Otterize emerges from stealth with $11.5M in funding to help developers securely connect software services
With most organizations moving to the cloud, building software applications has become increasingly complex as applications have to interconnect with other third-party components and different software development tools, which may potentially make the applications more vulnerable.
One of the challenges faced by software engineers building applications in the cloud environment is the inability to securely connect services securely to each other and to their infrastructures. Rather than focusing on building software, these engineers have to teach everyone to connect securely to every new technology, or they must tackle every new need manually within the small platform engineering team.
It’s for this reason that open-source startup Otterize is on a mission to re-invent how to connect services securely, to each other and to their infrastructures. Otterize helps developers alleviate these problems by adding visibility and insights from its Cloud service to the OSS product for Kubernetes.
After many months of working behind the scene on its first-of-its-kind tool, Otterize finally emerges out of stealth today with $11.5 million in seed funding to help developers securely connect software services. The round was led by Index Ventures, followed by Dig Ventures, and Vine Ventures, with participation by Jibe Ventures, Crew Capital, Operator Partners, and other notable angel investors.
Founded in 2022 by Greenwald, Uri Sarid, and Ori Shoshan, Otterize offers an intent-based access control (IBAC) solution that is open source and caters to DevOps and platform engineers. The solution automates the secure connection of services to infrastructure and facilitates the configuration of existing access controls. This makes it easier for developers to access all the necessary services and infrastructure securely.
The latest investment further validates Otterize’s unique intent-based access control (IBAC) paradigm that enables developers to securely connect their services to each other and to infrastructure by automatically configuring existing security controls based on what client developers declare they need.
“The vision of Otterize is truly transformative for developers. It doesn’t just seek to remove a bit of the friction for engineers connecting multiple services, but it truly eliminates it,” said Carlos Gonzalez-Cadenas, partner at Index Ventures. Guy Podjarny, co-founder and President of Snyk, added: “By flipping the conventional paradigm of server-side access controls to be based on client intents to call the server, Otterize makes life fundamentally better for developers, which drives adoption, which ends up with the security posture organizations have yearned for.”
With IBAC, developers get secure access to services by simply declaring, alongside their code, what calls the code intends to make. Otterize then automatically configures existing access controls to allow those calls and block any unintended calls.
Platform engineers can embed the Otterize open-source solution in their development pipeline, as well as plug-in insights from the Otterize Cloud via its API, to offer developers a fundamentally easier and self-serve way to access services and infrastructure securely, focusing on what their code needs to call and not on how to make those calls securely. The outcome results not only in less friction for developers but also in no dangling permissions, no unexpected outages from loss of access, and a steady march towards zero trust.
“What I’m most excited about is the IBAC approach, which Otterize is pioneering,” added Guy Podjarny, co-founder and President of Snyk. “It’s a bold approach to rebuilding how authorization is done in a way that works for teams who build software, not just for those who oversee security. By flipping the conventional paradigm of server-side access controls to be based on client intents to call the server, Otterize makes life fundamentally better for developers, which drives adoption, which ends up with the security posture organizations have yearned for.”