Skip to content
YC Root AccessYC Root Access

Infisical: The Open Source Security Stack

Vlad Matsiiako, Tony Dang, and Maidul Islam started Infisical with a belief that secrets—like API keys and credentials—are the glue that holds modern software together. But managing them was still a mess: clunky tools, brittle workflows, and security that broke under pressure. So they built something better. What started as a small open source project at Cornell became a go-to secrets management platform for developers and large enterprises alike. After open-sourcing the product during YC’s Winter 2023 batch, traction took off. Now Infisical is trusted by companies like Hugging Face, LG, and Lucid, and has been downloaded more than 40 million times. Today, they announced a $16 million Series A led by Elad Gil, with participation from Y Combinator, Gradient, Dynamic Fund, and the CEOs of Datadog, Samsara, and Valor. Infisical is cash-flow positive, growing fast, and expanding beyond secrets into a full open-source security stack for the AI era. YC Partner Diana Hu recently sat down with Infisical's founders to talk about how they got here, their founding story, and the kind of company they are building. Learn more about Infisical at https://infisical.com. Apply to Y Combinator: https://ycombinator.com/apply Chapters 00:00 - Introduction 00:10 - What is Infisical? 00:33 - Managing Secrets at Scale 00:58 - Origin Story 02:43 - From Closed Source to Open Source 03:51 - Landing Big Contracts 05:17 - Competing in a Crowded Market 06:39 - Technical Challenges and Innovations 08:15 - Future Vision and AI Integration 09:48 - Hiring and Opportunities

Diana HuhostTony DangguestVlad MatsiiakoguestMaidul Islamguest
Jun 5, 202510mWatch on YouTube ↗

At a glance

WHAT IT’S REALLY ABOUT

Infisical scales open-source secrets into full security infrastructure platform

  1. Infisical is an open-source secrets management platform used by both fast-growing AI companies and Fortune 100 enterprises to manage credentials like API keys, certificates, and database tokens.
  2. The company’s origin came from repeatedly struggling with sharing and syncing .env secrets across side projects, which evolved into a larger security-and-infrastructure product direction.
  3. Switching from closed source to open source unlocked trust, self-hosting adoption, and rapid community growth, which became a major channel into large enterprise customers.
  4. Infisical differentiates in a crowded market by prioritizing accessibility and drastically faster deployments compared to legacy tooling that can take many months to roll out.
  5. Technically, Infisical emphasizes a self-hosting-first approach and a stateless design that improves scalability and high availability versus database-like legacy architectures, while the roadmap expands into PKI, SSH, KMS, and AI-agent security.

IDEAS WORTH REMEMBERING

5 ideas

Open source is a trust and distribution lever in security tooling.

Infisical’s growth accelerated after open-sourcing because enterprises wanted transparency and the ability to run secrets infrastructure on their own systems to satisfy compliance and internal security requirements.

Developer-led adoption can convert into major enterprise contracts.

The team describes users self-hosting for personal or small-team use, then introducing Infisical at new employers—turning grassroots usage into deals with Fortune 50 and other large organizations.

Speed of deployment is a decisive competitive advantage in legacy-heavy markets.

Infisical positions itself against incumbents by making security tooling simpler to roll out; reducing deployment timelines from “months/years” to weeks/months can outweigh feature parity.

Self-hosting requirements should shape product engineering from day one.

They design features with on-prem and varied environments in mind, treating the deployment experience as part of the product rather than an afterthought.

Stateless design improves scalability and high availability for secrets platforms.

Infisical avoids architectures that behave like a database per replica; stateless containers make horizontal scaling and replication simpler and reduce operational overhead in HA environments.

WORDS WORTH SAVING

5 quotes

We’re an open source secrets management platform.

Tony Dang

It’s billions… north of 10 billion per month that we are processing at Infisical.

Tony Dang

We wanted to go out and solve the .env file.

Vlad Matsiiako

Why are you not open source?

Diana Hu

The average deployment time for this type of tooling is in the order of twenty-one months.

Vlad Matsiiako

Open-source secrets managementWhat counts as “secrets” in developer infrastructureScaling to billions of secret operationsFounding at Cornell and problem-driven product selectionClosed-source to open-source conversion and GitHub growthEnterprise adoption via self-hosting and developer-led distributionDifferentiation vs Vault and cloud secret managersStateless architecture for HA and scalingExpansion to PKI, SSH, KMS (security stack)AI agents as a new security actorHiring across engineering and go-to-market

High quality AI-generated summary created from speaker-labeled transcript.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.

Add to Chrome