La plate-forme Cerby utilise la RPA pour rationaliser le processus de connexion en activant l

The start-up Cerby equips CIOs against shadow IT


To automate and streamline the detection and protection of applications that go under the IT department’s radar, the start-up Cerby is launching a platform that centralizes their access and monitoring.

With the public launch of its security platform, Cerby, which specializes in security automation, is stepping out of stealth mode. According to the start-up, its solution helps companies manage shadow IT, ie the applications used by staff without the prior approval – or even without the knowledge – of IT managers. Selected and integrated by business units other than IT, these products may not meet industry standards such as security assertion markup language (SAML), which allows identity providers to pass authorization information to service providers. Or the SCIM system for cross-domain identity management or cross-domain identity management system) for recording and exchanging identity data.

To refer to applications that fall within the realm of shadow computing, Cerby prefers the term unmanageable. “After two years of stealth operation, we are launching a platform dedicated to the detection and protection of what we call unmanageable applications, one of a kind,” said Belsasar Lepe, co-founder and CEO of Cerby. “Today, one in two enterprise applications is an unmanageable application and contributes to just under two-thirds of cybersecurity attacks,” said the CEO. One of the key drivers of shadow IT is the desire of end users to have full control over the selection and use of applications. Citing an internal study conducted in partnership with Osterman of more than 500 professionals in North America and the United Kingdom working for companies with annual turnover exceeding $100 million, Cerby indicates that 91% of participants want full control of applications. To minimize friction between users and IT teams, the platform offers an enrollment-based approach to application detection and protection, combining employee autonomy and enterprise security.

Centralized access and simplified compliance

According to Cerby, the platform allows users to sign up, or register, for apps that, until now, weren’t managed by their IT or security team. In the background, the system then monitors connected apps to verify secure configuration and corporate compliance policies, including two-factor authentication, password complexity, and other common security settings. The solution also offers centralized access to applications, and users to connect securely to any application, even those that do not support SSO (single sign-on) natively, to store data connection and share this information securely with employees. Therefore, the tool addresses the problem of employers prohibiting or limiting end-user access to applications, which the Osterman Research survey found can have a “negative effect” on work habits. 52% of respondents want IT teams to “keep their heads down”.

Belsasar Lepe also points out that the platform performs two main functions: detection and protection. While detection refers to the process of seeding agents into browsers and devices to identify apps as they register, protection involves profiling new apps to detect possible misconfigurations of the app. security point of view. “For example, if the platform discovers social media accounts for which two-factor authentication is disabled, it is notified and automatically activates authentication permanently,” Lepe further explained.

RPA to streamline the login process

In addition to detecting and protecting unmanageable applications and implementing a sign-in-based approach, the platform uses RPA (robotic process automation) to streamline the login process by enabling single sign-on for applications that do not support SAML and SCIM protocols. In addition, it centralizes access logging and sends the corresponding data to SIEM systems for further analysis. As part of the announcement, Cerby revealed that it has raised $12M in seed funding from Ridge Ventures, Bowery Capital, Okta Ventures, Salesforce Ventures and others, bringing the total funding to date to $15.5 million.

“Because we work with a lot of big brands, we now have two priorities: after proving the merits of our sales process, we want to recruit a sales and marketing team. We are therefore investing part of our capital in strengthening our commercial efforts. We will also invest to increase the number of integrations”, explained the CEO of Cerby. The start-up left stealth mode by announcing that it had already built up a satisfactory portfolio of customers, including brands such as L’Oréal, MiSalud, Dentsu, Televisa and Wizeline. “For L’Oréal, Cerby provides a secure and centralized space to manage paid social accounts and enables integration with L’Oréal single sign-on technology to connect to social media APIs,” Cerby said. The startup is also targeting integrations with identity technology providers like Okta and Azure ID.

Leave a Comment

Your email address will not be published. Required fields are marked *