We’re thrilled to announce we’ve raised $5.25m to help companies secure and automate employee access to data infrastructure

We’re thrilled to announce we’ve raised $5.25m to help companies secure and automate employee access to data infrastructure. Point72 Ventures led the seed round with participation from Haystack, Essence Ventures, and a list of amazing angels¹ across security, data, and infrastructure.

The Problem

Most organizations struggle to provide their teams with accurate and secure access to internal data. Complex, manual and slow processes force employees who require access to tackle layers of security to get what they need. While these safeguards aim to make companies secure and compliant, they take time away from getting important work completed.

Compliance also increases pressure for security. The ever-familiar three-letter acronyms – SOC2, SOX, HIPAA, FedRAMP and others – all demand businesses show evidence of abiding by the principle of least privilege.

Historically, IT teams have relied on identity governance solutions to solve these challenges. These solutions are often hard to deploy and introduce friction for employees, especially engineers, who need access to data systems quickly and efficiently. This tension between employees and poorly implemented software leads to real security risks. We’ve seen this repeatedly with breaches at Reddit, Riot Games, and Uber. Employees are a company’s most valuable asset – but also its weakest link – with sophisticated phishing attempts continuing to succeed when access is not securely governed.

Why repeat history when there’s a better way to offer compliant, secure access?

Introducing Abbey

“Shift left” ensures developers incorporate good security practices while software is in the early building stages, not after deployment. Ops became DevOps and then matured to DevSecOps, wisely bringing security into the process. Tools like Snyk help developers with vulnerability scanning while code is written and deployed. What if we could do something similar for identity and access?

Why Abbey?

Abbey’s mission is to allow engineers to build secure infrastructure from the start by defining access to follow a principle of least privilege and ensure only strictly necessary access is granted. We believe that by delivering tools to engineers that integrate nicely with things they already use, we can help them increase the scope of their automation.

With more automation comes greater efficiency. And because this automation is carefully designed, engineers experience better security.

How does it work?

As an engineer, you likely already use an Infrastructure as Code (IaC) platform like Terraform. But how do your fellow employees get access once a database is provisioned? How do they request access, and how should it be approved?

Abbey allows you to define workflows to define how someone gets access, and the policies to determine if someone should get access. We do this all as code via our Terraform provider.

Abbey makes it easy for engineers to do the right thing, and that’s why we’re starting with Terraform-native code. Git fully backs every request. You can bring your own CI/CD systems like Github Actions, and we play nicely with Terraform orchestration systems like Terraform Cloud and Atlantis.

The platform is only as strong as our integrations, so Abbey supports any service available via Terraform Registry, including:

• Cloud Infrastructure Roles within AWS, Azure, Google Cloud, Alibaba, and Oracle
• Databases such as Postgres, MySQL, CockroachDB, and MongoDB
• Analytical Databases like Snowflake, Databricks, and BigQuery
• Groups in Okta, G Suite, and Azure AD
• Streaming Systems such as Kafka
• And more!

You can sign up here and try the product for free, or join our community. Learn more about Abbey by visiting our website. We’ll also be at Defcon, Blackhat, and Bsides this year! Email us if you’ll be there!

Lastly, check out a demo below.

We’re Growing the Team!

The real reason we’re raising all this money is to hire exceptional people. Folks like Angie, who spent a decade at Okta and lives and breathes identity. Or Hatim, an east-bay native and Berkeley grad who cut his teeth building large-scale distributed systems at Amazon and Stripe.

You can read more about the team here, including our values, and see our open positions.

¹Emilio Escobar (CISO of Datadog), Harold Gimenez (SVP of Engineering at Hashicorp), Pete Soderling (Founder of Data Council), Margaret Francis (former CPO at dbt labs), Savin Goyal (CTO of Outerbounds), Kamal Shah (ex-CEO of Stackrox), Chip Huyen (CEO at Claypot AI), Ryan Carlson (ex-CMO at Okta and Wiz), Jon Oberheide (Founder of Duo), and many more!