Cybersecurity

Silverfort Injects AI into Access Decisions with Fabrix Buy

Analyst 207||Source: GovInfoSecurity
Person interacting with laptop in neutral office setting.

"You can only hire so many humans, and those humans take vacations and go to the bathroom and walk away from their computers. Right now, you only want to bring a human in the loop when you need oversight, not for every single action."

Silverfort buys Fabrix to stitch AI into access decisioning

Silverfort, a Dallas-based identity security company, has acquired Fabrix Security, a Tel Aviv-based startup founded in March 2025, announcing a move to embed artificial intelligence directly into runtime access decisions. Fabrix emerged from stealth in September 2025 after raising $8 million in seed funding led by Norwest, Merlin Venture and Jibe Ventures and, at the time of the report, employed 13 people. The firm has been led since inception by Raz Rotenberg, who spent more than six years at Run:ai — culminating in a role as director of engineering — and more than five years in the Israeli prime minister's office.

How Fabrix's knowledge graph and AI agents work

Fabrix centers its approach on a knowledge graph that aggregates contextual data about identities and resources. According to the reporting, that graph contains user attributes — role, behavior and location — alongside resource characteristics such as sensitivity and risk level, creating a richer context than traditional, static policy systems provide. On top of the graph, a "fleet of AI agents" evaluates access requests in real time, analyzing the relationship between the identity and the resource dynamically and making a runtime decision at the moment access is requested.

Why runtime decisioning replaces static policy at scale

Silverfort executives described traditional static policies as increasingly untenable as organizations grow and add AI-driven and non-human identities. "As organizations get bigger and bigger and bigger, those policies become more and more numerous and more and more robust, and they become harder to manage," Goodman said. The acquisition is intended to pair Silverfort's existing runtime access enforcement with Fabrix's AI-driven decisioning to simplify that complexity, the company said: rather than multiplying rules, the platform will use AI to assess context continuously and act in milliseconds.

Planned integration: from new AI offerings to the full platform

According to the reporting, Silverfort will start by integrating Fabrix's decisioning into its newer AI security offerings, where there is "less legacy complexity." Over time, the plan is to embed AI-assisted logic across the entire Silverfort platform, covering human, non-human and "agentic" identities and spanning on-premises and cloud environments. The acquisition is pitched as improving usability for end users, increasing security for organizations, and providing efficiency gains over manual, rules-based approaches.

Applications beyond access control: threat detection and vulnerability management

While access control is the immediate focus, Goodman described broader applications for AI decisioning inside the platform. He said the same contextual, agent-driven model could assist in threat detection — helping identify and respond to attacks more quickly — and in vulnerability management, where AI could prioritize remediation efforts. He emphasized the urgency of speed: "You need to be able to make these decisions very quickly, because by the time a human could actually get involved, the agent may no longer exist," Goodman said. The implication is that AI-driven runtime decisions are intended to operate at "AI speeds" in environments where human intervention is neither timely nor scalable.

What this means for technologists, procurement leaders, and security teams

  • Technologists and security teams: Expect a shift from writing and maintaining large sets of static access policies toward deploying contextual graphs and AI agents that evaluate access in real time. Teams will need to instrument identities and resources so the knowledge graph has the attributes — role, behavior, location, sensitivity and risk level — the AI requires.
  • Procurement leaders and affected enterprises: The integration will begin with newer AI security modules and expand across platforms and environments, suggesting phased procurement and pilot opportunities for organizations with hybrid on-prem and cloud estates. Buyers should note Fabrix's startup profile — founded March 2025, seed-funded and small-staffed — when planning adoption timelines.
  • AI security product teams and engineers: The acquisition signals a product-level move to couple enforcement with AI-native decisioning. Teams working on threat detection and vulnerability prioritization may find opportunity to reuse the same contextual graph and agent architecture beyond access control into detection and remediation workflows.

Silverfort's purchase of Fabrix pivots identity security toward a runtime, AI-native model that the companies say is designed to scale human oversight only to where it is needed. The acquisition pairs a Dallas-based enforcement product with a Tel Aviv-built decisioning layer founded on a knowledge graph and agent fleet; whether that architecture reduces complexity in practice will depend on how effectively organizations can supply the contextual inputs the AI needs and on the pace of integration from the newer AI modules into the wider platform. For now, the immediate outcome is clear: access decisions are being recast as real-time machine judgments rather than a long list of human-authored rules.

Source: govinfosecurity.com — Silverfort Purchases Fabrix to Bring AI to Access Decisions

Access ManagementArtificial IntelligenceIdentity And Access Management (Iam)Identity SecurityEmerging TechnologiesAcquisitionAI-Powered SecurityRuntime Access Decisions
Related Intelligence

Continue Reading

Secure server room with rows of computer servers and networking equipment.

Trump Order Accelerates Federal Post-Quantum Crypto Migration by 2030

The clock is ticking: by December 31, 2030, federal agencies must upgrade their cryptography to protect high-value assets from the looming threat of quantum computers, with digital signatures following suit by December 31, 2031. This executive order accelerates the migration to post-quantum cryptography, compressing the government's previous timeline by four to five years.

Analyst 207
Laptop screen displays AI agent skill page in home office setting.

AI Skill Exploits Security Scanners, Reaches 26,000 Agents

In a shocking experiment, a security firm created a fake AI skill that evaded detection by security scanners and reached a staggering 26,000 agents, including those on corporate accounts. The skill, designed to be harmless, was able to bypass every scanner it was tested on, raising serious concerns about the safety of AI marketplaces.

Analyst 207
Modern tech lab with laptop and cybersecurity equipment on a clean workbench.

OpenAI Targets Faster Patching with Expanded Cyber-Defense Program

OpenAI's new GPT-5.5-Cyber model has achieved a record 85.6% score on CyberGym's vulnerability test, outperforming its standard counterpart and paving the way for faster patching with cutting-edge tooling and partnerships. This major breakthrough enables verified defenders to accelerate vulnerability fixes with enhanced security capabilities.

Analyst 207
Developer stands at workstation, holding tablet with blurred screen.

GitHub Bolsters Supply Chain Security by Blocking Pwn Request Patterns

GitHub is stepping up its game to protect your code by blocking common attack patterns on pull requests, helping to prevent security vulnerabilities from untrusted code. As of June 18, 2026, its actions/checkout v7 will refuse risky fork checkouts by default, keeping your workflows safer from attacker-controlled code.

Analyst 207