Corsha is a cybersecurity company specializing in machine identity management and API security, offering the first Machine Identity Provider (mIDP) that secures machine-to-machine (M2M) communications across hybrid, multi-cloud, and operational environments like critical infrastructure and industrial IoT.[1][2][5] Its platform provides automated multi-factor authentication (MFA), continuous authentication, connection discovery, and behavioral access controls for non-human identities (NHIs), enabling enterprises to protect data flows, reduce API attack surfaces, and support zero-trust architectures without added complexity.[1][2][4] Corsha serves sectors including manufacturing, public sector, critical infrastructure, and defense, with notable traction via U.S. government contracts like an AFWERX grant and OSD ManTech funding, plus a $12M Series A backed by SineWave, Razor's Edge, Ten Eleven Ventures, and others.[1][3][4] Growth momentum includes a 2025 Cyber Defense Magazine award for most innovative machine identity management and patents in blockchain, cryptocurrencies, and IoT.[1][2]
Corsha was founded in 2017 in Vienna, Virginia (with Washington D.C. operations), originally as Hashlit, before rebranding to focus on its core mission.[1][3] The idea emerged from founders Anusha Iyer and Chris Simkins' frustration with static, long-lived API keys—such as those used in GitHub—mirroring outdated human authentication vulnerabilities, prompting them to pioneer dynamic MFA for APIs and machines.[4] Early traction built through validating the platform with major cybersecurity customers, including the U.S. Federal Government and Air Force for securing industrial IoT, alongside partnerships like Dell for zero-trust IAM.[4] Pivotal moments include $1.8M AFWERX TACFI grants in 2023 for zero-trust in hybrid clouds, OSD ManTech contracts for edge manufacturing security, and a $12M Series A in 2023 (noted in ongoing momentum into 2025).[3][4]
Corsha rides the explosive growth of machine identities and NHIs, where machines communicate more than humans in operational systems, amplifying risks in hybrid/multi-cloud and critical infrastructure amid rising API attacks.[2][4] Timing aligns with zero-trust mandates (e.g., U.S. government pushes) and OT/IT convergence, fueled by market forces like AI-driven automation, robotics, and edge computing demanding secure data flows without legacy bottlenecks.[2][3][5] It influences the ecosystem by bridging cybersecurity gaps—enabling safe modernization for manufacturing/public sector—while competitors like Cequence focus narrower on API protection; Corsha's mIDP sets a standard for industrial-scale M2M trust.[1][2]
Corsha is positioned to dominate machine identity security as NHI proliferation accelerates with physical AI, autonomous systems, and expanded OT connectivity. Next steps likely include scaling government/commercial wins, patent expansions, and platform enhancements for emerging threats. Trends like regulatory zero-trust enforcement and AI ops will propel growth, evolving Corsha from API innovator to essential mIDP backbone—securing the "invisible connections" powering tomorrow's world, much like its founders' GitHub key epiphany ignited secure M2M today.[2][4][5]
Corsha has raised $18.0M in total across 1 funding round.
Corsha's investors include Cybernetix Ventures, SineWave Ventures.
Corsha has raised $18.0M across 1 funding round. Most recently, it raised $18.0M Series A in April 2025.
| Date | Round | Lead Investors | Other Investors |
|---|---|---|---|
| Apr 1, 2025 | $18.0M Series A | Cybernetix Ventures, SineWave Ventures |
