Silverfort, the Israeli identity security company valued as a unicorn after raising over $222 million, has acquired Fabrix Security for an estimated tens of millions of dollars, according to Calcalist. The deal brings Fabrix’s 14-person team and its AI-native identity decisioning engine into Silverfort’s platform, with combined capabilities expected in the second half of 2026.
What Silverfort Is Buying
Fabrix was founded in 2025 by Raz Rotenberg (former founding engineer at Run:ai, acquired by NVIDIA) and Ofir Yakovian (former tech lead at Orca Security and Microsoft Entra), according to PR Newswire. VP of R&D Roee Oz previously served as chief architect for Microsoft Defender for Cloud and led Microsoft’s AI security incubation. The company had raised $8 million in seed funding from Norwest Venture Partners, toDay Ventures, and Jibe Ventures, plus angel investments from executives at Google, Palo Alto Networks, Cyera, Microsoft, Tenable, and NVIDIA.
The core technology: an identity knowledge graph that analyzes access activity, organizational context, and intent, paired with AI agents that handle authorization decisions, just-in-time access requests, and identity lifecycle management. As SiliconANGLE reported, the approach replaces manual, rules-based access reviews with continuous, context-aware decisioning at runtime.
The Runtime Problem
The acquisition addresses a specific gap in enterprise identity infrastructure. Traditional identity and access management (IAM) systems operate on rules written at “admin time,” pre-defining what each identity can access. That model breaks when the identities requesting access are autonomous agents executing unpredictable workflows at machine speed.
“In the AI era, it’s becoming impossible to keep up, and organizations are rapidly losing control,” Silverfort CEO Hed Kovetz said in the announcement. “The only way to mitigate this risk without stopping the business is to make access decisions at runtime, using AI and deep context.”
The combined platform evaluates each access request as it happens. When a user, machine, or AI agent attempts to access a system, Silverfort’s Runtime Access Protection (RAP) layer triggers Fabrix’s AI decisioning engine, which weighs identity, permissions, intent, and business context to allow or deny access in real time. The system can operate autonomously or alongside human-written rules.
Strategic Context
This is Silverfort’s second acquisition in 18 months, following the purchase of cloud identity security company Rezonate in November 2024, per Calcalist. The company employs approximately 600 people, about half in Israel.
The deal validates a market thesis that has been building across enterprise security: agent identity is not an extension of human IAM. Service principals, API keys, bots, and autonomous agents require different access control primitives. Static role-based access cannot evaluate whether an agent’s runtime behavior matches its intended purpose.
Silverfort plans to bring the combined capabilities to its 1,000+ enterprise customers. The competitive question is whether runtime identity decisioning becomes a standalone category or gets absorbed into broader agent governance stacks from Microsoft, CrowdStrike, and Palo Alto Networks, all of which have announced agent security initiatives in the past month.