Valence Security vs Aleph Alpha

About

Valence Security is a SaaS security company founded in 2021 and headquartered in Tel Aviv, Israel. The company identified a growing but underaddressed attack surface: the web of integrations, OAuth grants, and third-party app connections that accumulate as organizations adopt dozens of SaaS applications. Each integration creates a trust relationship that can be exploited if the third-party application is compromised, if a token is leaked, or if permissions are granted far beyond what the use case requires. Valence was built to give security teams full visibility and governance over this SaaS integration mesh.\n\nValence raised $25 million in a Series A round led by Microsoft's M12 venture fund, with participation from YL Ventures and Porsche Ventures. The platform connects to the organization's core SaaS applications — including Microsoft 365, Google Workspace, Salesforce, GitHub, Slack, and Zoom — and discovers all OAuth applications connected to them, the permissions granted, the users who authorized them, and whether the connected applications have known security issues. Security teams can review, revoke, and enforce policies on third-party app access without disrupting end users.\n\nValence's collaboration security capabilities extend beyond OAuth to cover sharing configurations — identifying when sensitive documents, files, or data are shared externally or with overly broad permissions in collaboration tools. The platform also monitors for SaaS misconfigurations and tenant-level security settings that deviate from security baselines. Its remediation workflows allow security teams to alert the responsible users, request justification for sensitive access, or automatically revoke connections that violate policy.