We think access should be earned per-request, not handed out at the perimeter. Everything we build follows from that.
Stratus Technologies began in 2019 after its founders spent years watching the same incident repeat itself: a single set of VPN credentials, once stolen, opened the whole network. The fix wasn't a bigger wall — it was getting rid of the idea that being "inside" should mean trusted.
We shipped the first gateway to a handful of design partners in 2020 and have grown deliberately since: a remote-first team of just over forty people across six countries, funded by revenue and a single early round.
Nothing is reachable until a policy says so — and when access is denied, the user and the admin both get a clear reason, not a timeout.
Security infrastructure should be predictable. We move fast on the console and slowly, carefully, on anything in the request path.
If you can't answer "who did what" in seconds, you don't really have an audit trail. We treat the record as a first-class product surface.
Remote-first since day one, asynchronous by default, and small on purpose. We'd rather keep the team tight and the surface area we ask customers to trust even tighter.