Security automation startup Cerby Inc. today launched a security platform for unmanageable applications that enhances security practices by empowering both employees and security teams.

The Cerby zero trust architecture takes on the challenges of unmanageable applications in the shadow information technology universe. Shadow IT technologies are those selected and onboarded by business units outside the purview and visibility of the IT department or don’t support industry standards like security assertion markup language for authentication and system for cross-domain identity management for user provisioning.

Cerby says that its offering is very different from other options because it moves security automation capabilities into the hands of business users. The company’s platform is said to balance empowerment and autonomy with security and productivity.

The enrollment-based platform combines technology, robotic process automation and seamless integrations with identity providers like Okta Inc. and Microsoft Corp.’s Azure AD. This functionality enables the platform to understand commonly used software-as-a-service applications in a business context and automate security policies before they lead to breaches.

Cerby argues that unmanageable applications within the organization are particularly sensitive because it puts two forces — employee autonomy and corporate security — in direct conflict. Enterprise chief information officers, chief marketing officers and chief information security officers want security to be frictionless. Yet when security teams take a heavy-handed approach, they often block key applications and negatively affect productivity.

The company’s platform addresses these issues with numerous capabilities to plug security gaps. For example, end users can log in securely to any application, even those that don’t support single sign-on natively, store log-in data and share this information securely with collaborators, while IT and security teams can set policy at the application, team and company level. Throughout this process, Cerby actively monitors connected applications to ensure they are securely configured to meet corporate security standards for two-factor authentication, password complexity and other commonly missed security settings.

Despite operating in stealth mode since its founding in 2020, Cerby already has early customers, including MiSalud Inc., L’Oreal S.A. and Wizeline Inc. The company also announced it has raised $12 million in seed funding from Ridge Ventures, Bowery Capital, Okta Ventures, Salesforce Ventures and others.

“Our goal at Cerby is simple but sweeping: to increase productivity for enterprises by empowering employees to use the technologies they prefer while automating compliance and security,” Belsasar Lepe, co-founder and chief executive of Cerby, said in a statement. “In this era of IT consumerization, employee choice and enterprise security are not mutually exclusive — with the right tools and strategies, they go hand-in-hand.”

Image: Cerby