In a digital world where enterprise apps are everywhere, most businesses still rely on manual workarounds to secure applications that don’t support modern identity protocols. These “unmanageable” apps fly under the radar of traditional identity and access management (IAM) systems — and that gap is increasingly dangerous. Over 60% of data breaches involve human error, and more than half of companies admit to security incidents linked to non-standard applications. Cerby is tackling this overlooked problem head-on. The California-based identity security automation platform has just announced a $40 million Series B round led by DTCP, with continued support from Okta Ventures, Salesforce Ventures, and Two Sigma Ventures.
This brings Cerby’s total funding to $72.5 million.
Bringing Automation to Identity Security
Founded in 2020 by Belsasar Lepe, Vidal González, and Jyri Virkki, Cerby was created to address a growing cybersecurity blind spot: business-critical apps that fall outside the control of standard IAM tools. These are apps that don’t support identity standards like SAML or SCIM, making them invisible to governance platforms and often managed with risky, manual workarounds.
Cerby’s solution is simple in concept but powerful in execution — automate everything. From user provisioning and password rotation to MFA setup and deprovisioning, the Cerby platform brings modern security practices to even the most legacy or noncompliant software. It does this by layering automation, AI, and RPA (robotic process automation) on top of disconnected apps.
“Our mission from the start has been to eliminate the operational headaches and risks tied to identity workflows,” said Cerby CEO Belsasar Lepe. “We’re building a future where security isn’t held back by legacy infrastructure — and no application is left behind.”
Cerby plugs into existing identity infrastructure like Okta or Azure AD and extends capabilities such as SSO and MFA to apps that previously couldn’t support them. Its proprietary tool, Cerby Scout, lets teams record workflows like onboarding or MFA enrollment, turning them into automated processes in a matter of hours — no custom coding required.
Fueling Global Expansion and AI-Powered Security
The fresh capital will go toward expanding the Cerby Application Network and investing in its agentic AI features — smart automation tools that adapt to evolving workflows and threat surfaces. Cerby plans to accelerate its go-to-market strategy across North America and EMEA, with a focus on high-growth regions like Germany, the UK, France, and the Middle East.
The company’s flagship capabilities also include Universal Logout, a feature co-developed with Okta that allows instant session revocation and password changes across apps — even those that don’t support token revocation natively.
According to DTCP partner Lance Matthews, Cerby is leading a much-needed transformation in identity security. “Cerby stands out with its platform-first approach to automation and governance. This team is solving a critical enterprise need, and we’re excited to support their next phase of growth.”
10x ARR and 100+ Global Customers
Since its Series A just 20 months ago, Cerby has scaled rapidly. Annual recurring revenue has grown tenfold, and the customer base has expanded fivefold. The platform now supports over 2,000 applications and secures environments for major brands like L’Oréal, Fox, Chime, Allstate, and Dentsu.
In a world where cloud, SaaS, and mobile apps continue to multiply, Cerby provides a critical layer of identity security automation. By eliminating manual errors and bringing disconnected apps into the security fold, it offers enterprises a scalable, compliant, and cost-effective way to protect sensitive systems.
Cerby’s approach ensures that every app — even those without standard identity support — is governed, monitored, and secured from day one.
