You have a service account in AWS with permissions to delete a production database. You also have an AI agent, newly provisioned, that can spin up compute clusters. You, the human, probably know about the first one. The second? It’s a ticket in Jira, a line in a spreadsheet, a ghost in the machine. This is the sprawl Opti watches. The platform’s interface is a dashboard of risk scores, but the story is in the quiet, continuous crawl through permissions logs, looking for the orphaned key, the overprivileged bot, the agent that was born with too much power.
The bet on an AI-native fabric
Opti is not another dashboard bolted onto existing identity tools. Its founders are betting that the problem has outgrown human-scale review and rule-based alerts. The category of ‘identity’ now includes not just employees and contractors, but service accounts, API keys, and the new wave of autonomous AI agents. Managing this requires a system that can understand intent, context, and risk in real time, then act. Opti pitches itself as that system: an AI-powered layer that sits atop an enterprise’s existing identity stack to provide continuous discovery, analysis, and,critically,orchestrated remediation [SecurityWeek, Nov 2025].
The product’s wedge is automation with oversight. It uses specialized large language models trained on identity and access management (IAM) data to map relationships and recommend least-privilege adjustments [PR Newswire, Nov 2025]. Then, its ‘agentic AI orchestration’ can verify and execute those access corrections, but only with configured human approval [FinTech Global, Nov 2025]. The goal is to replace manual, ticket-driven workflows with a closed loop. It’s a bet that security teams are drowning in alerts and ready to delegate the tedious work of cleanup to a machine they can trust.
A team built for a second act
The confidence behind this bet is reflected in the $20 million seed round, led by YL Ventures with participation from Mayfield Fund, Hetz Ventures, and cybersecurity luminary Shlomo Kramer [PR Newswire, Nov 2025]. It’s also embodied in the trio of founders, who are not first-time entrepreneurs. Barak Perelman (CEO) and Mille Gandelsman (CPO) were previously co-founder/CEO and co-founder/CTO, respectively, of Indegy, an industrial cybersecurity company focused on operational technology [PR Newswire, Nov 2025]. Ido Trivizki, the third co-founder and CTO, rounds out the technical leadership. This is a team that has built, scaled, and sold a security company before, and they are applying that operational rigor to a new, adjacent problem space.
Their prior experience in securing complex, legacy-laden industrial environments may be uniquely relevant. If you can map the permissions of a million-node factory network, you can probably map a cloud identity graph.
| Founder | Role at Opti | Key Prior Experience |
|---|---|---|
| Barak Perelman | Co-Founder & CEO | Co-Founder & CEO, Indegy |
| Mille Gandelsman | Co-Founder & CPO | Co-Founder & CTO, Indegy |
| Ido Trivizki | Co-Founder & CTO | OT Security Engineering, Tenable |
Traction in regulated sectors
Opti moved quickly from stealth to serving paying customers. The company reports that its platform is already used by large enterprises in finance, healthcare, retail, and technology [SecurityWeek, Nov 2025]. Landing these early, regulated customers is a significant traction signal. It suggests the product’s compliance narrative,SOC 2 and ISO 27001 certification, data residency guarantees,is resonating with buyers for whom audit readiness is non-negotiable [Opti.ai, 2026].
The company has scaled to an estimated 33 employees, a headcount that indicates serious product development and early go-to-market motion [StartupHub.ai, Unknown]. The seed capital is likely fueling both. The market they’re entering is massive and urgent, fueled by cloud migration, SaaS proliferation, and the nascent but explosive growth of AI agents that need their own access keys.
Where the wheels could come off
For all its promise, Opti’s path is lined with credible challenges. The company is entering a space with established incumbents like CyberArk and well-funded newer entrants like Veza and ConductorOne. Differentiation will be key, and it rests on two pillars: the depth of its AI models and the smoothness of its automated remediation.
- The AI moat. If the ‘AI-native’ claim is just a better classifier, competitors can replicate it. Opti’s defensibility depends on its models developing a nuanced, contextual understanding of identity risk that generic LLMs cannot match. The founders’ background in building domain-specific security tech is their best argument here.
- The automation gamble. The most powerful part of Opti’s pitch,automated remediation,is also the riskiest. Enterprises are notoriously cautious about letting third-party software change permissions automatically. Opti’s ‘human-in-the-loop’ design is a necessary concession, but the company must prove its recommendations are near-perfect to gain the trust required for faster, more autonomous workflows.
- The integration burden. As a layer on top of existing IAM, Opti must integrate deeply with a zoo of legacy and modern systems. Every new connector is a development cost and a potential point of failure. The breadth and stability of these integrations will be a major factor in sales cycles.
The company’s answer to these risks is its team’s pedigree and its early market validation. They’ve convinced sophisticated buyers to let them start cleaning house. Now they have to prove they can do it at scale, without breaking anything.
The next twelve months
The immediate roadmap is clear: deploy capital, grow the team, and deepen enterprise footprints. The next milestone will be landing a flagship customer in a new vertical or geography, and likely the announcement of a Series A round within the next 12-18 months to accelerate that growth. Technically, watch for expansions of its ‘agentic’ capabilities,more sophisticated workflows for managing the identities of AI agents themselves, a frontier that is still being defined.
Ultimately, Opti is answering a cultural question that every large organization is now asking implicitly: In a world where machines work alongside humans, who watches the machines? The old answer was a spreadsheet and a quarterly audit. Opti’s answer is a persistent, intelligent agent that never logs off, constantly translating the chaotic reality of access into a managed, measurable state. It’s a vision of security that is less about building walls and more about tending a garden,a continuous, automated act of pruning and care.
Sources
- [PR Newswire, Nov 2025] Opti Raises $20M Seed to Redefine Enterprise Identity Security with AI-Native Automation | https://www.prnewswire.com/news-releases/opti-raises-20m-seed-to-redefine-enterprise-identity-security-with-ai-native-automation-302624476.html
- [SecurityWeek, Nov 2025] Opti Raises $20 Million for Identity Security Platform | https://www.securityweek.com/opti-raises-20-million-for-identity-security-platform/
- [FinTech Global, Nov 2025] Opti launches AI identity platform after $20m seed | https://fintech.global/2025/11/25/opti-launches-ai-identity-platform-after-20m-seed/
- [StartupHub.ai, Unknown] Opti, $20M Raised, Investors, Team & Alternatives | https://www.startuphub.ai/startups/opti-io
- [Opti.ai, 2026] Company website, security and compliance information
- [LinkedIn, Unknown] opti company profile | https://www.linkedin.com/company/opti-ai