Opti is an AI-native identity security platform that uses specialized language models to automate enterprise Identity and Access Management (IAM) and enforce least-privilege access. Opti was founded by Barak Perelman, CEO and Co-founder, Mille Gandelsman, CPO & Co-founder, and Ido Trivizki, CTO and Co-founder, who have been building companies together for nearly a decade. The three first teamed up as co-founders of Indegy, an industrial cybersecurity startup, which went on to become a category-defining leader in OT security. The company was acquired by Tenable in 2019, where the founders continued to lead product and engineering efforts post-acquisition in VP roles. Pulse 2.0 interviewed Opti co-founder and CEO Barak Perelman to learn more.
Barak Perelman
Formation Of The Company
How did the idea for the company come together? Perelman said:
“The idea for Opti came out of a recurring pattern we kept seeing across large enterprises: identity sprawl has become the single largest attack surface, one that is especially hard to protect due to the complicated nature of least privilege access analysis. Entitlement management and account cleanup becomes an operational bottleneck for security teams.”
“Despite heavy investment in IAM tools, organizations still struggle to answer basic questions such as:
- What does access mean in the specific user and application context?
- What is the root cause for this access to exist?
- What risk does access pose in my organization?
After interviewing hundreds of CISOs, we came to realize that this wasn’t a tooling problem per se, but rather a cognition problem. Identity data is fragmented, unstructured, and deeply contextual, which makes it fundamentally unsuitable for rule-based systems.
That insight led us to build Opti around domain-trained AI models designed specifically to understand entitlements and identity workflows at scale.”
Favorite Memory
What has been your favorite memory working for the company so far? Perelman reflected:
“One of my favorite moments was when a CISO at a major retail company told us he initially came to Opti for the visibility and risk reduction, but stayed because we were actually cutting down his team’s workload and delivering operational ROI.”
Core Products
What are the company’s core products and features? Perelman explained:
“Opti is an AI-native identity security platform focused on entitlement intelligence. At its core, we normalize identity and access data by analyzing thousands of data points and their business context – across every application and system (250+ types), spanning all identity types: human, non-human, and agentic, turning raw permissions into a structured, contextualized understanding.”
“We aim to provide security teams with real-time detection of identity risks, misconfigurations, and overprivileged access. In addition, we offer validated least privilege recommendations generated by domain-specific identity models.”
“Opti’s agentic AI orchestration continuously verifies access corrections with full human oversight and leverages compliance models to transform access and entitlements into straightforward user access reviews.”
“The platform supports use cases like access reviews, least-privilege enforcement, identity posture management, and automated remediation – all driven by AI models trained specifically for identity environments, which were built by identity security and data science experts.”
Challenges Faced
Have you faced any challenges in your sector of work recently? Perelman acknowledged:
“The biggest challenge in identity security right now is that the ‘hard part’ isn’t collecting data, but making sense of it. Enterprises have inconsistent entitlement naming, undocumented custom roles, overlapping groups, and exceptions that have accumulated over the years. If you treat it like clean structured data, you’ll miss the real risk and you’ll drown teams in false positives.”
“We tackled that by designing Opti to do 3 things from day one:
- Normalize messy identity data into a consistent model across SaaS, cloud, and on-prem systems, even when the source environment is inconsistent.
- Make every recommendation explainable (what it is, why it exists, what it impacts, and what risk it introduces) so security teams can trust the output.
- Keep humans in control with approvals, evidence, and verification loops — because remediation in identity isn’t just “detect,” it’s “change production safely.”
A close second challenge has been trust around AI in security. We’ve been very deliberate about building purpose-trained identity models, evaluation harnesses, and guardrails so teams can validate outputs and adopt automation gradually instead of taking a blind leap.”
Evolution Of The Company’s Technology
How has the company’s technology evolved since launching? Perelman noted:
“Early on, our focus was on proving that AI could accurately interpret and normalize entitlements across highly heterogeneous environments. Since then, we’ve expanded significantly – evolving from normalization into decision-making, automation, and continuous risk assessment. Today, our models don’t just understand access statically; they reason about it dynamically, in context, and across systems – allowing security teams to remediate issues directly from the platform. That evolution has been driven by real customer environments and has reinforced our conviction that identity requires purpose-built AI, not general-purpose models layered onto legacy architectures.”
Significant Milestones
What are some of the company’s most significant milestones? Perelman cited:
– Proving entitlement understanding at enterprise scale – the early “aha” moment was when we could take a chaotic, heterogeneous environment and consistently explain what access means (not just list it).
– First end-to-end user access review that didn’t feel like a spreadsheet exercise and actually improved end users’ ROI on compliance. Generating reviews that come pre-explained, with risk context, and that security teams could complete dramatically faster.
– The seed round (raising $20M) gave us the runway to scale the platform and accelerate product depth across identity posture, governance workflows, and remediation.
– Having the core data scientists and engineers join Opti’s mission out of all the options out there for innovative cybersecurity and AI companies.
Customer Success Stories
Can you share any specific customer success stories? Perelman highlighted:
“While we’re limited in what we can share publicly, we’ve seen customers dramatically reduce the time and effort required for access reviews, uncover long-standing toxic access combinations, and automate remediation processes that were previously manual and error-prone.”
Funding/Revenue
Are you able to discuss funding and/or revenue metrics? Perelman revealed:
“To date, we have raised $20 million in a seed funding round, led by YL Ventures, Mayfield Fund, and Hetz Ventures, with participation from other notable firms and angel investors – including Shlomo Kramer, the cybersecurity veteran.”
Total Addressable Market
What total addressable market (TAM) size is the company pursuing? Perelman assessed:
“Based on Gartner research (gated), IAM spending will rise from $17.7 billion in 2024 to $25.4 billion in 2028, achieving a CAGR of 9.4% according to Gartner forecast. A key subsegment, Privileged Access Management (PAM), is projected to reach $2.9 billion by 2025 as growing regulatory compliance requirements on a global scale are expected to drive adoption.”
Differentiation From The Competition
What differentiates the company from its competition? Perelman affirmed:
“Opti is built AI-first, not AI-added-on.”
“Most identity tools rely on static rules, manual policies, or surface-level analytics. We take a fundamentally different approach by training domain-specific models that understand identity semantics – what permissions mean, how they’re used, and how risk propagates across systems.”
“This allows us to automate decisions that traditionally require human judgment, and scale identity governance in environments where legacy tools simply don’t meet the needs of today’s IAM environments.”
Future Company Goals
What are some of the company’s future goals? Perelman concluded:
“Our near-term goals are to continue expanding within large enterprise environments, deepen our platform capabilities, and establish Opti as the system of intelligence for identity security. Longer-term, we believe identity will become the control plane for enterprise security – and our goal is to power that shift with AI that security teams can trust.”
