Security Experts:

Connect with us

Hi, what are you looking for?


Cybersecurity Funding

OSINT Authentication Firm 443ID Emerges From Stealth with $8 Million Seed Funding

Austin, Texas-based identity and access management firm 443ID has emerged from stealth with $8 million seed funding in a round led by Bill Wood Ventures and Silverton Partners. 443ID focuses on open source intelligence (OSINT) for authentication and authorization.

Austin, Texas-based identity and access management firm 443ID has emerged from stealth with $8 million seed funding in a round led by Bill Wood Ventures and Silverton Partners. 443ID focuses on open source intelligence (OSINT) for authentication and authorization.

The new funds will be used to expand its in-house expertise, by recruiting experts in identity and access management, cybersecurity, cryptocurrency, adtech and OSINT.

443ID Logo443ID brings OSINT to access management. The purpose, says the firm, is to allow users of today’s most popular identity and access management platforms to leverage the power of OSINT to make context-driven, risk-based decisions on how to authenticate, register, and engage their users.

The company was co-founded in 2021 by Stephen Shoaff (CEO) and Mark Batchelor (president). “OSINT data is a rapidly growing and powerful dataset used successfully for investigative purposes to date,” said Shoaff. “Bringing this data to identity security adds the value of outside risk to existing login, registration and other zero-trust flows. Our offering makes it possible to leverage OSINT for decision making on the fly, at login speed—not after the fact.”

The argument is that current authentication methods are almost entirely dependent on internal data assets collected over time during user engagement. The use of user OSINT provides an objective external view of the candidate from the initial engagement.

“443ID’s OSINT identity graph,” says the firm, “now allows users of the most popular identity and access management platforms to make more contextual decisions on how to authenticate, register or authorize users in a transparent and affordable way.”

Shoaff explained the process to SecurityWeek. “We currently use identifiers such as email, IP, phone, etcetera. to collect a rapidly growing, diverse set of signal data about the domain, network, location, dark web presence, reputation and more associated with a user. From there, we continue to branch out into other areas of OSINT as appropriate to build even more diverse datasets for every entity we encounter, building a model of OSINT data for each user that gets better every time any of our customers provides one of those identifiers.”

It’s a form of collective integrity. While it may be difficult to objectively verify the accuracy of an individual piece of OSINT, the overall picture gained from multiple sources is remarkably accurate and resilient.

Would it be possible for a well-resourced adversary to poison the OSINT source with fake identities? Possible, maybe; but feasible, no. “Just as the intelligence community uses multiple, independent variables to identify a target or signature in an area of operations; we use five independent primary indicators with multiple sub-indicators to determine authenticity,” said Shoaff.

He explained in more detail. “In the past we have seen adversarial groups build emulators to make their communications seem more authentic.” These emulators are typically one-dimensional, attempting to fool one potential indicator. In the 2016 election, early Russian influence bots on social media used IFTTT and other schedulers. 

“When they learned that disinformation researchers were looking for those data sources as an indicator they quickly changed to posting from ‘Mobile Web M5’. This did not change any of the other indicators like age of account, pattern of activity, content analysis, or network positioning that researchers also used to detect accounts.” 

The technical obfuscation by emulators failed. “The same will hold true with our signal print and the multiple ways it attacks false identity,” said Shoaff.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


More than 450 cybersecurity-related mergers and acquisitions were announced in 2022, according to an analysis conducted by SecurityWeek


Twenty-one cybersecurity-related M&A deals were announced in December 2022.


Forty cybersecurity-related M&A deals were announced in January 2023.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...