Veza
Veza helps enterprises secure data access through graph-based authorization visibility.
Veza is the authorization platform for data security built on a graph-based architecture that maps access permissions across 300+ integrations in hybrid and multi-cloud environments. It enables enterprises to visualize, manage, and control granular access down to specific data objects, tables, and cloud resources. Used by Global 500 companies like Expedia, Blackstone, and Wynn Resorts to solve privileged access monitoring, non-human identity security, and identity governance challenges. Recently acquired by ServiceNow in December 2025 at a $1B-$1.5B valuation.
Problem solved
Enterprises cannot easily see, understand, or control who has access to what data across their fragmented infrastructure of identity providers, data systems, cloud platforms, and applications.
Target customer
Large enterprises with complex hybrid and multi-cloud environments that need granular visibility and control over data access permissions across hundreds of systems.
Founders
T
Tarun Thakur
CEO & Co-Founder
Previously founded Datos IO (acquired by Rubrik), deep experience in data infrastructure.
M
Maohua Lu
CTO & Co-Founder
Previously at Datos IO, expertise in data infrastructure and systems architecture.
R
Robert Whitcher
Chief Architect & Co-Founder
Previously at Datos IO, specialized in infrastructure and architecture design.
Funding history
Series C
$110M
April 27, 2022
Led by Accel
· Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, True Ventures, plus angel investors including Kevin Mandia, Enrique Salem, Lane Bess, Manoj Apte, Joe Montana
Series C+
$15M
August 10, 2023
Led by Capital One Ventures, ServiceNow
· None specified
Series D
$108M
April 28, 2025
Led by New Enterprise Associates (NEA)
· Atlassian Ventures, Workday Ventures, Snowflake Ventures, Accel, GV, True Ventures, Norwest, Ballistic Ventures, J.P. Morgan, Capital One Ventures, Blackstone Innovations Investments
Total raised:
$235M
Industries
Pricing
Not publicly available. Enterprise B2B security platform with custom pricing based on deployment size and feature requirements.
Notable customers
Wynn Resorts, Expedia, Blackstone, SoFi, Warby Parker, Wayfair, Zoom, Intuit, ASAPP, Barracuda Networks, Choice Hotels, plus 10 Fortune 500 and 16 Fortune 1000 companies across finance, pharmaceuticals, and retail
Integrations
300+ integrations across identity providers, data systems, cloud service providers, and applications. Specific partners include ServiceNow (parent company as of Dec 2025), Atlassian, Workday, Snowflake
Tech stack
Typed.js (JavaScript libraries)
scrollreveal (JavaScript libraries)
jQuery Migrate (JavaScript libraries)
jQuery (JavaScript libraries)
YouTube (Video players)
Zendesk (Documentation)
DocuSign
WordPress (Blogs)
Site Kit (Analytics)
Linkedin Insight Tag (Analytics)
Google Analytics (Analytics)
Atlassian Statuspage (PaaS)
HSTS (Security)
Nginx (Reverse proxies)
Varnish (Caching)
PHP (Programming languages)
Apple iCloud Mail (Webmail)
Google Workspace (Email)
Fastly (CDN)
Unpkg (CDN)
Cloudflare (CDN)
Marketo (Marketing automation)
6sense (Marketing automation)
MySQL (Analytics)
MariaDB (Databases)
Reddit Ads (Advertising)
Google Tag Manager (Tag managers)
Salesforce (CRM)
Yoast SEO (SEO)
Amazon Web Services (PaaS)
Pantheon (PaaS)
Amazon SES (Email)
Website
Competitors
SailPoint
Broader IAM platform with more mature market position, but less specialized in authorization graph architecture for permissions visibility.
CyberArk
More comprehensive unified approach covering privileged access management, but Veza's graph-based visibility is more specialized for data system authorization mapping.
Saviynt
Traditional relational architecture for identity governance; lacks Veza's innovative graph-based model for cross-system permission visibility.
Immuta
Focuses on data access control and governance but less comprehensive in multi-cloud identity management across non-human identities.
Apono
Smaller competitor focused on access management but with less enterprise scale and fewer integrations than Veza.
Why this matters: Veza's acquisition by ServiceNow at a $1B+ valuation validates the market's demand for specialized authorization and access governance solutions in multi-cloud environments. The company's perfect 100% Willingness to Recommend score from Gartner peers and 150% NRR demonstrate exceptional product-market fit. As enterprises struggle with fragmented identity and access landscapes, Veza's graph-based approach to authorization visibility addresses a critical gap that legacy IAM platforms have overlooked.
Best for: Best for Fortune 500 and Global 2000 enterprises managing complex multi-cloud and hybrid infrastructure who need granular visibility and automated control over data access permissions.
Use cases
Privileged Access Monitoring
Security teams use Veza's Authorization Graph to continuously monitor and audit who has privileged access to sensitive data systems, databases, and cloud resources. The platform maps every permission relationship, enabling rapid detection of excessive privileges and unauthorized access paths.
Non-Human Identity Security
Organizations secure service accounts, API keys, and application identities across their infrastructure by mapping what each non-human identity can access. Veza automatically discovers and catalogs these identities to prevent orphaned accounts and unauthorized machine-to-machine access.
Identity Governance and Administration (IGA)
Compliance and governance teams use Veza to maintain up-to-date access entitlements, automate access reviews, and enforce least-privilege principles at scale. The platform normalizes authorization data across disparate systems to streamline periodic access certification cycles.
Data System Access Security
Database and data warehouse teams leverage Veza to understand and control row-level and column-level access to sensitive datasets. This is critical for protecting PII and regulated data in environments like Snowflake, Databricks, and cloud data lakes.
SaaS Access Management
IT and security teams map user permissions across hundreds of SaaS applications and cloud services, identifying over-privileged accounts and enforcing consistent access policies. Veza's integrations track when users should and shouldn't have access as roles change.
Alternatives
SailPoint
Broader, more established IAM platform with longer track record but less specialized for graph-based authorization visibility and data-centric security.
CyberArk
More comprehensive unified platform covering PAM, IGA, and threat analytics, but with a more traditional approach vs. Veza's innovative graph architecture.
Saviynt
Focuses on identity governance but uses relational rather than graph-based architecture, offering less sophisticated cross-system permission mapping.
FAQ
What does Veza do? +
Veza is an authorization platform that uses a graph-based architecture to map and manage access permissions across hundreds of identity providers, data systems, cloud platforms, and applications. It provides enterprises with a 360-degree view of who has access to what data and enables automated control over those permissions. Veza helps organizations solve privileged access monitoring, non-human identity security, and identity governance challenges at enterprise scale.
How much does Veza cost? +
Veza does not publicly disclose pricing. Like most enterprise security platforms, it uses custom pricing based on deployment size, number of integrations, and feature requirements. Contact their sales team for a quote.
What are alternatives to Veza? +
Top alternatives include SailPoint (broader IAM platform), CyberArk (comprehensive PAM and IGA), Saviynt (identity governance), Immuta (data access control), and Apono (access management). SailPoint and CyberArk are larger, more established platforms, while Veza differentiates with its specialized graph-based authorization architecture.
Who uses Veza? +
Veza is used by Fortune 500 and Global 2000 enterprises including Expedia, Blackstone, Wynn Resorts, SoFi, Warby Parker, Wayfair, Zoom, and Intuit. The company has secured 10+ Fortune 500 and 16+ Fortune 1000 customers across finance, pharmaceuticals, and retail sectors. It serves enterprises with complex multi-cloud and hybrid infrastructure managing thousands of identities and data systems.
How does Veza compare to SailPoint? +
While SailPoint is a more established, broader IAM platform covering identity lifecycle management, Veza specializes in authorization visibility and control through its innovative graph-based architecture. Veza maps permissions down to specific data objects and tables across 300+ integrations, excelling at data-centric and multi-cloud scenarios. SailPoint has broader market adoption but Veza's focused approach appeals to organizations prioritizing granular data access governance.
Was Veza acquired? +
Yes, ServiceNow acquired Veza in December 2025 at a valuation between $1B and $1.5B. The acquisition integrates Veza's authorization platform into ServiceNow's broader Identity Governance and Administration solutions, combining graph-based authorization visibility with ServiceNow's workflow and automation capabilities.
What new products has Veza launched recently? +
In November 2025, Veza announced Access AuthZ, which automates how organizations grant and revoke access across enterprise systems. In December 2025, they announced AI Agent Security, a purpose-built product for securing and governing artificial intelligence agents at enterprise scale. Both products leverage Veza's Authorization Graph technology.
Tags
identity governance
authorization
access control
data security
IAM
permissions visibility
cloud security