Cerby, an Alameda, CA-based provider of an access management platform for nonstandard applications, just raised $17M in Series A funding. In conjunction with the announcement, Belsasar (Bel) Lepe, CEO and co-founder of the company, answered our questions about the company, the solution offered, the funding, and future plans.
FinSMEs: Hi Bel, can you tell us a bit more about yourself? What’s your background?
Bel: My name is Belsasar Lepe, but you can call me Bel. I’m the co-founder and CEO of Cerby and an active advisor and investor in startups, primarily focusing on Latin America. Before founding Cerby, I co-founded and served as the CTO at Ooyala, leading a global engineering and design team of 300 people across five countries and seven offices. Notably, the company achieved two successful exits totaling over $440M. Previously, I led a product team at Impira, which drove a four-time revenue increase for the company. Earlier in my career, I was a Google engineer working on Enterprise Collaboration products and studied Computer Science at Stanford University.
FinSMEs: Let’s speak about Cerby. What is the market problem you want to solve? What is the real opportunity?
It always seemed risky to me that there were applications business users needed and used but that IT and Security teams were unwilling to approve or support because of their lack of identity standards support. Security tools have traditionally been built with only security and IT users in mind, but many applications that businesses depend on don’t support security standards. We refer to these applications as nonstandard apps. Nonstandard applications don’t work with IT and security tools because they lack support for modern identity protocols like SAML for SSO and SCIM for automated onboarding and offboarding of users.
I knew this problem existed, but I could never quantify the real pain and, more importantly, if IT and security teams would be willing to pay to solve it. My co-founder, Vidal González, and I were connected with a customer from his previous company, Wizeline. This customer not only articulated this same problem but quantified the willingness to spend to solve the problem.
That verification of a real market opportunity was all we needed to hear to jump in and further validate the willingness to pay. While our initial focus was on managing access to applications for marketing teams, we’ve since expanded our reach. We now cater to all business departments, from sales to product to manufacturing and finance, covering applications ranging from on-premises and OT to legacy and cloud.
FinSMEs: What are the features differentiating the product from competitors?
Bel: Cerby provides identity teams with comprehensive access management for nonstandard applications. The Ponemon Institute found that fifty-two percent of organizations have experienced a cybersecurity incident caused by their inability to secure nonstandard applications.
Harnessing the power of identity providers, Cerby removes the need for manual tools and compensating controls (like enterprise password managers) by automating everyday human security tasks based on single sign-on and lifecycle management cues from upstream identity providers allowing Cerby to protect any application independent of standards support.
Cerby’s patent-pending access orchestration engine is the first and only one to make passwordless authentication an immediate reality for nonstandard applications. Cerby saves time and money by automating manual tasks, like offboarding and 2FA enrollment, and providing IAM professionals with deep visibility and control of employee-onboarded applications.
FinSMEs: You just raised a new funding round. Please, tell us more about it.
Bel: We started fundraising a few months earlier than planned when we received a preemptive term sheet. We’ve raised $17 million as part of our Series A led by Two Sigma Ventures, with significant participation from Outpost Ventures. This brings our total funding to $32.5M. All previous investors from our seed round also participated in the Series A round, including Ridge Ventures, Founders Fund, Bowery Capital, AV8, Salesforce Ventures, Tau Ventures, Okta Ventures, and Incubate Fund. Ben Johnson, co-founder of Obsidian Security and Carbon Black, also participated in this round.
The investments from Two Sigma Ventures and Outpost Ventures highlight our growing momentum in the financial services sector, which is often heavily dependent on applications that lack support for modern identity protocols.
FinSMEs: Can you share some numbers and achievements of the business?
Bel: Our ARR has grown 3x since the close of 2022, and we are on track to 6x ARR by the end of the year. Cerby has 26 active customers and approximately 95,000 users. We doubled our valuation from our last round raised about 18 months ago, and 100% of this investment is equity.
We’ve formed strategic alliances with identity and security leaders Okta and Microsoft. On the social media front, we’ve partnered with Khoros, a digital-first customer engagement platform. These collaborations have enabled us to create a fully connected identity mesh, positioning Cerby as the only comprehensive access management platform for nonstandard applications.
Over the past months, we’ve worked closely with clients such as Colgate-Palmolive and a notable healthcare company. Our solution has addressed their core challenges around nonstandard apps and led to significant cost savings, emphasizing Cerby’s value proposition in the market.
Our Series A funding round saw participation from some of the industry’s most recognized figures, such as Ben Johnson, co-founder of Obsidian Security and Carbon Black. We also had John Kindervag, the creator of Zero Trust, join our advisory board. Their belief in Cerby’s mission and vision is a testament to the potential and efficacy of our platform.
FinSMEs: What are your medium-term plans?
Bel: We plan to invest in scaling our go-to-market efforts, including expanding sales and marketing teams. We’ll also continue investing in AI to enhance our development speed and maintenance of application and automation integrations.
As we venture deeper into AI, we’re scaling our work with LLMs to bolster our proactive threat detection capabilities. This isn’t only about scaling our integrations; it’s also about making our system more intelligent. We’ll be able to pinpoint abnormal behaviors quicker and more accurately by analyzing vast amounts of unstructured data. This ensures even nonstandard applications benefit from state-of-the-art security insights.