Bel Lepe, a former Google software engineer, tells me that it unchangingly seemed risky to him that there were apps merchantry users needed and used, but that IT and security teams were unwilling to legitimatize them considering of their lack of support for identity standards.
It’s a legitimate issue. According to a Ponemon Institute survey, 52% of organizations have experienced a cybersecurity incident caused by their inability to secure nonstandard apps.
“Security tools have traditionally been built with only security and IT users in mind, but many apps that businesses depend on don’t support security standards,” Lepe said in an email interview. “We refer to these applications as ‘nonstandard apps.’ Nonstandard apps don’t work with enterprise IT and security tools considering they lack support for modern identity protocols for streamlined onboarding and offboarding of users.”
Lepe tried to simply live with the problem as his career took him through various startups and organizations. But a few years back, Lepe was unfluctuating with a customer, Wizeline, who expressed a willingness to spend to solve the nonstandard app dilemma.
With his co-worker at the time, Vidal González, Lepe set upon towers a visitor to manage wangle for business-to-business nonstandard apps. That visitor became Cerby, which today sealed a $17 million Series A funding round led by Two Sigma Ventures with participation from Ridge Ventures, Founders Fund, Bowery Capital, AV8, Salesforce Ventures, Tau Ventures, Okta Ventures, Incubate Fund and Carbon Black co-founder Ben Johnson.
Cerby lands $17M to manage access to 'nonstandard
Lepe wouldn’t reveal Cerby’s current valuation, but he claims that it’s “double” what it was 18 months ago.
“Harnessing the power of identity providers like Okta, Azure AD and SailPoint, Cerby removes the need for transmission tools and compensating controls, such as enterprise password managers, by automating everyday human security tasks based on single sign-on and lifecycle management cues from upstream identity providers,” Lepe added. “This allows Cerby to protect any using self-sustaining of standards support.”
As Lepe alluded to, Cerby works by automating unrepealable tasks, including offboarding and two-factor hallmark enrollment, while providing security teams with visibility and tenancy of employee-onboarded apps. It lets customers share wangle to social media accounts, for examples, without sharing passwords. And Cerby can snift rogue apps, guiding users to increasingly secure alternatives.
Lepe asserts that it can both reduce a company’s reliance on transmission controls and prevent potential breaches — two key desires of most enterprises. “Cerby ensures that every application, regardless of location or support for standards, is integrated into a unified identity mesh, providing resulting security standards wideness the enterprise,” he added.
To use Cerby, companies first connect the platform to a corporate identity provider, like Okta or Ping. Then, they register their apps in Cerby, accessing them by logging into the corporate identity provider.
“While our initial focus was on managing wangle to applications for marketing teams, we’ve since expanded our reach,” Lepe said. “We now cater to most departments like sales, product, manufacturing and finance, tent applications ranging from on-premises and OT to legacy and cloud.”
Cerby competes with companies including Nudge Security and Strata Identity, the former of which emerged from stealth with $7 million in funding just well-nigh a year ago.
cerby bug bounty
To stay one step ahead, Cerby plans to prefer AI — specifically large language models similar to the kind powering OpenAI’s ChatGPT — to perpetuate its threat detection capabilities. Lepe describes AI that might be worldly-wise to help guide users to the weightier way to securely configure an app when they’re signing up, perhaps via an interactive, in-context wizard.
“This isn’t only well-nigh scaling our integrations; it’s moreover well-nigh making our system increasingly intelligent,” he said. “We’ll be worldly-wise to pinpoint unwont behaviors quicker and increasingly virtuously by analyzing vast amounts of unstructured data. This ensures plane nonstandard applications goody from state-of-the-art security insights.”
Lepe claims that San Francisco-based Cerby, which has virtually 60 employees, has 26 zippy customers, including Colgate-Palmolive and a “major” healthcare provider. Cerby aims to reap federal customers in late 2024; the new funding tranche, which brings Cerby’s total raised to $32.5 million, will be put toward scaling the firm’s go-to-market, sales and marketing efforts.
“We planned to raise our Series A at the end of the Summer of 2023, but then we received a preemptive term sheet. That moved our fundraising process forward by approximately three months,” Lepe said. “Despite the broader tech slowdown, Cerby has been amazingly resilient. Our solution is essential for businesses merging legacy and modern applications in an evolving work landscape, ensuring we remain vital regardless of market fluctuations.”
