense of gratitude and excitement. It’s inspiring to see how far Token Security has come in such a short time, evolving from an idea into the platform that forward-looking companies trust to safeguard their AI-driven future. We couldn’t have achieved this without our incredible team, our supportive investors, and our visionary customers who partner with us to secure what’s next. 

Heading into 2026, our mission remains clear: to continue innovating and delivering the leading solution for AI agent identity security. We have some insightful predictions for 2026 as agentic AI will be one of the hottest cybersecurity topics. The foundation laid this year gives us confidence that we can help every organization securely embrace AI and automation.

Thank you for being part of our journey. We’re excited to build on this momentum. Here’s to even greater achievements in the year to come! Come check us out: https://www.token.security/