People often ask if investors prefer to invest in “refresh cycles” of existing software categories or in entirely new software markets. Some assume new software categories offer the biggest opportunities. In reality, refreshing existing categories—at the right moment—can be just as powerful. But you need the right founding team at the right time.

What does that actually mean? A standard investor diligence covers: market, product, tech, go-to-market, competitive landscape, and usually a “why now?”.  When we’re evaluating a new startup building in an existing software category, the two things that are often most important are 1) product, and 2) why now? A startup needs to have a really compelling product to drive customers to switch from an incumbent software provider that is already solving their problem, and that often derives from net new problems that have arisen from new development or infrastructure patterns that have emerged.

When we met Vlad, Maidul, and Tony from the Infisical team in 2023, it was clear that they had built the right product for the right moment in time.

Why is now the right time for a new, better SecretOps platform? The modern AI era has driven a need for more advanced data protection and access controls. Data is more valuable than ever with modern ML models, and the applications built on top of them are increasingly connected to other data sources, apps, and services.

In other words, we have more developers, building more apps, that leverage more sensitive data & functionality from other sources. To complicate things further, we’ve seen some major evolution in technical infrastructure and teams:

• Proliferation of infrastructure as code (IaC) leads to more secrets in code

• 84% of enterprises have moved to multi-cloud solutions, leading to secrets scattered in different provider-specific managers

• Developers need quick, simple solutions for building apps that leverage secrets, putting stress on IT teams using legacy solutions

• Every company is a “software company” now: semi-custom or custom software now exists at most mid-market companies, regardless of industry

Secrets are everywhere as a result. In 2022 alone, GitGuardian reported over 10 million hardcoded secrets in public GitHub repos. Secrets sprawl is getting more difficult to manage, and existing solutions like HashiCorp only work well for enterprises with large platform teams that could manage the implementation.

Why is Infisical’s product the right one?

We knew that enterprises, and specifically, developers were hurting. But the question remained, what product architecture could help them? This is where Infisical knocked it out of the park. They built an open core solution that is easy for developers to interact with, and combined secure storage, versioning, secret rotation, dynamic secrets, CI/CD integrations, and secret scanning capabilities all into a single product offering.

Need to pull secrets into your app? Infisical provides a CLI to inject env vars on the fly or language SDKs for your code. Using popular dev tools? It offers native integrations (Docker, Kubernetes, GitHub Actions, Terraform, etc.) to sync secrets across environments automatically. Unlike legacy solutions, a friendly web dashboard gives even junior devs a clear interface to manage keys (with proper permissions) while ops leaders get oversight via audit logs.

So what does it look like when you nail the right product at the right time? Rapid adoption & growth.

Since we partnered with Infisical in early 2023, the company now secures over 500M secrets daily and has over 17K GitHub stars - we’re thrilled to have been a part of the journey. They have set the standard for what it looks like to re-define a software category in the AI era: efficiently scaling a product and sales motion through a PLG led GTM with only a few employees. We’re excited to see Infisical’s next phase of growth and to work again with Elad Gil, Infisical’s lead Series A investor!