Otterize, an open-source solution that’s re-inventing how to connect services securely, to each other and to their infrastructures, today announced $11.5M in seed funding and publicly unveiled its new Otterize Cloud product, which is now in GA. The round was led by Index Ventures, followed by Dig Ventures, Vine Ventures, with participation by Jibe Ventures, Crew Capital, and Operator Partners. Notable angel investors include: Abhinav Asthana, CEO of Postman; Adrian Ludwig, Chief Trust Officer at Atlassian; Akhil Paul, Investor at Caparo Group; Caleb Sima, former CSO at Robinhood; Dion Almaer, VP Engineering at Shopify; Guy Podjarny, Co-Founder of Snyk; Greg Schott, former CEO of MuleSoft; Ken Fox, Founder of Stripes; Mahau Ma, former SVP Corporate Strategy at MuleSoft; Michael Shaulov, CEO of Fireblocks; Nadir Izrael, CTO of Armis; Nat Friedman, former CEO of GitHub; Peter McKay, CEO of Snyk; Sanjay Poonen, former COO of VMware; Tamar Yehoshua, former CPO of Slack; Yevgeny Dibrov, CEO of Armis; Yvonne Wassenaar, former CEO of Puppet; and several additional technology leaders. Such support validates Otterize’s unique intent-based access control (IBAC) paradigm that enables developers to securely connect their services to each other and to infrastructure by automatically configuring existing security controls based on what client developers declare they need.
The Otterize open source + cloud product launches at a time when a growing distributed workforce demands more self-serve solutions, particularly those that allow rapid development without coordinating between client and server teams. And the approach of intent-based configuration is increasingly familiar, with the growth of Kubernetes in the platform engineering world. Otterize’s product disrupts an environment in which engineers have had no good choices: they either can’t connect securely, have to teach everyone to connect securely to every new technology, or they must tackle every new need manually within the small platform engineering team. These approaches inevitably generate friction. Otterize alleviates such issues, adding visibility and insights from the free Otterize Cloud service to the Otterize OSS project for Kubernetes. Otterize Cloud lets users explore the “access graph” of their Kubernetes cluster visually, to gradually and safely roll out IBAC.
“The motivation for starting Otterize wasn’t to provide yet another policy engine, an easier configuration UI, or another dashboard. It was to completely rethink how service-to-service access can be made both effortless and secure, enabling developers to focus on writing code rather than on configuring server permissions. And if possible, do it without introducing any new authorization components,” said Tomer Greenwald, Otterize CEO. “I’m excited to see that vision now becomes a reality, with a new approach – intent-based access control (IBAC) – and a product you can deploy in minutes.”
A Clear Choice for Developers
With IBAC, developers get secure access to services by simply declaring, alongside their code, what calls the code intends to make. Otterize then automatically configures existing access controls to allow those calls and block any unintended calls.
Platform engineers can embed the Otterize open source solution in their development pipeline, as well as plug in insights from the Otterize Cloud via its API, to offer developers a fundamentally easier and self-serve way to access services and infrastructure securely, focusing on what their code needs to call and not on how to make those calls securely. The outcome results not only in less friction for developers but also no dangling permissions, no unexpected outages from loss of access, and a steady march towards zero trust.
“The vision of Otterize is truly transformative for developers,” said Carlos Gonzalez-Cadenas, partner at Index Ventures. “It doesn’t just seek to remove a bit of the friction for engineers connecting multiple services, but it truly eliminates it. It’s one of the important areas remaining largely unsolved in cloud security; with IBAC and the Otterize product, we believe a solution is finally at hand.”
“What I’m most excited about is the IBAC approach, which Otterize is pioneering,” added Guy Podjarny, co-founder and President of Snyk. “It’s a bold approach to rebuilding how authorization is done in a way that works for teams who build software, not just for those who oversee security. By flipping the conventional paradigm of server-side access controls to be based on client intents to call the server, Otterize makes life fundamentally better for developers, which drives adoption, which ends up with the security posture organizations have yearned for.”
Otterize is built for the folks in the trenches: the developers building software, and the platform engineers and DevOps wizards who pave the roads for those developers. It emphasizes ease of access, driving adoption, and making it fit into the way developers already do things. The product makes it trivial for them to gain secure access to whatever they need to do their job. If secure access is that easy, then the default will become secure access – and that’s the ultimate outcome Otterize seeks for the industry.
Otterize was founded in 2022 by Tomer Greenwald, Uri Sarid, and Ori Shoshan. The company provides an open source intent-based access control (IBAC) solution for DevOps and platform engineers to automate the secure connection of services to each other and to infrastructure. Otterize’s IBAC solution automates the configuration process of existing access controls, allowing developers to gain secure access to all the services and infrastructure they need.
For more information, visit http://www.otterize.com