Geoffrey Mattson

Geoffrey
Mattson

Chief Executive Officer — SecureAuth

When enterprises discovered their AI agents were moving money, reading sensitive data, and rewriting systems without anyone knowing who authorized what, they needed a new kind of identity CEO. Enter Mattson.

SecureAuth CEO AI Security Zero Trust Multi-Patent Inventor 3x Company Builder

Profile

The Engineer Rewriting Identity for the Age of AI Agents

In December 2025, SecureAuth named Geoffrey Mattson as CEO. The timing wasn't incidental. Enterprises were discovering, with uncomfortable frequency, that their AI agents - the automated software acting on behalf of employees, customers, and machines alike - were operating outside expected behavior. Reading files they shouldn't. Initiating transactions without clear authorization. And doing it all in ways that existing identity infrastructure couldn't track.

Mattson had seen this coming for a while. His entire career - from Bell Labs to Nortel to Juniper Networks to two back-to-back security startups - is a sequence of bets placed on where technology is going before the market consensus arrives. The bet at SecureAuth is that identity is no longer primarily about logging humans in. It's about something larger and stranger: defining, delegating, and continuously verifying who or what is acting, what they're allowed to do, and critically, on whose behalf.

That framing - identity as a live, continuously updated map of relationships and authority - is what Mattson means when he says identity is becoming the control plane for how humans, machines, and AI agents collaborate. It's a precise claim, not a marketing line. He holds patents in AI, cybersecurity, and networking. He knows what a control plane does.

"The rise of AI agents is turning identity into a live, continuously updated map of relationships and authority. As enterprises give agents real power to read sensitive data, move money, and change systems, they need a strong identity control plane that can define, delegate, and continuously verify who or what is acting, what they are allowed to do, and on whose behalf."

- Geoffrey Mattson, on joining SecureAuth as CEO, December 2025

Mattson grew up professionally across continents. Bell Labs. Nortel. Huawei. Product and engineering leadership stretched across Europe, Asia, and the United States, the kind of ground-level exposure to global enterprise infrastructure that most executives only read about in case studies. At Bay Networks, he spearheaded networking and telecom product initiatives and led architecture, industry standards work, and global go-to-market efforts - during the era when the internet itself was figuring out what it was.

He moved into Juniper Networks next, serving as Vice President of Product Management. Juniper was the company that made Cisco nervous. Working there in both general management and functional leadership roles meant understanding what it meant to scale: not just grow headcount, but accelerate innovation while the market moved.

After Juniper, Mattson led R&D and product organizations at Corona and Caspian, cloud-based security services startups that were testing what was possible before the cloud itself became ubiquitous. This was operator work, not strategist work - the kind where you are accountable for what gets built and whether it ships.

"SecureAuth is already tackling some of the hardest problems in identity and relationship security, helping organizations move faster, deepen digital relationships, and still know exactly who and what they can trust."

- Geoffrey Mattson, SecureAuth CEO announcement

The founding of MistNet.ai changed his trajectory. As co-founder and CEO, Mattson built an AI-driven threat detection platform from scratch. The platform went deep on what would become an industry obsession: using behavioral signals and machine learning to detect anomalies in real time, without relying on signatures or rules that attackers already knew how to defeat. In January 2021, LogRhythm acquired MistNet, backed by Thoma Bravo, one of the most sophisticated private equity firms in enterprise software. An acquisition by Thoma Bravo-backed companies isn't a fire sale. It's a validation.

From there, Mattson took over as CEO of Xage Security. The company operated in OT - operational technology - the infrastructure layer where industrial control systems, energy grids, manufacturing floors, and critical national infrastructure live. Zero trust for OT environments is not a theoretical exercise. It's a field where network architecture is often decades old, where patching is slow, and where a security failure can mean physical consequences. Under Mattson, Xage delivered 420% revenue growth. That number belongs in its own sentence.

What SecureAuth is Actually Building

SecureAuth, founded in 2005, has always been a serious company. It merged with Cloudentity in February 2024, expanding into API access control and dynamic authorization. Its customer list - AARP, American Red Cross, ExxonMobil - suggests the stakes are real. The platform secures more than 50 million identities. But the competitive dynamic has shifted.

The industry statistic that haunts every SecureAuth pitch: enterprises already face a 50-to-1 ratio of non-human identities to human identities. For every employee with a login, there are fifty service accounts, API keys, machine credentials, and now AI agents operating in the background. And 80% of IT leaders report that their agents are behaving in ways they didn't expect. The gap between what agents are authorized to do and what they're actually doing is where the next wave of security failures will happen.

Mattson's argument is that SecureAuth is the platform built to close that gap - not with more rules or more approvals, but with a continuous identity security architecture that can track relationships and authority in real time. Passwordless authentication, zero trust, identity governance, behavioral analytics, agentic AI governance - these aren't separate products bolted together. In the SecureAuth worldview, they're layers of the same control plane.

He is also a mentor at Stanford's Ignite program, working with the next generation of founders building in the space he has spent his career navigating. Someone who mentors tends to have a model in their head of how technology evolves and how companies should be built around that evolution. Mattson's model, tested across Bell Labs, Bay Networks, Juniper, MistNet, Xage, and now SecureAuth, is that identity - who is acting, on whose behalf, with what authority - is the most important unsolved problem in enterprise security. He's betting his third CEO role on it.

Three Decades, One Direction

From Bell Labs to agentic AI, Mattson's career is not a straight line so much as a series of bets on where security was going before the market caught up.

Early Career

Engineering and product roles at Bell Labs, Nortel, and Huawei - three institutions that collectively defined the architecture of modern telecommunications. Work spanned Europe, Asia, and the U.S.

Bay Networks Era

Spearheaded networking and telecom product initiatives at Bay Networks, leading architecture, industry standards, and global go-to-market efforts during the early commercial internet.

Juniper Networks

VP of Product Management at Juniper Networks. Drove innovation and growth across both general management and functional leadership roles at one of the defining infrastructure companies of the era.

Cloud Security Startups

Led R&D and Product organizations at Corona and Caspian, two cloud-based security services startups exploring what enterprise security looked like before "cloud security" was a market category.

~2018 - 2021

Co-founded and led MistNet.ai as CEO, building an AI-driven threat detection platform. In January 2021, LogRhythm (backed by Thoma Bravo) acquired the company - a signal that the market had caught up to what he'd built.

2022 - 2025

Appointed CEO of Xage Security. Led the zero-trust cybersecurity mesh company through a period of rapid adoption in OT environments - energy grids, industrial control systems, critical infrastructure - delivering 420% revenue growth.

December 2025

Named CEO of SecureAuth, stepping into the role of redefining identity security for the age of AI agents - platforms that act with real authority on behalf of humans, machines, and organizations.

What He Built

🧠

Acquired by Thoma Bravo

Co-founded MistNet.ai and grew it to a successful acquisition by LogRhythm, backed by Thoma Bravo. AI-driven threat detection, built from scratch. Exited January 2021.

📈

420% Revenue Growth

As CEO of Xage Security, delivered 420% revenue growth in the zero-trust OT/ICS security market. A number that required both technical credibility and commercial execution.

⚡

Multi-Patent Inventor

Holds patents across three distinct domains: AI, cybersecurity, and networking. Not a specialist. An engineer who built across fields before those fields converged.

🌐

Global Track Record

Worked across Europe, Asia, and the U.S. through roles at Bell Labs, Nortel, and Huawei. The kind of institutional breadth most technology executives acquire only in case studies.

🔐

50M+ Identities

SecureAuth's platform, under Mattson's direction, secures over 50 million identities. Customers include AARP, American Red Cross, and ExxonMobil.

🎓

Stanford Mentor

Speaker and mentor at Stanford University's Ignite program, working with graduate founders building in the technology and security space.

The Identity Problem Mattson Is Solving

Most organizations think of identity as the login screen. Username, password, maybe a second factor. Authentication as a gate you pass through once and then forget about. That model was already showing cracks with the rise of cloud infrastructure, service accounts, and API keys. Now, with AI agents acting autonomously inside enterprise systems, the model has failed completely.

SecureAuth's platform addresses what Mattson calls "the hardest problems in identity and relationship security." Adaptive authentication. Passwordless login. Behavioral biometrics. Identity governance and lifecycle management. Zero trust architecture. API access control. These are the layers that define not just who is allowed in, but what they're allowed to do once inside - and whether what they're doing matches what they were supposed to do.

The Cloudentity merger in February 2024 added dynamic authorization capabilities - the ability to evaluate access decisions in real time based on context, not just credentials. For organizations deploying AI agents that need to act across systems, that's not a nice-to-have. It's infrastructure.

SecureAuth Platform

IAM

Identity & Access Management for humans, machines, and AI agents

MFA

Passwordless multi-factor authentication with behavioral signals

SSO

Single sign-on with adaptive access controls across enterprise systems

CIAM

Customer identity and access management at 50M+ identity scale

API

Dynamic API access control via Cloudentity integration

Agentic AI governance - defining and verifying AI agent authority

Things Worth Knowing

Mattson holds patents in AI, cybersecurity, AND networking - three distinct fields that most engineers treat as separate careers. His overlap is the point: modern identity security sits at exactly that intersection.

He worked at Bell Labs, Nortel, and Huawei - three institutions representing the American, Canadian, and Chinese telecommunications traditions. Before enterprise security had a global market, he was building across one.

At Xage Security, he inherited a company serving operational technology environments - the industrial infrastructure most security executives never touch because it's too specialized. He made it the fastest-growing segment of the zero-trust market.

The stat driving SecureAuth's pitch: enterprises now manage a 50-to-1 ratio of non-human identities to human identities. That number was manageable five years ago. With AI agents, it's becoming unmanageable without a platform like SecureAuth.

Mattson is a mentor at Stanford's Ignite program, which means he spends time helping founders think through company building - the same process he's now on his third iteration of as a CEO.

80% of IT leaders report their AI agents are acting outside expected behavior. That number, from SecureAuth's own research, is the clearest articulation of why Mattson's job exists.

The Territory

Zero Trust Identity Security Agentic AI Passwordless MFA IAM CIAM Single Sign-On Behavioral Biometrics API Security Adaptive Authentication Identity Governance OT Security Cloud Security AI Risk Engine Continuous Authentication Identity Lifecycle Management Risk-Based Access Control Dynamic Authorization Non-Human Identity Enterprise Security

Current Role	CEO, SecureAuth
Location	Los Altos, CA
Company	Irvine, California
Industry	Cybersecurity / IAM
Education	M.S. CS, Boston University
Patents	AI, Cybersecurity, Networking
CEO Since	December 2025

GeoffreyMattson