Aserto, a new startup from a couple of tech industry vets who want to build an Authorization as a Service solution, announced a $5.1 million seed round today from Costanoa Ventures, Heavybit Industries and several industry luminaries.
The company’s two founders, Omri Gazitt, CEO and Gert Drapers, CTO, have decades of experience building some of the industry’s identity building blocks including SAML, OAuth 2.0 and OpenID. As the two founders considered what to do next last year, they felt that authorization would be a natural extension of their work in identity, and an area where there were few good solutions for developers.
“If you look at authorization, it really hasn’t hasn’t moved forward at all. The access part is really stuck in the world of the 2000s. And we wanted to figure out essentially what authorization would look like in the age of SaaS and cloud. We feel like that’s another 10 year mission with a lot of pain right now, and a lot of value that we can deliver,”Gazitt told me.
While there are other early stage startups attacking a similar problem Gazitt believes their experience gives them a leg up, and he sees it as such a critical area for developers. “If you think about authorization, it really is in the critical path of every application request. Every time I send your SaaS application a request, that authorization system has to be live to 100% availability, and it has to do its work in probably a millisecond of latency budget. Otherwise it’s putting too much burden on the application,” he explained.
What the company is doing is creating a sophisticated service that does much of the work for developers, giving them fine-grained control over roles access control based on policies using what they call a “policy-as-code approach to authoring, editing, storing, versioning, building, deploying and managing authorization rules.” The solution is built using the CNCF Open Policy Agent (OPA) project.
For now, the company is still working with early customers but is also expanding the private beta today. to include additional companies who could benefit from this kind of solution.
Casey Aylward, who is leading the investment at Costanoa, sees a wide open space and an experienced team ready to attack it. “I get really excited thinking about what are these big ecosystem plays in the open source world? Where should we be investing? And I think this is going to be one of them, and the wat Omri and Gert are thinking about the problem and approaching the ecosystem is really, really key,” she said.
The company launched in August 2020, but it was really the culmination of many discussions that Aylward and Gazitt had over the previous couple of years around authorization and how to attack the problem. In addition to the two founders, they have six employees spread across four continents.
When it comes to diversity Gazitt and Drapers are both immigrants and their lead investor is female, bringing an element of diversity to the company from the start, but it’s also something they are thinking about as they build the company. Having Aylward and other women involved certainly helps bring that to the forefront.
“It’s quite frankly super valuable that Casey, [and other women investors on the team Martina Lauchengco GP at Costanoa and Dana Oshiro, GP/GM at Heavybit] that can basically project the point of view that we’re not just a bunch of men sitting around the table with solutions, so that’s super helpful, and […] you can’t start thinking about it too early. There’s no such thing as too early with diversity,” Gazitt said.
While Gazitt and Draper both work in Seattle, their team is spread far and wide, and he says that the plan is to be a remote-first company. In fact, he has spent a lot of time talking to companies like GitLab and HashiCorp, two companies who have successfully built remote companies to learn more about how to do that right.