Silverfort
Silverfort extends MFA and Zero Trust to every identity across legacy and cloud systems.
Silverfort provides agentless, proxyless Runtime Access Protection (RAP) that extends MFA, risk-based authentication, and Zero Trust policies across all enterprise systems—on-premise, cloud, and legacy applications—without requiring endpoint or application modifications. It integrates directly with existing Active Directory and identity systems to analyze authentication risk in real-time and enforce MFA on resources previously unprotectable by traditional solutions. Silverfort serves over 1,000 enterprise customers globally and differentiates through its ability to protect legacy, custom, and command-line tools that competitors cannot cover.
Problem solved
Enterprises cannot enforce MFA and Zero Trust policies on legacy applications, command-line tools, and on-premises authentication systems, leaving critical infrastructure vulnerable to credential theft and lateral movement attacks.
Target customer
Enterprise organizations with large, heterogeneous IT environments including legacy applications, on-premises systems, and cloud infrastructure seeking unified identity security without application changes.
Founders
H
Hed Kovetz
CEO & Co-Founder
Former Group Leader at Israel's elite 8200 cyber unit leading advanced campaigns; product leader at Verint architecting national cybersecurity infrastructure; holds LL.B. from Tel Aviv University.
Y
Yaron Kassner
Co-Founder & CTO
Two decades of engineering experience; former team leader and architect at MAMRAM elite IDF technology unit; holds B.Sc. in Computer Science from College of Management, Academic Studies.
M
Matan Fattal
Co-Founder
Serial entrepreneur and former Silverfort co-founder; also founded Calibaja and SilverFort.
Funding history
Seed
Undisclosed
June 2017
Led by SixThirty
· Unknown
Series A
$11.5M
June 2018
Led by TLV Partners
· Unknown
Series B
$30M
August 2020
Led by Aspect Ventures
· Unknown
Series C
$65M
April 2022
Led by Greenfield Partners
· Unknown
Series D
$116M
January 2024
Led by Brighton Park Capital
· 83North, Acrew Capital, AllegisCyber Capital, Alumni Ventures, Citi Ventures, Earthshot Ventures, Energy Impact Partners, Highland Capital Partners
Total raised:
$222M
Pricing
Subscription-based with custom pricing per organization size. Four packages available depending on identity security maturity. Specific per-seat or per-authentication rates not publicly disclosed; contact sales for quote.
Notable customers
Huntsville Hospital, London Borough of Waltham Forest, Optix, NEC XON Systems, West Valley School District 208, Leading Telecom Provider, US Insurance Provider. Serves over 1,000 enterprise customers globally.
Integrations
Active Directory, existing MFA methods, existing identity providers, Zendesk, HubSpot, Salesforce
Tech stack
Swiper (JavaScript libraries)
jQuery Migrate (JavaScript libraries)
jQuery (JavaScript libraries)
Isotope (JavaScript libraries)
core-js (JavaScript libraries)
YouTube (Video players)
HubSpot Chat (Live chat)
Zendesk (Documentation)
RSS
Open Graph
HTTP/3
WordPress (Blogs)
Lucky Orange (Analytics)
HubSpot Analytics (Analytics)
Microsoft Clarity (Analytics)
Matomo Analytics (Analytics)
Linkedin Insight Tag (Analytics)
Leadfeeder (Analytics)
Hotjar (Analytics)
Google Analytics (Analytics)
FullStory (Analytics)
Facebook Pixel (Analytics)
Cloudflare Bot Management (Security)
ClickCease (Security)
HSTS (Security)
Typekit (Font scripts)
Font Awesome (Font scripts)
WP Rocket (Caching)
PHP (Programming languages)
Apple iCloud Mail (Webmail)
Microsoft 365 (Email)
Unpkg (CDN)
cdnjs (CDN)
Cloudflare (CDN)
6sense (Marketing automation)
Marketo (Marketing automation)
HubSpot (Marketing automation)
MySQL (Databases)
Reddit Ads (Advertising)
Microsoft Advertising (Advertising)
Google Tag Manager (Tag managers)
Salesforce (CRM)
Yoast SEO (SEO)
WP Engine (PaaS)
HubSpot Cookie Policy Banner (Cookie compliance)
Sendgrid (Email)
GTranslate (Translation)
GoDaddy (Hosting)
Priority Hints (Performance)
Website
Competitors
SailPoint
Broader IAM platform focused on provisioning and governance; Silverfort's strength is enforcing MFA on legacy and command-line tools SailPoint cannot protect.
RSA
Traditional authentication and risk management platform; lacks Silverfort's agentless, proxyless integration with existing identity infrastructure.
Cloaked
Identity security platform; Silverfort differentiates through inline, real-time risk analysis and MFA enforcement on legacy applications without proxies or app changes.
Why this matters: Silverfort addresses a critical blind spot in enterprise identity security: the inability to enforce modern authentication policies on legacy systems without costly rewrites or proxies. With $222M in funding and 1,000+ customers, it demonstrates strong market validation for a solution that solves a real, widespread problem across regulated industries.
Best for: Large enterprises with heterogeneous IT environments including legacy applications, on-premises systems, and cloud infrastructure that need unified MFA and Zero Trust without application modifications.
Use cases
Legacy Application MFA Protection
Healthcare and financial services organizations deploy Silverfort to enforce MFA on legacy clinical and banking systems that cannot be modified. Huntsville Hospital achieved real-time protection against identity-based attacks on critical healthcare operations without requiring application changes.
Cyber Insurance Compliance
Organizations deploy Silverfort to meet cyber insurance MFA requirements across their entire infrastructure, including service accounts and admin users. Optix renewed its insurance policy shortly after implementing MFA protection through Silverfort.
Lateral Movement Prevention
Security teams use Silverfort's continuous monitoring to detect and prevent lateral movement attacks by enforcing granular risk-based policies on every authentication request. NEC XON Systems gained full visibility into authentication flows and prevented lateral movement across homegrown applications.
Alternatives
Okta
Broader identity platform with extensive provisioning and app integration; better for organizations willing to modernize applications, but cannot protect legacy systems Silverfort covers.
Ping Identity
Enterprise IAM platform with extensive customization; requires more infrastructure and integration work compared to Silverfort's agentless, inline approach.
Microsoft Entra ID (Azure AD)
Cloud-native identity platform strong for Microsoft environments; lacks Silverfort's specialized capability to enforce policies on legacy on-premises systems without modification.
FAQ
What does Silverfort do? +
Silverfort provides agentless, proxyless Runtime Access Protection that extends MFA, risk-based authentication, and Zero Trust policies across all enterprise systems—legacy, on-premises, and cloud—without requiring any application or endpoint modifications. It integrates with existing Active Directory and identity infrastructure to analyze and enforce policies on every authentication request.
How much does Silverfort cost? +
Silverfort uses a subscription-based model with custom pricing based on organization size. Four packages are available for different maturity levels of identity security programs. Specific per-user or per-authentication rates are not publicly disclosed; contact sales for a custom quote.
What are alternatives to Silverfort? +
Top alternatives include Okta (broader identity platform with app integration), SailPoint (comprehensive IAM and provisioning), Ping Identity (enterprise IAM with customization), and Microsoft Entra ID (cloud-native Azure-focused). Each has different strengths; Silverfort's differentiation is protecting legacy systems and command-line tools without modification.
Who uses Silverfort? +
Silverfort serves over 1,000 enterprise customers globally including healthcare systems (Huntsville Hospital), public sector organizations (London Borough of Waltham Forest), school districts (West Valley School District 208), and Fortune 500 telecom and insurance providers. Target customers are large enterprises with heterogeneous IT environments and legacy systems.
How does Silverfort compare to SailPoint? +
SailPoint is a comprehensive IAM platform focused on provisioning, access governance, and lifecycle management. Silverfort specializes in runtime authentication and MFA enforcement, particularly for legacy applications and command-line tools that SailPoint cannot protect without proxies or agent modifications. Silverfort is complementary for organizations seeking to extend MFA across protected resources.
Tags
identity security
MFA
Zero Trust
legacy application protection
authentication
risk-based access
agentless
proxyless
IAM
enterprise security