Opal Security, an AI-native identity governance platform, has secured $23m in new investment and brought on five senior executives as it moves to unify access controls across human, non-human and agentic AI identities.
The funding round was led by Greylock and Battery Ventures, with additional participation from Cambium Capital. The raise brings Opal’s total capital to $59m.
Alongside the investment, the company has appointed Sameer Mehta as chief product officer, joining from identity security firm Veza where he developed products spanning non-human identity and access intelligence. Other appointments include Alex Pien as chief technology officer, previously at Meta; John Clark as vice president of field engineering, formerly of Cisco; Michael Kwon as vice president of marketing, formerly at Clumio; and Christine Ooley as head of product and solutions marketing, previously at Salesforce.
More than 60% of Opal’s current workforce has joined since the beginning of 2026, with recruitment picking up pace across engineering, product and go-to-market functions. The expansion reflects a broader shift in enterprise security, as AI agents are being deployed at a pace that outstrips security teams’ ability to monitor them, often inheriting excessive, standing credentials from users. Organisations now require unified visibility across agent, human and service identities, with scoping limited to individual tasks and rapid containment when incidents occur.
Opal addresses this by incorporating AI agents into the same access graph, review workflows, ownership structures and policy-as-code as all other identities. In March, the company launched what it described as the industry’s first platform capable of seeing, encoding and enforcing access governance, underpinned by Paladin, an AI engine that processes access requests and escalates only those requiring human review.
Opal’s platform is used by a range of technology companies including Databricks, Notion, Cloudflare, Scale AI, CoreWeave, SpaceXAI and Superhuman. Databricks processes 86,000 just-in-time access requests through Opal, while Mercari uses it to govern more than 5,000 Okta entitlements via automated reviews. The platform’s approach defaults to just-in-time provisioning, surfaces genuine risk during access reviews rather than enabling routine sign-offs, and revokes permissions as soon as they are no longer required.
CEO Howard Ting joined Opal in December 2025, bringing experience from cybersecurity and enterprise software companies including Cyberhaven, Nutanix, Palo Alto Networks and Redis. One of his early moves was promoting Alex Pien to CTO to anchor the engineering organisation as the company scales.
Mehta previously ran a global product organisation at Citrix and held earlier roles at Symantec and Sun Microsystems Research Labs. Clark led solutions engineering for AI security at Cisco, following roles at Valtix, ThousandEyes and Riverbed. Kwon brings go-to-market experience from Clumio, Redis and SignalFx, while Ooley most recently led portfolio marketing for MuleSoft’s API and agentic products at Salesforce.
Opal Security CEO Howard Ting said, “Great operators don’t chase markets—they pick the biggest problem and the best team to solve it with. Sameer, John, Michael, and Christine have each built category-defining products, and they came to Opal for the same reason: governing access across every identity-human, service, and AI agent—is becoming one of the defining problems in security. The new funding gives us the resources to go solve it.”
Opal Security chief product officer Sameer Mehta said, “I’ve spent my career in identity and security, and it’s rare to see a platform this aligned with where the market is heading in the era of AI. Access used to be a one-time decision. Today it’s a continuous, high-volume problem across humans, services, and AI agents at machine speed. The real problem is control. Where most solutions stop at visibility or governance, what excites me about Opal is that they’re defining the control plane for identity, enforcing access decisions in real time across every system.”
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
