Platform

Customers

Resources

Platform

Customers

Resources

Opal Unblocked Larger Deals for Chronosphere by Protecting Sensitive Customer Data on GCP

Opal Unblocked Larger Deals for Chronosphere by Protecting Sensitive Customer Data on GCP

B2B SAAS

100%

of reviewed access requests are time-bound

78%

How much standing access to sensitive customer data was reduced

100%

of reviewed access requests are time-bound

78%

How much standing access to sensitive customer data was reduced

Chronosphere unlocked bigger deals with privacy-sensitive customers by gating sensitive access patterns with Opal.

  • Company: Chronosphere is a cloud-native observability platform that helps enterprises monitor, manage, and control telemetry at scale while optimizing costs. Chronosphere was founded in 2019, and raised $342.5M.

  • Challenge: Managing access requests for enhanced troubleshooting became an even higher priority for Chronosphere as the company began to serve more and more security-sensitive industries such as financial services and AI companies that train and serve frontier LLMs.

  • Solution: Chronosphere adopted Opal to eliminate standing access, automate UARs, set up time-bound access to sensitive resources, and more easily meet compliance requirements like SOC 2 and ISO 27001.

Operating Environment


  • Identity provider: Okta

  • Core systems: GCP, GitHub

  • Workforce: 300 Employees across 3 Continents

  • Deployment: SaaS

Challenge

As Chronosphere took on more security-sensitive customers, the security team knew they needed to implement a system that facilitates accelerated access to sensitive data in critical support situations, all while maintaining tight access controls.

When AI frontier labs approached Chronosphere for container visibility services, the team knew that sensitive workloads would demand careful access policies. Chronosphere opted to further enhance controls around data access, limiting it only to support and other critical personnel, to proactively improve their security posture. The Chronosphere team ended up closing multiple deals with leading AI labs and other security-sensitive customers.

Goal

Chronosphere wanted an identity security platform that helped their team:

  • Scope and lock down impersonation access for employees

  • Unblock deals with AI frontier research labs and financial services institutions

  • Facilitate access for enhanced troubleshooting requests via Slack; expire access after 24 hours

Opal Solution

Following the principle of least privilege, Chronosphere deployed Opal to reduce and track access to customer data for enhanced support requests, including time-bound and “break-glass” access for on-call support engineers.

Key Results


  • Accelerated deployment velocity: Engineers now receive production access in minutes instead of hours or days

  • Least Privilege access to customer data for extended support scenarios: Per company-wide policy, access to customer data is explicitly gated on manager approval, or break-glass access for on-call support engineers

  • Increased productivity: Mean time to approve or deny access requests decreased by 78%

Strategic Impact

Opal became a key control for SOC 2 Type 2 and ISO 27001 compliance, which was useful for meeting customer governance and security requirements, and for passing vendor audits. In the future, Chronosphere’s security team plans to roll out Opal to more employees—not just to engineers needing access to GitHub repositories and Google Cloud resources, but also members of the GTM team needing Salesforce access, extending Opal’s scope to both technical and non-technical users.

This expansion in identity security scope not only improves Chronosphere’s overall security posture, but also unlocks access to bigger deals with a measurable impact on top line revenue. In sum, Opal enhanced Chronosphere’s ability to achieve Least Privilege, and also supported the growth of Chronosphere’s annualized revenue.

0

1

AI that makes continuous access decisions, with you on the dial.

0

CTA

AI that makes continuous access decisions, with you on the dial.

0

CTA

AI that makes continuous access decisions, with you on the dial.

0

CTA

Everything you need to know about Opal

What is Opal Security and what does it do?

What systems does Opal integrate with?

How is Opal different from traditional IGA and IAM tools?

Can Opal govern AI agents and non-human identities?

Does Opal replace my existing identity stack?

How fast can Opal be deployed?

Who is Opal's leadership?

0

FAQ

Everything you need to know about Opal

What is Opal Security and what does it do?

What systems does Opal integrate with?

How is Opal different from traditional IGA and IAM tools?

Can Opal govern AI agents and non-human identities?

Does Opal replace my existing identity stack?

How fast can Opal be deployed?

Who is Opal's leadership?

0

FAQ

Everything you need to know about Opal

What is Opal Security and what does it do?

What systems does Opal integrate with?

How is Opal different from traditional IGA and IAM tools?

Can Opal govern AI agents and non-human identities?

Does Opal replace my existing identity stack?

How fast can Opal be deployed?

Who is Opal's leadership?

0

FAQ

See. Encode.

Enforce.

© 2026

See. Encode.

Enforce.

© 2026

See.

Enforce.

Encode.

© 2026