Over the course of their careers, Alex Bovee and Paul Querna realized that while the use of SaaS apps and cloud infrastructure was exploding, the process to give employees permission to use them was not keeping up.
The pair led Zero Trust strategies and products at Okta, and could see the problem firsthand. For the unacquainted, Zero Trust is a security concept based on the premise that organizations should not automatically trust anything inside or outside its perimeters and, instead must verify anything and everything trying to connect to its systems before granting access.
Bovee and Querna realized that while more organizations were adopting Zero Trust strategies, they were not enacting privilege controls. This was resulting in delayed employee access to apps, or to the over-permissioning employees from day one.
Last summer, Bovee left Okta to be the first virtual entrepreneur-in-residence at VC firm Accel. There, he and Accel partner Ping Li got to talking and realized they both had an interest in addressing the challenge of granting permissions to users of cloud apps quicker and more securely.
Recalls Li: “It was actually kind of fortuitous. We were looking at this problem and I was like ‘Who can we talk to about the space? And we realized we had an expert in Alex.”
At that point, Bovee told Li he was actually thinking of starting a company to solve the problem. And so he did. Months later, Querna left Okta to join him in getting the startup off the ground. And today,ConductorOne announced that it raised $5 million in seed funding in a round led by Accel, with participation from Fuel Capital, Fathom Capital and Active Capital.
ConductorOne plans to use its new capital to build what the company describes as “the first-ever identity orchestration and automation platform.” Its goal is to give IT and identity admins the ability to automate and delegate employee access to cloud apps and infrastructure, while preserving least privilege permissions.
“The crux of the problem is that you’ve got these identities — you’ve got employees and contractors on one side and then on the other side you’ve got all this SaaS infrastructure and they all have sort of infinite permutations of roles and permissions and what people can do within the context of those infrastructure environments,” Bovee said.
Companies of all sizes often have hundreds of apps and infrastructure providers they’re managing. It’s not unusual for an IT helpdesk queue to be more than 20% access requests, with people needing urgent access to resources like Salesforce, AWS, or GitHub, according to Bovee. Yet each request is manually reviewed to make sure people get the right level of permissions.
“But that access is never revoked, even if it’s unused,” Bovee said. “Without a central layer to orchestrate and automate authorization, it’s impossible to handle all the permissions, entitlements, and on- and off-boarding, not to mention auditing and analytics.”
ConductorOne aims to build “the world’s best access request experience,” with automation at its core.
“Automation that solves privilege management and governance is the next major pillar of cloud identity,” Accel’s Li said.
Bovee and Querna have deep expertise in the space. Prior to Okta, Bovee led enterprise mobile security product development at Lookout. Querna was the co-founder and CTO of ScaleFT, which was acquired by Okta in 2018. He also led technology and strategy teams at Rackspace and Cloudkick, and is a vocal and active open source software advocate.
While the company’s headquarters are in Portland, Oregon, ConductorOne is a remote-first company with 10 employees.
“We’re deep in building the product right now, and just doing a lot of customer development to understand the problems deeply,” Bovee said. “Then we’ll focus on getting early customers.”