NOMINATION HIGHLIGHTS

Oasis Security is transforming how enterprises govern Non-Human Identities (NHIs) and AI agents, the fastest-growing and least-governed segment of identity. As machine identities and agents become the primary way systems and data are accessed, the human-centric IAM model is obsolete. The result is identity debt: unmanaged identities, unrotated secrets, and over-privileged access that creates both breach risk and operational fragility.

AI agents intensify this risk by operating at machine speed with non-deterministic behavior. Prompt injection, agent hijacking, and MCP-based supply chain attacks are now routine. In February 2026, Oasis researchers uncovered the ClawJacked vulnerability in OpenClaw, enabling any website to silently take control of a developer’s AI agent with no plugins or user interaction required, proof that legacy controls were never designed for agentic access.

Oasis is the access control plane for the AI era: one unified platform that discovers, contextualizes, and enforces policy across the full spectrum of non-human access (from AD to AI) without requiring customers to replace their existing stack. Unlike tools that depend on pre-registration, Oasis is discovery-first: it maps machine identities across hybrid environments, enriches each with ownership, usage, blast radius, and business context, and then graduates customers from visibility to continuous enforcement.

The platform delivers measurable impact quickly. Enterprises typically discover 3–5x more NHIs than their inventory claimed, reach 80%+ ownership assignment for previously unowned accounts within 30 days, and achieve first actionable findings in under two weeks. Oasis then automates lifecycle enforcement: provisioning, attestation, rightsizing, rotation, and decommissioning, reducing manual rotation cycles from weeks to minutes while avoiding outage risk.

Oasis Agentic Access Management (AAM™) extends governance to AI agents with capabilities legacy tools don’t offer: intent-aware access decisions, deterministic guardrails with human-in-the-loop escalation, and just-in-time session identities that mint ephemeral, scoped credentials per task, eliminating standing secrets and shrinking blast radius.

Founded in 2022 and backed by Sequoia Capital, Cyberstarts, and Accel, Oasis has built a high-quality enterprise customer base across financial services, healthcare, insurance, and logistics.
Throughout 2025, Oasis advanced both education and governance. We launched the Non-Human Identity Management Fundamentals Certification, the first vendor-agnostic program to equip security and identity leaders to manage NHIs and AI agents across cloud, SaaS, CI/CD, and AI ecosystems. In parallel, the practitioner-led Agentic Access Management Framework, Oasis Scout, and the NHI Threat Center help enterprises detect unmanaged identities, remediate faster, and strengthen auditability, accountability, and compliance across complex environments.