---
title: Scalekit Raises $5.5M as Authentication Systems Fail AI Agent Test
description: AI agents now outnumber humans in enterprise systems, exposing OAuth weaknesses; firms must shift from human-centric access to scoped agent identity controls.
author: Darie Nani (Editor-in-Chief)
date: 2025-09-16T11:00:00.000Z
updated: 2026-02-26T18:02:01.254Z
canonical: https://www.sovereignmagazine.com/article/scalekit-raises-5-5m-as-authentication-systems-fail-ai-agent-test
image: https://cdn.nanimediahouse.com/Scalekit-overall-illustration.png
categories: Startups, Artificial Intelligence
content_type: Spotlight
region: United States
publication: Sovereign Magazine
about:
  - type: Organization
    name: Scalekit
    description: Scalekit provides AI developers with authentication and tool-calling infrastructure. Founded by the team behind Freshworks’ original auth platform, the company is backed by Together Fund, Z47, and a network of operator investors. Now live and GA at scalekit.com .
    url: http://scalekit.com/
    sameAs:
      - https://www.linkedin.com/company/scalekit-inc, https://www.youtube.com/channel/UC4_ygw5mMepy25XSYJRB1Iw, https://twitter.com/scalekitinc
---

Enterprise security teams face a $19 billion problem: their authentication systems can’t handle AI agents. [Scalekit](http://scalekit.com/) just raised $5.5 million from Together Fund and Z47 to solve what Gartner predicts will be the next major breach vector – [25% of enterprise breaches by 2028](https://newsroom.ibm.com/2025-07-30-ibm-report-13-of-organizations-reported-breaches-of-ai-models-or-applications,-97-of-which-reported-lacking-proper-ai-access-controls) will trace back to compromised AI agents.

![Satya Devarakonda co founder and CEO Scalekit 2 1024x683](https://cdn.nanimediahouse.com/Satya-Devarakonda-co-founder-and-CEO-Scalekit-2-1024x683.webp)

![Ravi Madabhushi co founder and CTO Scalekit 1024x683](https://cdn.nanimediahouse.com/Ravi-Madabhushi-co-founder-and-CTO-Scalekit-1024x683.webp)

Non-human identities now [outnumber human ones by 50 to 1](https://www.okta.com/solutions/protect-non-human-identities/) in many enterprises, according to Okta data. Machine Identity Management hit $19.05 billion in 2025, growing at 12.25% annually. Yet 80% of organisations still lack proper management strategies for these identities.

## When Security Models Break

The [Salesloft breach in August 2025](https://thehackernews.com/2025/08/salesloft-oauth-breach-via-drift-ai) demonstrated exactly what security experts warned about. Attackers compromised OAuth tokens linked to the Drift AI chat agent, exposing Salesforce customer data for 10 days. The incident highlighted a fundamental problem: AI agents inherit high-privilege identities like OAuth tokens, creating attack vectors that [traditional security models can’t contain](https://www.sovereignmagazine.com/article/what-ai-cybersecurity-really-looks-like-on-the-ground-for-us-businesses).

‘For years, software focused on blocking bots. Now business apps must let authenticated agents in and decide exactly what data they can read or write,’ says Satya Devarakonda, Scalekit’s co-founder and CEO. The company’s authentication stack addresses both sides of the problem—verifying agent identities and enforcing precise access controls.

Research from [Zenity Labs](https://www.cybersecuritydive.com/news/research-shows-ai-agents-are-highly-vulnerable-to-hijacking-attacks/757319/) presented at Black Hat USA 2025 proves the severity. AI agents from Microsoft, Google, OpenAI and other major providers are susceptible to hijacking with minimal user interaction. Attackers can exfiltrate sensitive data and manipulate workflows by exploiting vulnerabilities in agent authentication systems.

## The Business Reality

Developers face two bad choices: over-privilege agents with broad access (dangerous) or build custom workarounds (time-consuming). Most choose poorly. McKinsey research shows less than 30% of companies have CEO-sponsored AI agendas, leading to fragmented deployments where teams launch agents without centralised identity governance.

‘We needed auth that just works so we could focus on our core AI features. Scalekit eliminated months of auth complexity and let us ship in a couple of weeks,’ says Harsh Vakharia, head of technology at [SiftHub](https://www.sifthub.io/), an AI-native sales solution.

The problem compounds as what analysts now call ‘agent sprawl’ spreads through enterprises. The August 2025 [IBM security report](https://newsroom.ibm.com/2025-07-30-ibm-report-13-of-organizations-reported-breaches-of-ai-models-or-applications,-97-of-which-reported-lacking-proper-ai-access-controls) found 13% of organisations experienced breaches involving AI models, with 97% lacking proper access controls. This gap in AI threat awareness [leaves business teams vulnerable](https://www.sovereignmagazine.com/article/gap-in-ai-threat-awareness-leaves-business-teams-open-to-attack-report-warns) to sophisticated attacks.

## Purpose-Built Solution

Scalekit’s approach focuses on short-lived, scoped tokens and modular authentication components that integrate without architectural changes. The company supports the [Model Context Protocol (MCP)](https://www.anthropic.com/news/model-context-protocol), adopted by OpenAI, Google DeepMind, Microsoft and other major providers.

[Agents access systems through APIs and protocols](https://www.sovereignmagazine.com/article/when-machines-shop-preparing-your-business-for-ai-powered-buyers) designed for efficiency and automation, unlike human users who navigate through interfaces. Traditional [Identity and Access Management systems](https://www.fortunebusinessinsights.com/industry-reports/identity-and-access-management-market-100373), designed for the $25.179 billion human-centric market, weren’t built for entities that ‘live in code, not in user directories,’ as Ravi Madabhushi, Scalekit’s co-founder and CTO, puts it.

Early enterprise adopters include Block, Apollo, Replit and Zapier—companies that recognised they needed purpose-built infrastructure rather than retrofitted human-centric systems.

‘We plugged in Scalekit’s passwordless auth module without any refactoring. That lego-style flexibility got us live in two weeks,’ explains Suman Varanasi, CTO at [Fello](https://fello.ai/).

## Investment Thesis

The backing from Together Fund and Z47 for Scalekit’s $5.5 million seed round signals investor recognition that agent identity represents fundamental change, not evolution of existing systems. Scalekit’s roadmap includes 1,000+ app connectors, suggesting the integration scope required to properly secure agentic workflows.

Meanwhile, [device fingerprinting technologies](https://www.sovereignmagazine.com/article/how-digital-dna-recognition-works-fingerprinting-puts-invisible-protection-to-the-test) offer complementary approaches to invisible authentication.

As AI agents become more autonomous and enterprises deploy them at scale, the gap between human-centric authentication and agent-centric identity management will widen. Companies that adapt their security infrastructure now will avoid the costly breaches that analysts predict for those that don’t.

**About Scalekit**

Scalekit provides AI developers with authentication and tool-calling infrastructure. Founded by the team behind Freshworks’ original auth platform, the company is backed by Together Fund, Z47, and a network of operator investors. Now live and GA at scalekit.com .

[Website](http://scalekit.com/)
