What if you could lower your risk of breach by upwards of 15% without adding a single person to your security team?
Research from the Ponemon Institute found that nonstandard applications generate 11 to 15 percent of breaches annually. We define applications as nonstandard if they do not support common identity and security standards such as SAML and SCIM. While Shadow IT usually refers to SaaS used without IT and security approval, nonstandard applications—including on-premise, OT, legacy, and cloud—fall across the IT infrastructure and systems spectrum.
In the same study, researchers discovered that 52 percent of respondents admitted to experiencing a cybersecurity incident caused by the inability to secure nonstandard applications. A lack of support for security standards makes managing these applications with identity providers impossible.
Cerby is unique in that we connect these previously disconnected applications to identity providers. We do this by starting with the end user. We make their lives easier by completely automating everything that otherwise would be their responsibility from a security perspective (manual tasks like managing passwords, offboarding access, and 2FA enrollment). Our platform is specifically suited for the new realities of cybersecurity that require a fully connected identity mesh, with identity providers like Okta, Azure AD, and SailPoint at the center.
Our investors
Two Sigma Ventures led our $17M Series A funding round with significant participation from Outpost Ventures, an investment platform of Neuberger Berman. This brings our total funding to $32.5M. The investment from Two Sigma Ventures and Outpost Ventures highlights Cerby's growing momentum in the financial services sector, which is often heavily dependent on applications that lack support for modern identity protocols. All previous investors from our seed round also participated in the Series A round, including Ridge Ventures, Founders Fund, Bowery Capital, AV8, Salesforce Ventures, Tau Ventures, Okta Ventures, and Incubate Fund. Ben Johnson, co-founder of Obsidian Security and Carbon Black, also participated in this round.
Villi Iltchev of Two Sigma Ventures will be joining the Cerby board.
“We are excited to be investing in the exceptional Cerby team. This financing round will help the company expand its innovative, secure, and user-friendly platform to revolutionize how businesses manage and protect nonstandard and disconnected applications and further capitalize on the strong momentum and growing customer interest,” said Villi Iltchev, Partner at Two Sigma Ventures. “We look forward to supporting Cerby on their mission to transform how businesses secure and manage access to their critical business applications and infrastructure.”
"At Outpost Ventures, we're always on the lookout for companies that challenge the status quo and lead industries into the next frontier,” said David Dubick, Partner at Outpost Ventures. “Cerby stands at the forefront of a transformation in identity management for nonstandard applications, a domain often overlooked yet critically vital. Their unique approach, combined with a passionate team, promises to reshape the very fabric of how businesses approach identity security. We're beyond thrilled to partner with Cerby on this journey, confident in the tremendous impact they're poised to make."
Our customers
The true measure of Cerby’s success lies in the tangible benefits we bring to our customers. Our commitment is to provide a holistic platform that helps our customers scale their security and IT teams by bringing nonstandard applications into a fully connected identity mesh.
Here are two examples:
- Colgate-Palmolive: Navigating the challenge of multiple social media accounts, Colgate-Palmolive was well acquainted with the anxiety of potential account breaches. Alex Schuchman, their CISO, was at the forefront of this digital battleground. With Cerby's tailored solution, the era of insecure password sharing was left behind. Now, enterprise-level authentication and automated password rotations shield their brand, upholding its integrity and allowing their IT team to focus on innovation rather than crisis management.
- Healthcare Company: Faced with the intricacies of multiple Electronic Health Record (EHR) systems and their inherent onboarding challenges, this company sought a robust solution. Enter Cerby, offering streamlined automation through their identity provider. With their Director of IT Services endorsement, their core challenges were addressed, and the bottom line also reflected a significant annual savings of $180K. As they look to integrate more applications, the future promises even greater efficiencies and cost savings.
Cerby is pivotal in enhancing cybersecurity for these enterprises and many others. It demonstrates that digital defenses can be practical and streamlined with tools and a dedicated partner like Cerby.
Our commitment
When we first started Cerby, we focused on managing access to applications for marketing teams like Meta Business Manager, X (formerly Twitter), and Instagram. After dozens of conversations with IT and security professionals, we realized the problem was more significant. It existed across sales, product, finance, and almost every other team and the applications they onboarded and used daily.
Once we were fully deployed with our initial customers, they began to ask if we could also help them with their private network applications. We then realized that the universe of applications and identities sitting beyond the identity perimeter was larger than we initially thought. Moreover, the significant dependency on manual compensating controls emphasized that the security tools most companies have in place were ill-equipped to deal with the larger-than-expected universe of nonstandard applications.
While cloud-first is dominant in deploying newly built applications, 54% of existing on-premises applications are not moved to the public cloud due to difficulty implementing security controls and meeting compliance requirements. Considering that each on-premises application relies on an identity component, one begins to see how much of the modern enterprise landscape lives beyond the identity perimeter.
When we started Cerby in 2020, we had yet to learn that automating critical identity workflows for on-premise private network applications would be an area of opportunity. Thanks to our open mindset since the beginning, we've built a flexible identity mesh that allows us to cater to all the different use cases around identity we've seen. This includes marketing, sales, product, finance, on-premises, OT, legacy, and cloud.
Our future
The funding will fuel our product development and enhance our support for international customers. As we venture deeper into AI, we're scaling our work with LLMs to bolster our proactive threat detection capabilities. This isn't only about scaling our integrations; it's about making our system more intelligent. We’ll be able to pinpoint abnormal behaviors quicker and more accurately by analyzing vast amounts of unstructured data. This ensures even nonstandard applications benefit from state-of-the-art security insights.
For example, we can help guide users on the best way to securely configure an application right when they're signing up for the application via an interactive, in-context wizard. This ensures the highest security posture for nonstandard and disconnected apps from day one. This is about proactively addressing risks before they become a threat vector.
On top of that, we'll continue to build and refine our go-to-market engine by bringing on additional sales and marketing team members. We recently had our first renewal and saw every customer renew or expand, resulting in net dollar retention (NDR) of 130%. In the first six months of 2023, we’ve already tripled our revenue exiting 2022.
Identity is more important than ever before, and there's a good reason the industry agrees that identity is the new perimeter. This funding investment is a testament to the fact that there are massive gaps in every business's identity perimeter. We can proudly say that Cerby is the only comprehensive access management platform for nonstandard applications–enabling a fully connected identity mesh for every application. But we are only just getting started.
Given our ongoing growth and commitment to innovation, Cerby seeks passionate and talented individuals to join our team. As we continue to shape the future of identity security, we understand the value of diverse minds and fresh perspectives. Check out our careers page for current opportunities and be part of our exciting journey ahead!