Signal management


Industry veterans from Google, Okta, Salesforce and Microsoft are launching a new venture to close critical security gaps.

PALO ALTO, Calif., October 27, 2022 /PRNewswire/ — SGNL, ​​the company modernizing enterprise authorization, has launched and is now generally available. SGNL was founded in 2021 with a $12 million funding round supported by Costanoa Ventures, Fika Ventures, Moonshots Capital and Resolute Ventures. Advisors understand Andrew PetersonFounder and CEO of Signal Sciences, Chuck Mortimorevice president of identity products at Disney, former senior vice president of identity at Salesforce and Yvonne Wassenaarformer CEO of Puppet.

“While there are many companies that deal with the authentication side of the identity and access management market, just-in-time authorization does not exist,” said Scott Kriz, CEO and co-founder of SGNL. “The conversations we’ve had with CISOs across industries make me more confident than ever that our approach is unique, enabling us to solve problems we were previously unable to contemplate.”

A new proactive solution for a business-critical problem

According to Gartner Inc., by 2024, organizations running cloud infrastructure services will experience at least 2,300 least privilege policy violations, per account, each year.1

Enabling employees and contractors to access sensitive data in the right context at the right time, without overly broad privileges, has been a longstanding challenge for internal security teams. The weekly cadence of security breaches in large enterprises highlights the ever-increasing need for a defense-in-depth strategy that examines every access rather than the current static role-based approach.

“Every CISO we introduced to the SGNL team asked ‘How soon can I use it?'” said Greg Sands, founder and managing partner of Costanoa Ventures. “It was very clear that the industry needed them and they were the best team to solve the problem of access management in a truly innovative way.”

Just-in-time access to reduce permissions and policy proliferation

SGNL aims to provide just-in-time access to sensitive customer data to the right users at the right time based on the business context such as current task, business need or justification. The SGNL team saw how important this problem was to solve and realized that current methods were not doing enough to protect data while allowing employees to continue doing their jobs.

“Too often, access to customer data is the sum of all possible permissions, resulting in too broad access, which presents a huge opportunity for malicious actors to exploit,” said Erik Gustavsonproduct manager and co-founder of SGNL.

SGNL approaches business authorization from a new angle. Rather than using relatively static roles or attributes that inevitably encourage the extension of permissions and policies, SGNL’s solution only grants access when the user needs it.

The SGNL solution includes:

  • Directory of dynamic graphs: Unifies existing systems of record such as corporate directories, HR directories, CRMs, and ticketing systems to create a real-time graph of workforce and customer data that can be used to determine access permissions.
  • Just-in-time access management: Ensures that any request for access to sensitive data has a business justification at the time of the request for use of the specific data.
  • Intuitive user interface: Enables clear, concise, and human-readable policy statements to reflect changing business needs.
  • Auditable by default: All actions are audited in real time, allowing companies to easily produce compliance reports and analyze actions on demand.

Not just a win for businesses, a win for their customers

Just-in-time access is not just about rescuing organizations from an endless proliferation of policies and serving as a basic security practice. SGNL is also a way for companies to protect customer data to ensure trust.

“By 2024, organizations that adopt a cybersecurity mesh architecture will reduce the financial impact of individual security incidents by an average of 90%”2 said Felix Gaehtgens, vice president, analyst, identity and access management at Gartner.

About SGNL

With an initial team of security experts and executives who previously worked at Google, Microsoft, Okta, and Salesforce, SGNL is working to modernize enterprise authorization. SGNL’s innovative platform provides just-in-time access management that limits privilege proliferation, protects access to sensitive data, and guards against potential security compromises. SGNL was founded in 2021 with backing from Costanoa Ventures, Fika Ventures, Moonshots Capital and Resolute Ventures. For more information on SGNL visit

1 Gartner, Innovation Insight for cloud infrastructure entitlement managementBy Henrique Teixeira, Michael Kelley, Abhyuday Data; Posted June 15, 2021
2 Gartner, How to start building a cybersecurity mesh architectureBy analyst(s): James Hoover, pete shardFelix Gaehtgens, published June 21, 2022., Inc.