2026 WINNER · CYBERSECURITY STARS AWARDS
Twine Security · AI Digital Employees
Most Innovative Cybersecurity Company
Overview
Twine builds AI Digital Employees who help cyber teams close the execution gap.
Its first AI Digital Employee, Alex, learns, understands and takes away the burden of Identity and Access Management (IAM) tasks - proactively completing the organization's cyber objectives.
An Agentic AI pioneer, the company was founded in 2024 by Benny Porat, Nadav Erez, Omri Green and Justin Woody - all former top managers at cyber unicorn Claroty, which was co-founded by Porat in 2015.
Key Capabilities
Twine builds AI Digital Employees who help cyber teams close the execution gap.
Each is an entire agentic AI system that joins enterprise security teams and executes cybersecurity work end to end. Most cybersecurity tools generate alerts, surface recommendations, or automate narrow workflows. They tell teams what to do. Twine closes the gap between knowing and doing.
Our first AI Digital Employee, Alex, learns, understands and takes away the burden of Identity and Access Management (IAM) tasks - proactively completing the organization's cyber objectives.
Alex is powered by a coordinated multi-agent system (MAS) trained in identity security, governance, compliance, and operational best practices. The agents work together to understand organizational context, gather the right data, interpret exceptions, coordinate with stakeholders, and complete workflows across IGA, IDP, ITSM, HR, and PAM systems.
Alex operates on a repeatable three-phase execution loop: It understands the goal by translating vague objectives like "improve identity posture" into structured outcomes with measurable key results. It maps the environment by reconciling identities from authoritative and complementary sources into a real-time model called the Identity Warehouse, surfacing missing ownership, classification, and application attribution along the way. And finally, it acts by deploying specialized agents to clean identity data, accelerate user access reviews, enforce policies, resolve IAM tickets, and remediate violations, with human approvals at every step the customer requires.
Concrete capabilities include identifying risky and misconfigured accounts, improving account and group hygiene, accelerating certification and compliance reviews, reducing rubber-stamping with intelligent context, resolving IAM tickets faster, collecting evidence automatically, and enabling teams to launch investigations through conversational queries. Alex can also execute broader programs, such as service account hygiene, access exception reviews, and identifying active accounts whose owners have left the company.
Alex retains context across every task through the Knowledge Fabric, a learning layer that captures the organization's roles, policies, approval chains, and business context. Unlike workflow automation that breaks on edge cases, the Knowledge Fabric improves with every ticket, review, and decision, so Alex gets more accurate over time and handles the messy enterprise reality that defeats brittle tooling.
How we are different
Twine is different because it is not building another cybersecurity tool. It is building the AI cybersecurity workforce of the future. This will completely change how enterprise security teams work. Most security platforms help teams detect problems, prioritize risks, or automate predefined tasks. Twine's AI Digital Employees take ownership of cybersecurity objectives and drive them to completion.
Enterprise security teams have the strategy, the tools, and the policies. What they're missing is consistent execution. Audits complete but risk stays unchanged. IGA platforms go live but access still drifts. MFA is deployed but still gets bypassed. The issue is not tooling. It is the gap between knowing and doing. Twine bridges that gap with a digital workforce that proves measurable value quickly, with the first use case typically in production within roughly three weeks and a full 90-day path to value.
Three strategic choices make this possible: First, agentic execution over scripted automation. Traditional automation depends on humans to define every workflow in advance, maintain playbooks, and manage every exception. Twine's AI Digital Employees are goal-driven: they determine what data is needed, learn the organization's specific context, engage with stakeholders, handle exceptions, request approvals when appropriate, and drive the work to completion.
Second, a multi-agent architecture rather than a single model. Many emerging AI solutions rely on a single agent or wrap a chatbot around existing tools. Twine coordinates specialized agents that work together like an expert team, combining investigation, reasoning, compliance understanding, system integration, and execution in one operating model.
Third, enterprise trust by design. Every Alex action runs through the control membrane, our human-in-the-loop control layer where customers set autonomy per action, with full reasoning transparency and audit trails on every decision and outcome. Organizations start conservative and progressively delegate more work as confidence grows. Alex works on top of the existing IAM and IGA stack, with no rip and replace.
The combination of category creation, agentic execution, deep IAM expertise, and enterprise-grade control is what sets Twine apart.
Gallery
No gallery images yet.