Opal lands $10 million for dynamic access management

Opal, a platform that decentralizes access management for enterprise customers, announced today that it has raised $10 million in a Series A funding round led by Greylock. CEO Stephen Cobbe says the proceeds will go towards product development and expanding the size of Opal’s 25-person team. It is Cobbe’s contention that companies give too much access to systems. To his point, a 2021 survey by cloud infrastructure security startup Ermetic found that companies with more than 20,000 employees experienced at least 38% of cloud data breaches due to unauthorized access. Employees use systems like Amazon Web Services (AWS), GitHub, and Salesforce in their daily work, and each of these systems has its own way of defining access control (for example, through roles, groups, resources, pools, etc.). of permissions, or policies). With so much variety, defining the correct role-based abstraction can be challenging. “Being an ‘engineer’ could have a well-defined meaning in Jira, where it implies having access to the ‘engineering’ ticketing project. However, in a more complicated system like AWS, being an ‘engineer’ may offer little insight into what a user needs to do their job,” Cobbe explained. “Opal solves this problem by leveraging a more dynamic access model.” Opal was founded in 2019 by Cobbe, a former Dropbox software engineer. Umaimah Khan, Opal’s other co-founder and chief product officer, came from Collective Health, a self-funded employer health benefits firm.Image credits: Opal Opal offers employees a self-service catalog that allows them to request and receive access to systems. An analytics dashboard provides usage-based suggestions, visualizations, and access information to a customer’s security team. If a user hasn’t accessed a resource in many months, for example, Opal’s analytics panel might recommend that the user’s access be removed. “Opal brings a unique approach to the problem of access management, combining insights with workflows. Most products are one or the other,” Cobbe said. “Opal decentralizes away from overburdened teams like security and IT to resource owners with the most context.” Opal can automatically discover databases, servers, internal tools and applications, delegating access requests to relevant teams and managers. The platform can also automatically remove access when it is no longer needed, sending reminders to reviewers via Slack and email and monitoring any changes to access. “Opal was built to give teams a single pane of glass to manage access in a scalable manner and in accordance with the security principle of least privilege where only the minimum amount of access necessary is granted,” said Cobbe. “Overall, Opal helps companies move with agility while staying secure and compliant… [We do] this by establishing a culture where least privilege, the act of giving the least amount of access for someone to complete a ‌task, is an established norm and everyday practice.” Opal competes with companies large and small in the access management space, including DoControl. But Cobbe, while declining to answer questions about Opal’s revenue, said he is confident his company can stand out with a client base that includes Databricks, Blend and Marqeta. “Security and compliance are crucial for most companies. Even amid the current economic environment, we believe there will continue to be a budget for value-creating products in these spaces,” he added.


Table of Contents