YC Root Access

Infisical: The Open Source Security Stack

Vlad Matsiiako, Tony Dang, and Maidul Islam started Infisical with a belief that secrets—like API keys and credentials—are the glue that holds modern software together. But managing them was still a mess: clunky tools, brittle workflows, and security that broke under pressure. So they built something better. What started as a small open source project at Cornell became a go-to secrets management platform for developers and large enterprises alike. After open-sourcing the product during YC’s Winter 2023 batch, traction took off. Now Infisical is trusted by companies like Hugging Face, LG, and Lucid, and has been downloaded more than 40 million times. Today, they announced a $16 million Series A led by Elad Gil, with participation from Y Combinator, Gradient, Dynamic Fund, and the CEOs of Datadog, Samsara, and Valor. Infisical is cash-flow positive, growing fast, and expanding beyond secrets into a full open-source security stack for the AI era. YC Partner Diana Hu recently sat down with Infisical's founders to talk about how they got here, their founding story, and the kind of company they are building. Learn more about Infisical at https://infisical.com. Apply to Y Combinator: https://ycombinator.com/apply Chapters 00:00 - Introduction 00:10 - What is Infisical? 00:33 - Managing Secrets at Scale 00:58 - Origin Story 02:43 - From Closed Source to Open Source 03:51 - Landing Big Contracts 05:17 - Competing in a Crowded Market 06:39 - Technical Challenges and Innovations 08:15 - Future Vision and AI Integration 09:48 - Hiring and Opportunities

DHDiana HuhostTDTony DangguestVMVlad MatsiiakoguestMIMaidul Islamguest

Jun 6, 2025·10m·Watch on YouTube ↗

📖 CHAPTERS

1. 1

   Series A spotlight and team introductions

   Diana Hu opens by congratulating Infisical on their Series A led by Elad Gil and introduces the three co-founders: Vlad, Maidul, and Tony. The conversation sets up Infisical’s purpose and why it matters in modern developer infrastructure.

   • •Series A announcement and context (led by Elad Gil)
   • •Introductions of Vlad, Maidul, and Tony
   • •Framing the discussion around security + infrastructure for developers
2. 2

   What Infisical is: open-source secrets management for developers and enterprises

   Infisical is presented as an open-source secrets management platform used by both fast-growing AI companies and Fortune 100 enterprises. The goal is to help teams manage sensitive credentials across varied infrastructure environments.

   • •Open-source secrets management platform
   • •Customer spectrum: AI startups to Fortune 100
   • •Focus on sensitive credentials across infrastructure
   • •Security + infrastructure problems as the core domain
3. 3

   Defining “secrets” and the scale Infisical handles

   The founders clarify what counts as a “secret” in developer infrastructure and quantify the system’s throughput. The scale emphasized—billions of secrets and 10B+ processed monthly—signals enterprise-grade usage and performance requirements.

   • •Examples: database tokens, certificates, API keys, credentials
   • •Secrets as core building blocks of developer infrastructure
   • •Processing volume: billions; 10B+ per month
   • •Implication: high-scale, reliability-critical system
4. 4

   Origin story: Cornell collaboration and repeated side-project iteration

   The team explains how they met at Cornell and built multiple side projects together before Infisical. Their co-founding dynamic emerged from repeated collaboration and a shared drive to find the “next” problem worth solving.

   • •Met at Cornell and collaborated throughout college
   • •Multiple side projects preceded Infisical
   • •Prior experience working together shaped co-founder fit
   • •Infisical emerged as the culmination of iterations
5. 5

   Finding the wedge: fixing the .env file problem for teams

   Their initial insight came from repeatedly dealing with .env files across projects, where sensitive values were hard to share and keep consistent. Infisical began as a solution for syncing and managing secrets among teammates, then expanded in scope.

   • •Recurring pain: passing around .env secrets even in small teams
   • •Need for syncing sensitive configuration across teammates
   • •Initial product focus: “solve the .env file” workflow
   • •Early wedge later evolved into broader platform capabilities
6. 6

   Closed-source to open-source: trust, self-hosting, and breakout GitHub growth

   Infisical started as a closed-source SaaS, but growth flattened and customers demanded more trust and the ability to run on their own infrastructure. Going open source became a major advantage, driving rapid adoption and strong GitHub traction.

   • •Originally a simpler closed-source SaaS
   • •Prompted during YC process: “Why are you not open source?”
   • •Growth plateau led to strategic shift
   • •Drivers: trust, self-hosting, compliance/security requirements
   • •Community growth: 0 → 5,000 stars quickly; ~18,000+ later
7. 7

   From community users to enterprise customers: how big accounts convert

   The founders describe a common adoption pattern: developers discover and self-host Infisical, then expand usage inside their companies. Champions often carry Infisical between employers, turning grassroots adoption into large enterprise contracts.

   • •Developer mindshare and self-hosting as top-of-funnel
   • •Home lab/weekend project usage becomes internal adoption
   • •Champion-led expansion inside companies
   • •“Job change” effect: users bring Infisical to new enterprises
   • •Example: early enterprise user became a Fortune 50 customer
8. 8

   Winning in a crowded market: accessibility and faster deployments

   Despite established incumbents like HashiCorp Vault and AWS Secrets Manager, Infisical wins deals by making security tooling easier and faster to deploy. The team contrasts legacy deployment timelines with Infisical’s shorter time-to-value.

   • •Competitive landscape: Vault, AWS Secrets Manager, etc.
   • •Notable win: large federal defense org (~20,000 employees)
   • •Core philosophy: make security accessible to all engineers
   • •Legacy tooling is cumbersome; long deployments (~21 months cited)
   • •Infisical reduces deployment to weeks/months, improving adoption
9. 9

   Engineering for on-prem and scale: stateless architecture as a differentiator

   Maidul explains the technical focus on supporting diverse environments, especially on-prem deployments for large customers. Infisical’s stateless approach is positioned as a key innovation that simplifies scaling and high availability compared to database-like designs.

   • •Design requirement: easy on-prem deployment across environments
   • •Every feature evaluated through self-hosting experience
   • •Critique of competitors: treating the app like a database complicates scaling
   • •Infisical is stateless, enabling straightforward replication
   • •Benefits: simpler HA, faster scale-out, less operational overhead
10. 10

    Expanding from secrets into an open-source security infrastructure stack

    Vlad outlines a broader product vision: Infisical is moving beyond secrets into multiple security infrastructure domains. The roadmap includes certificate management, SSH access, and encryption services, aiming to become a more complete open-source security platform.

    • •Mission: make security more accessible to developers
    • •Platform expansion beyond secrets management
    • •New/product lines: Infisical PKI (certs), Infisical SSH, Infisical KMS
    • •Positioning: open-source security infrastructure platform
    • •From point solution to broader stack strategy
11. 11

    AI integration vision: securing AI agents as new infrastructure actors

    The conversation shifts to how AI changes access patterns: AI agents become a new “actor” needing credentials, permissions, and trust relationships. Infisical sees an opportunity to secure agent-to-infrastructure and potentially agent-to-agent access.

    • •AI agents introduce new access and trust requirements
    • •Beyond users/machines to agent-based access models
    • •Opportunity: managing secure resource access for AI agents
    • •Future: enabling trusted interactions among agents and systems
    • •Infisical’s role as security layer for AI-era infrastructure
12. 12

    Hiring plan and roles: engineering, go-to-market, and developer relations

    The founders close by sharing that they’re hiring across 15+ roles to support growth and platform expansion. They highlight needs across engineering, sales/account roles, recruiting, operations, and developer relations.

    • •Hiring across 15+ positions
    • •Engineering roles: front-end, full-stack, etc.
    • •Go-to-market roles: account executives
    • •Operations and recruiting roles
    • •Developer relations as a growth/community function

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.

iOSAndroidClaudeChrome