A gateway-first team, building the control plane for privileged access
We started Wardengate because we were tired of watching capable security teams lose hours to bastion sprawl, brittle VPN hops, and shared break-glass accounts. Privileged access should be a single, auditable path—not a map of exceptions.
Make privileged access the calmest part of your estate
Most organizations didn't choose their privileged access architecture—they inherited it. Bastions grew with the cloud footprint, VPN paths accumulated around acquisitions, and standing credentials quietly became the connective tissue between teams and production. The result is an access surface that no one owns and no one can fully describe.
Wardengate replaces that surface with a single gateway: brokered protocols, identity-bound policy, and session evidence that reads the same to an engineer, an auditor, and an incident responder. Our mission is to make privileged access boring—predictable, reviewable, and easy to defend.
Founded by engineers tired of bastion sprawl
Wardengate began in 2023 as a shared frustration between two security engineers who had spent years maintaining privileged access in fast-moving environments. Between them, they'd inherited more than a dozen jump-host topologies, half of which nobody could confidently describe end to end.
The premise was simple: a modern gateway, designed as a product rather than stitched together from primitives, could absorb that sprawl without asking operators to change how they work. We raised a seed round, shipped a private beta with a handful of design partners, and have been compounding on their feedback since.
How we make product decisions
Every privileged path deserves an identity, a policy, and a record. We ship defaults that stand up to an audit on day one—not after six months of hardening.
Security that breaks workflows quietly gets bypassed loudly. We design for the engineer on call at 2 a.m. as much as for the auditor at quarter end.
One gateway, one console, one story for reviewers. We prefer boring, explainable mechanisms over opaque magic wrapped in dashboards.
If it can't be shown, it didn't happen. Session evidence, approvals, and revocations are product surface area—not an afterthought bolted on for compliance.
The people setting direction
A small, senior team with a shared background in privileged infrastructure, identity, and security operations.
J. Rivera
Co-founder & CEO
Former director of infrastructure security at a public fintech. Spent a decade untangling bastion fleets before deciding to retire them outright.
M. Okafor
Co-founder & CTO
Distributed-systems engineer with a background in protocol proxies and identity brokering. Previously built internal PAM tooling at a cloud provider.
S. Lindqvist
VP Engineering
Led platform teams across two acquired security startups. Focused on shipping durable primitives that survive the shift from pilot to standard.
A. Desai
VP Security
Career defender with experience running incident response and threat modeling for regulated workloads. Runs our internal red-team and security review.
The basics
2023
Boston, MA
Remote-first, globally distributed
Series A — backed by infrastructure-focused investors
Work with us
Consolidate privileged access with a team that lives it
Talk to us about your current access architecture—whether you're planning a bastion retirement, preparing for an audit, or rolling out third-party access.