Cerbos raises US$7.5M to usher in a new era in access management

PortfolioApr 12, 2023

When you’ve seen a major problem come up time and again, and nobody has solved it, a true entrepreneur doesn’t just accept it — they want to fix it. That might be the defining feature that differentiates entrepreneurs from ordinary mortals.

In Emre Baran, Charith Ellawala, and Cerbos we’ve found these extraordinary qualities and could not be prouder to play a part in this company’s growth story, leading the US$7.5M Seed round announced today.

Access management isn’t getting any easier

In 2015 while working at Uber, I became acutely aware of the PR disasters that can happen when user data is not sufficiently protected. It is a lesson that has stayed with me. Today, companies require several engineers to build and maintain their authorization layer, and the ongoing maintenance requirement creates a significant burden. For small or scaling businesses, staying on top of user authorization has been a nightmare (until now).

We first came across Emre and Charith when we were building our thesis on the modern Identity and Access Management (IAM) stack and emergent open-source businesses.

As part of our market research — long before we met with Emre — we spoke with one company who had spent north of $1M and 18 months trying to build the solution that Cerbos offers out-of-the-box. We were convinced there was an urgent business issue to be addressed. There has been so much attention on authentication, but authorization is much more complex — and we loved that Cerbos was tackling it head-on.

We invested in Cerbos because we believe that the team is solving a significant problem that no one else has cracked. Staying on top of authorization and user permissions across an increasingly complex modern business tech stack is an issue every business faces at some point. And it is solved, today, by throwing engineers (and lots of money) at the problem.

Cerbos’ approach

Using an API-first model, Cerbos aims to remove the complexity of decision-making and access management, allowing businesses to focus developer time and resources on their core product. It has created an open-source, off-the-shelf authorization layer, with powerful collaboration features, allowing product management and security teams to work together.

Users can keep track of every access decision request, result, and reasoning for the decision, leaving a clear audit trail and ensuring businesses are compliant with SOC2 and ISO27001 requirements for real-time change logs. Cerbos can be implemented in minutes and easily managed as a business scales, replacing the old industry standard (large monolithic builds) with a few lines of code.

Partnering with exceptional teams

We really connected with Emre from the start. Having grown up in Turkey, gone to school in the US and now living in London, he describes himself as a ‘professional immigrant’. It is a term I could relate to. There’s a certain ready-made connection that exists between people who have experienced life for prolonged periods in different countries.

Emre and his team are truly exceptional. He built and successfully sold his first business — Turkey’s largest social network — Yonja.com, in the early 2000s. He spent many years at Google solving exactly the types of problems Cerbos solves today. He was co-founder and CTO of Qubit, which was acquired in 2021 by Coveo. Emre and Charith are both well-respected developers and in this space that counts for everything — they’ve also worked together for many years and are deeply passionate about security engineering.

Cerbos is fuelled by founders and a team who are driven not just to disrupt, but to completely redefine a market. We can’t wait to have a ringside seat to a truly disruptive company, solving a real problem for businesses of all sizes.

This post was written by Namat Bahram, an investor on the OMERS Ventures team based in London, UK