Check out all the on-demand sessions from the Intelligent Security Summit here.

Doppler, a universal secrets management platform for developers, has raised $6.5 million in a round of funding led by Alphabet’s venture capital arm GV.

Alongside the funding, Doppler introduced a tool called Doppler Share, which is designed to enable teams to share one-off secrets such as lockbox codes or Wi-Fi passcodes through an expiring link. Perhaps more interestingly, Doppler is also debuting a handful of enterprise features as it prepares to target bigger businesses.

“Secrets” is industry parlance for digital authentication credentials such as passwords, keys, and API tokens that protect access to applications, services, and other private areas of a company’s IT infrastructure. “Secrets management” refers to the tools and technologies companies such as Doppler offer to help businesses manage these sensitive areas.

“If you’re a database admin, would you leave a post-it note on your desk with the username and password to a database scribbled on it, even if you thought only your fellow admins would see it?” Doppler founder and CEO Brian Vallelunga asked. “I’m pretty sure you’d opt for a safe and secure place — one that only authorized users could access. This is exactly what Doppler provides for modern applications.”


Intelligent Security Summit On-Demand

Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.

Watch Here

Doppler’s dashboard effectively groups secrets together by application, with the main Doppler command-line interface (CLI) serving up programmatic access to secrets when the application starts up. “No sensitive information ever touches the server,” Vallelunga added.

Above: Doppler dashboard


Founded out of San Francisco in 2018, Doppler had previously raised $2.3 million via a seed round of funding from notable investors, including Sequoia Capital, which also participated in this latest round, and Peter Thiel.

It’s still early days for Doppler in terms of working with enterprises, but the company has been developing a bunch of new features to help it do just that. “We are in talks with a number of enterprises,” Vallelunga explained. “Very recently, we started rolling out our enterprise-focused features.”

Among the company’s new “enterprise-grade” features are token management, secrets referencing, cloud provider integrations, and SCIM (system for cross-domain identity management) support.

There are several secrets management tools already on the market, such as Amazon’s AWS Secrets Manager and Vault from HashiCorp, a startup now valued at more than $5 billion. However, Doppler wants to cater to all developer environments equally, from local development to production, spanning every stack and project.

“It’s designed for developers while meeting the needs of security and DevOps (developer operations), with integrations for every major platform, including other secrets managers,” Vallelunga said. “Customers find us when they realize they’ve been managing secrets insecurely, get burned by secrets sprawl, hit limitations with their own home-grown solutions, or are looking for a more frictionless alternative to their current secrets manager.”

Moreover, Doppler is going all-in on integrations, with users able to set up direct integrations with most of the major cloud platforms, such as Heroku, Vercel, Netlify, and GitHub Actions, not to mention other secrets managers, such as AWS Secrets Manager and Azure Vault.

“This is where Doppler excels,” Vallelunga said. “We absorb as much of the complexity around supplying app config and secrets as possible. We want our customers to focus on shipping new features and improvements.”

This is the crux of Doppler’s promise to developers: Concentrate more on what you do best (coding) and less on mundane secondary tasks, such as managing secrets.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.