Skip to content
YC Root AccessYC Root Access

Infisical: The Open Source Security Stack

Vlad Matsiiako, Tony Dang, and Maidul Islam started Infisical with a belief that secrets—like API keys and credentials—are the glue that holds modern software together. But managing them was still a mess: clunky tools, brittle workflows, and security that broke under pressure. So they built something better. What started as a small open source project at Cornell became a go-to secrets management platform for developers and large enterprises alike. After open-sourcing the product during YC’s Winter 2023 batch, traction took off. Now Infisical is trusted by companies like Hugging Face, LG, and Lucid, and has been downloaded more than 40 million times. Today, they announced a $16 million Series A led by Elad Gil, with participation from Y Combinator, Gradient, Dynamic Fund, and the CEOs of Datadog, Samsara, and Valor. Infisical is cash-flow positive, growing fast, and expanding beyond secrets into a full open-source security stack for the AI era. YC Partner Diana Hu recently sat down with Infisical's founders to talk about how they got here, their founding story, and the kind of company they are building. Learn more about Infisical at https://infisical.com. Apply to Y Combinator: https://ycombinator.com/apply Chapters 00:00 - Introduction 00:10 - What is Infisical? 00:33 - Managing Secrets at Scale 00:58 - Origin Story 02:43 - From Closed Source to Open Source 03:51 - Landing Big Contracts 05:17 - Competing in a Crowded Market 06:39 - Technical Challenges and Innovations 08:15 - Future Vision and AI Integration 09:48 - Hiring and Opportunities

Diana HuhostTony DangguestVlad MatsiiakoguestMaidul Islamguest
Jun 6, 202510mWatch on YouTube ↗

CHAPTERS

  1. Series A spotlight and team introductions

    Diana Hu opens by congratulating Infisical on their Series A led by Elad Gil and introduces the three co-founders: Vlad, Maidul, and Tony. The conversation sets up Infisical’s purpose and why it matters in modern developer infrastructure.

  2. What Infisical is: open-source secrets management for developers and enterprises

    Infisical is presented as an open-source secrets management platform used by both fast-growing AI companies and Fortune 100 enterprises. The goal is to help teams manage sensitive credentials across varied infrastructure environments.

  3. Defining “secrets” and the scale Infisical handles

    The founders clarify what counts as a “secret” in developer infrastructure and quantify the system’s throughput. The scale emphasized—billions of secrets and 10B+ processed monthly—signals enterprise-grade usage and performance requirements.

  4. Origin story: Cornell collaboration and repeated side-project iteration

    The team explains how they met at Cornell and built multiple side projects together before Infisical. Their co-founding dynamic emerged from repeated collaboration and a shared drive to find the “next” problem worth solving.

  5. Finding the wedge: fixing the .env file problem for teams

    Their initial insight came from repeatedly dealing with .env files across projects, where sensitive values were hard to share and keep consistent. Infisical began as a solution for syncing and managing secrets among teammates, then expanded in scope.

  6. Closed-source to open-source: trust, self-hosting, and breakout GitHub growth

    Infisical started as a closed-source SaaS, but growth flattened and customers demanded more trust and the ability to run on their own infrastructure. Going open source became a major advantage, driving rapid adoption and strong GitHub traction.

  7. From community users to enterprise customers: how big accounts convert

    The founders describe a common adoption pattern: developers discover and self-host Infisical, then expand usage inside their companies. Champions often carry Infisical between employers, turning grassroots adoption into large enterprise contracts.

  8. Winning in a crowded market: accessibility and faster deployments

    Despite established incumbents like HashiCorp Vault and AWS Secrets Manager, Infisical wins deals by making security tooling easier and faster to deploy. The team contrasts legacy deployment timelines with Infisical’s shorter time-to-value.

  9. Engineering for on-prem and scale: stateless architecture as a differentiator

    Maidul explains the technical focus on supporting diverse environments, especially on-prem deployments for large customers. Infisical’s stateless approach is positioned as a key innovation that simplifies scaling and high availability compared to database-like designs.

  10. Expanding from secrets into an open-source security infrastructure stack

    Vlad outlines a broader product vision: Infisical is moving beyond secrets into multiple security infrastructure domains. The roadmap includes certificate management, SSH access, and encryption services, aiming to become a more complete open-source security platform.

  11. AI integration vision: securing AI agents as new infrastructure actors

    The conversation shifts to how AI changes access patterns: AI agents become a new “actor” needing credentials, permissions, and trust relationships. Infisical sees an opportunity to secure agent-to-infrastructure and potentially agent-to-agent access.

  12. Hiring plan and roles: engineering, go-to-market, and developer relations

    The founders close by sharing that they’re hiring across 15+ roles to support growth and platform expansion. They highlight needs across engineering, sales/account roles, recruiting, operations, and developer relations.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.

Add to Chrome