Before we started Common Fate in September 2021, we were building a cloud consulting business. We worked with clients from many different sectors: enterprise, defence, startups and everything in between.
During this time, we saw the pain of permissions management first-hand. Many teams have embraced continuous deployment and cloud-native development, resulting in developers being brought closer to production environments. Teams need access to CI/CD systems, cloud providers, source control management systems, and many other services to develop modern software. This has led to an access management nightmare for security teams, with some dealing with hundreds of access requests per week from engineers.
Least-privileged access is a hard problem, and it seemed like security teams faced a dilemma: allow team members to have excessive permissions in order to move quickly, or restrict permissions to minimise risk?
Many teams opted for the former - we saw that platform engineers and SREs at many companies were simply granted full administrative access to production, just in case there was an incident that they needed access to respond to.
Overprivileged access presents a real business risk for companies. Earlier this year, compromise of a single Uber employee’s identity resulted in breaches of multiple critical internal applications.
Our view is that this is as much a workflow problem as it is a security problem. We saw the need for a framework which allowed fast workflows for teams to access permissions when needed, while allowing visibility and oversight from a company’s security team. In order for teams to adopt it, the framework should have excellent developer experience. The framework must also be extensible enough to provision permissions in all applications that software teams use day-to-day.
With this vision we founded Common Fate.
The name “Common Fate” comes from the Gestalt Law of Common Fate: the phenomenon that elements moving together are perceived as a wider whole. For us, this means software and security teams moving together to build greater products.
We’re excited to announce our seed funding round of $3.1M USD from Work Bench, Haystack and Essence VC to help us unite software and security teams and we’re very thankful to be partnered with investors of this calibre as we navigate the next phase. The funds will be used to accelerate development of the Common Fate platform and the Granted open source project, plus continue to support our growing developer community.
You can read more about our recent funding announcement in TechCrunch here.
We’re extremely fortunate to have met so many talented security and engineering professionals and very grateful for all contributions made to Granted to date and Common Fate’s roadmap. If you’d like to join our community, please click here. We’d love to have you!
As we accelerate product development and work closely with early users, we’re looking to add a Community Success Engineer to our team. We’re very open to a discussion around defining suitable roles in cloud security and engineering, even if we don’t have the role advertised. Please reach out to us at careers@commonfate.io if you’d like to chat with us.