Rohati Systems has secured $12 million to fuel market expansion along with enhanicng their Network-Based Entitlement Control (NBEC) solutions. This second round of funding from Foundation Capital and Matrix Partners follows the Series A money both firms invested back in March of 2007, bringing the total to a staggering $22.6 million, and their product hasn't even been released yet! So much for the "new way" of doing things on a shoestring and being in perpetual beta. To their credit, they have been taking the product on tour, showing it off at the Gartner IT Security summit back in May, and again at the Burton Catalyst Conference in June.

According to the press release, both firms are ecstatic about their investments.

This is a clasic case of betting on a solid team with a new twist on a stumbling technology. In this instance, it's a bunch of Cisco guys trying to wake everyone up from the nightmare entitlements has become. Rohati's model for solving the access control problem is to build an appliance that sits close enough to the data assets that it can learn transaction level activity and build views of who touches what. Then, the product can build rulesets (aka: policies) which can be modified by the administrators to further dial them in.

We see this as having a good play within organiztions that are struggling with entitlement reporting for compliance reasons. In this case, just learning the behaviors of the users and logging that activity for future reference can be a huge help in making entitlement decisions. Too often we have noticed that the managers charged with authorizing usres and approving audit reports of user access on aquarterly basis are doing so largely on a guess. Our hope is that this new approach gives them a better view into the user activity and allows for more granualr decision making but without the overhead. Of course, the only way to find out is to get the product to market.