Use Cases

How It Works

Customers

Resources

Company

Sign in

Request a Demo

Opal Unblocked Larger Deals for Chronosphere by Protecting Sensitive Customer Data on GCP

Opal Unblocked Larger Deals for Chronosphere by Protecting Sensitive Customer Data on GCP

Featured

B2B SAAS

Jump to section

Chronosphere unlocked bigger deals with privacy-sensitive customers by gating sensitive access patterns with Opal.

  • Company: Chronosphere is a cloud-native observability platform that helps enterprises monitor, manage, and control telemetry at scale while optimizing costs. Chronosphere was founded in 2019, and raised $342.5M.

  • Challenge: Managing access requests for enhanced troubleshooting became an even higher priority for Chronosphere as the company began to serve more and more security-sensitive industries such as financial services and AI companies that train and serve frontier LLMs.

  • Solution: Chronosphere adopted Opal to eliminate standing access, automate UARs, set up time-bound access to sensitive resources, and more easily meet compliance requirements like SOC 2 and ISO 27001.

Operating Environment

  • Identity provider: Okta

  • Core systems: GCP, GitHub

  • Workforce: 300 Employees across 3 Continents

  • Deployment: SaaS

Challenge

As Chronosphere took on more security-sensitive customers, the security team knew they needed to implement a system that facilitates accelerated access to sensitive data in critical support situations, all while maintaining tight access controls.

When AI frontier labs approached Chronosphere for container visibility services, the team knew that sensitive workloads would demand careful access policies. Chronosphere opted to further enhance controls around data access, limiting it only to support and other critical personnel, to proactively improve their security posture. The Chronosphere team ended up closing multiple deals with leading AI labs and other security-sensitive customers.

Goal

Chronosphere wanted an identity security platform that helped their team:

  • Scope and lock down impersonation access for employees

  • Unblock deals with AI frontier research labs and financial services institutions

  • Facilitate access for enhanced troubleshooting requests via Slack; expire access after 24 hours

Opal Solution

Following the principle of least privilege, Chronosphere deployed Opal to reduce and track access to customer data for enhanced support requests, including time-bound and “break-glass” access for on-call support engineers.

Key Results

  • Accelerated deployment velocity: Engineers now receive production access in minutes instead of hours or days

  • Least Privilege access to customer data for extended support scenarios: Per company-wide policy, access to customer data is explicitly gated on manager approval, or break-glass access for on-call support engineers

  • Increased productivity: Mean time to approve or deny access requests decreased by 78%

Strategic Impact

Opal became a key control for SOC 2 Type 2 and ISO 27001 compliance, which was useful for meeting customer governance and security requirements, and for passing vendor audits. In the future, Chronosphere’s security team plans to roll out Opal to more employees—not just to engineers needing access to GitHub repositories and Google Cloud resources, but also members of the GTM team needing Salesforce access, extending Opal’s scope to both technical and non-technical users.

This expansion in identity security scope not only improves Chronosphere’s overall security posture, but also unlocks access to bigger deals with a measurable impact on top line revenue. In sum, Opal enhanced Chronosphere’s ability to achieve Least Privilege, and also supported the growth of Chronosphere’s annualized revenue.

“Opal helped our security team enforce least privilege on customer data, specifically for the application of extended or enhanced customer support scenarios. As we closed business with increasingly security-sensitive customers, we doubled down on the need to track every single elevated session and action. Opal helped us reduce privileged access across the company by 78%” 

Jacob Rosenberg

Head of Engineering, Observability Infrastructure, Palo Alto Networks

Explore more Customers

Explore more Customers

How Mercari Built and Maintains Zero-Touch Access to Production Systems with Opal

Fintech

Featured

Read more

JIT, UARs, and Time-Bound Access Enhance Engineering Productivity and Security at Databricks

B2B Saas

Featured

Read more

Blend Uses Opal to Transform Identity Security with Deterministic Logic

Fintech

Featured

Read more

From Three Brutal Days to Three Quick Minutes: How Obsidian Accelerated and Improved User Access Reviews With Opal

Security Software

Featured

Read more

Opal Unblocked Larger Deals for Chronosphere by Protecting Sensitive Customer Data on GCP

B2B Saas

Featured

Read more

Blend Uses Opal to Transform Identity Security with Deterministic Logic

Fintech

Featured

Read more

JIT, UARs, and Time-Bound Access Enhance Engineering Productivity and Security at Databricks

B2B Saas

Featured

Read more

Find out why the best security teams manage access with Opal

Find out why the best security teams manage access with Opal

Find out why the best security teams manage access with Opal

Find out why the best security teams manage access with Opal

Stop Reviewing.

Start Enforcing.

Use Cases

Just-in-Time Access

AI-Powered Access Reviews

Programmable Governance

Access Intelligence

Security for AI Agents

How it Works

Platform

Integrations

Intelligence

Customers

Blend

Databricks

Mercari

Superhuman

All Case Studies

Resources

Resource Center

Documentation

Features

Blog

Media & Press

Events

Glossary

Brand Resouces

Company

About

Careers

Trust Center

Legal

Terms of Service

Privacy Policy

Stop Reviewing.

Start Enforcing.

Use Cases

Just-in-Time Access

AI-Powered Access Reviews

Programmable Governance

Access Intelligence

Security for AI Agents

How it Works

Platform

Integrations

Intelligence

Customers

Blend

Databricks

Mercari

Superhuman

All Case Studies

Resources

Resource Center

Documentation

Features

Blog

Media & Press

Events

Glossary

Brand Resouces

Company

About

Careers

Trust Center

Legal

Terms of Service

Privacy Policy

Stop Reviewing.

Start Enforcing.

Use Cases

Just-in-Time Access

AI-Powered Access Reviews

Programmable Governance

Access Intelligence

Security for AI Agents

How it Works

Platform

Integrations

Intelligence

Customers

Blend

Databricks

Mercari

Superhuman

All Case Studies

Resources

Resource Center

Documentation

Features

Blog

Media & Press

Events

Glossary

Brand Resouces

Company

About

Careers

Trust Center

Legal

Terms of Service

Privacy Policy

Stop Reviewing.

Start Enforcing.

Use Cases

Just-in-Time Access

AI-Powered Access Reviews

Programmable Governance

Access Intelligence

Security for AI Agents

How it Works

Platform

Integrations

Intelligence

Customers

Blend

Databricks

Mercari

Superhuman

All Case Studies

Resources

Resource Center

Documentation

Features

Blog

Media & Press

Events

Glossary

Brand Resouces

Company

About

Careers

Trust Center

Legal

Terms of Service

Privacy Policy