TL; DR —OpsBerry AI is an Identity Security Posture Management Platform that uses AI trained with the latest cybersecurity and compliance frameworks to help organizations proactively control, secure, and defend their human and non-human identity sprawl against identity-driven attacks. We help security and engineering teams quickly unify, analyze, and remediate critical vulnerabilities in their identity sprawl into a single pane of glass across central cloud, identity, and ZeroTrust providers.
Carlos is the company's CEO. He handles the business end, infrastructure, security, architecture, and technical operations. He has over 15 years of experience in Cloud infrastructure, architecture, and observability. Before Y Combinator, Carlos was Director of Solutions Architecture and technical customer success at OpsRamp, multi-cloud and hybrid observability, and ITSM (acq. by HPE), helping enterprises like Micron, Dolby, Epsilon, and others architect end-to-end observability across their multi-cloud environments. Before that, Carlos was an engineering and technical support manager for LogDNA (YC S15).
Casey is the company's CTO. With over 16 years of experience architecting and shipping code for his business ventures, Casey started by building and selling Runescape bots when he was 12. This eventually led him into various software engineering roles at YC-backed startups like Buildspace and Farmstead. Casey runs the product side of the house, handling UIUX design, software architecture, and development, and ultimately, shipping amazing enterprise code.
Identity security is often overlooked and underestimated, leaving organizations vulnerable to unauthorized access, data breaches, and compliance failures. User-based identities are steadily growing annually at a 30% rate, with most employees having two or more identities that allow access to critical business and engineering systems, which is only part of it. NHIs, or Non-Human identities (think OAuth apps, API keys, Service Accounts, etc.), are increasing even faster at 50%, or said otherwise, four or more NHIs per every employee.
In 2023 alone, 84% of organizations suffered at least one identity-based attack, which averaged $4.5 million in cost. The number of breaches has grown at a steady 50% yearly since 2020 (Source: ISDA). That's not all; unrealized fallout from these breaches after the fact tends to include legal repercussions, loss of customers, increased security costs, higher insurance premiums, reputational repair, loss of intellectual property, and more.
User identities are only one attack vector in your identity security posture; machine-based identities like API keys, OAuth apps, service identities, and other NHIs are critical attack vectors for businesses. Partially offboarded identities, orphaned human and non-human identities, identity privilege creep, overprivileged access, and shadow accounts that fly under the radar, like non-sso access, gen-AI tools, and other IT internal systems, eventually snowball out of control and exponentially increase the potential for identity-driven breaches across critical engineering and business environments.
For businesses struggling to maintain compliance and adhere to regulatory requirements, these unchecked identity issues lead to significant compliance and regulatory problems. Organizations face increased risks of failing audits, substantial fines, and even reputational damage due to their inability to manage and secure their identity sprawl effectively.
OpsBerry AI defends against human and non-human identity breaches using AI to continuously discover, prioritize, and remediate vulnerabilities and risks in your identity sprawl. Our AI-powered identity security posture management platform, trained with popular cyber security and compliance frameworks, provides comprehensive visibility and contextualization across your user accounts, service accounts, API keys, OAuth apps, and more, keeping your organization safe from identity-driven attacks.
👀 Automated Identity risk assessments—We automatically gather all information about each identity and generate in-depth risk assessments with AI, instantly surfacing gaps, vulnerabilities, and threats.
👥 Shadow identities—let AI surface the identities that hide in the shadows and quickly identify “unknown unknown” identity risks in your identity secure posture. Quickly surface and remediate shadow accounts across human and non-human identities, such as non-sso user accounts, API Keys and tokens, service accounts, orphaned identities, unmonitored privileged accounts, and more. This is the quickest way to transform hidden risks into strategic cost savings.
🌱 Lifecycle management and remediation are the easiest ways to control and secure your human and non-human identity posture. Drop-and-drop no-code automation lets you build streamlined self-service workflows to quickly onboard and offboard identities, remediate risks, and defend against identity-driven breaches.
And much more in the works!
Need help wrangle your identity sprawl with an identity security platform that’s like having your very own in-house identity security expert? We’d love to work with you!
Regardless of your company size, industry, or role, if you’re serious about protecting against identity breaches and want to take real control of your identity sprawl, we’d love to chat and show you a demo! Email carlos@opsberry.ai, or you can even set a time on our Calendly.
Casey and I met on Buildpsace.so. Casey was one of the first teachers on the platform educating people on how to build Web3 applications. I was a student on the platform learning how to build react web3 apps and Casey happened to live up the street in a Discord community with over 50k students. We met IRL and started building in Nov 2021.The company started at a Starbucks with a vision to build crypto fintech software, but after several pivots, we decided to build in the monitoring and observability space in Web3. We came up with this idea because we have over a decade of experience in building decentralized applications and working in the infrastructure, monitoring, and Operations industry across startups and enterprises.
We applied 3 times with 3 different ideas and were denied twice. We ended up applying one last time with Monitaur and got into the program as one of three Web3 companies in this batch! It was tough getting turned down the first few times, but we kept at it. We were pushed by a friend of ours to go back the third time and it worked.
We first built Luumen Finance, which was a budgeting tool for crypto in November of 2022. After a few months of building, we learned that building integrations for these types of tools was extremely difficult and decided to pivot in Feb of 2023. We ended up building and launching Hatchfi, a Plaid for crypto. We raised money and built an amazing product, but after several months, we learned that we were too early to the market, even after several micro pivots. We officially did a hard pivot in April of 2023 and are now building Monitaur, a Datadog for Web3.
observability into decentralized applications is still very siloed and manual. Tooling that exists today only solves a portion of the observability problem and tends to focus on individual developers with tool interoperability being almost non-existent. If decentralized applications are to be used and leveraged at scale within institutions and enterprises, there needs to be a tool that is capable of instilling operational excellence including, but not limited to: cross team functionality, interoperability and hybrid application support.
Long term vision is to be a household name like Datadog or Airbnb, specifically in the Web3 observability space. We want to build a strong company that helps facilitate the adoption of crypto in the mainstream. We truly believe in the power of crypto and how it will change the future of finance and infrastructure.