A San Jose startup is betting that the biggest risk in enterprise AI isn't the model - it's everything the model can suddenly read. So it built a security layer to see what your copilots see, and stop them before they overshare.
Here is a fact about enterprise software that nobody enjoys saying out loud: for about a decade, companies have been quietly accumulating permissions the way a garage accumulates boxes. Someone shares a folder "just for now." A contractor gets added to a Teams channel and never removed. A finance spreadsheet lands in a SharePoint site that half the company can technically reach. None of it was a problem, exactly, because nobody was actually going to click through 400,000 documents to find the one labeled Project Falcon - Do Not Circulate.
And then everybody turned on Copilot.
This is the moment Opsin was built for. The company, founded in 2024 and based in San Jose, sells software that watches what generative AI tools - Microsoft Copilot, ChatGPT Enterprise, Claude, Google's Gemini - can actually see inside a company, and stops them from surfacing the things they shouldn't. The pitch fits on a sticker: See every AI agent. Stop every risk. The problem underneath it is older and messier than the AI boom that made it urgent.
That quote, from the security chief at water-treatment company Culligan, is the entire thesis of the business compressed into eleven words. Generative AI did not create the mess. It industrialized the retrieval of it. A human employee with bad permissions is a slow, distractible threat. An AI assistant with the same permissions is a tireless one that will happily answer "summarize what we're paying our VPs" in natural language, in seconds, drawing from any document it's allowed to touch. The permissions didn't change. The speed of exploitation did.
Opsin's approach is refreshingly un-mysterious, which in security is a compliment. It breaks down into three verbs: assess, monitor, remediate. First it connects - via a one-click API integration, the company says - and within roughly 24 hours produces a map of what an AI tool could surface if asked. It does this partly by simulating the AI itself, running natural-language queries the way Copilot would, to find the sensitive data hiding in reach. Then it watches, continuously, how employees actually use these tools and where exposure happens. Then it fixes the oversharing - across SharePoint, OneDrive, Teams - and keeps it fixed as the company keeps changing.
The un-glamorous genius here is the sequencing. Plenty of vendors will sell you a dashboard. Opsin's bet is that you can't govern what you can't see, and you can't see what an AI can reach until you look through the AI's own eyes. The name, fittingly, echoes opsins - the light-sensitive proteins in your retina that make vision possible. A security company named after the biology of seeing is either a nice coincidence or a very deliberate one.
That second quote points at where this is going. When Opsin launched, the enemy was oversharing: an AI reading a document it shouldn't. By 2026 the framing had widened to agents - AI that doesn't just say things but does things, taking actions inside enterprise systems. Opsin now describes itself as an enterprise agent security platform, cataloging every copilot and AI app across an organization, mapping what each can access and change, and flagging what could go wrong. The scope grew because the threat did. An assistant that overshares a file is a leak. An agent that can act on that file is a different order of problem.
Simulates how a tool like Copilot searches and retrieves data through natural-language queries, then reports your exposure - typically within 24 hours - before you roll anything out.
Continuously detects, fixes, and prevents AI-driven oversharing across SharePoint, OneDrive, and Teams, so protection keeps pace as adoption scales.
Monitors how employees use GenAI, catches policy violations and sensitive-data exposure, and hands security, GRC, and legal teams the full context to investigate.
Discovers every copilot and AI app in the enterprise, maps what each can access and change, and remediates the oversharing and misconfigurations underneath.
Opsin was founded by an ML-systems builder, a career security engineer, and an engineering leader - a combination aimed squarely at a problem that is one part machine learning and two parts unglamorous access control.
Co-founder Oz Wasserman brings more than 15 years in cybersecurity and contributed as an author on the OWASP GenAI Data Security Risks 2026 report - a detail that tells you Opsin is trying to help write the category's rulebook, not just sell against it.
The round included CapitalX, Lockstep Ventures, and a group of cybersecurity and enterprise-SaaS angels. The thesis Race Capital bought into is a contrarian one: the winners of the AI era won't only be the model builders - they'll also be the companies quietly making sure the models don't get anyone fired.
Opsin is founded to close a gap legacy security tools couldn't - AI-driven data oversharing.
Closes a $7M seed round led by Race Capital to stop GenAI oversharing.
Recognized in Gartner's 2026 Emerging Tech report on AI TRiSM and the Market Guide for Guardian Agents.
Positions itself for the "second generation" of enterprise AI security as agents move from saying to doing.
Opsin's customer list skews toward the most regulated, most cautious corners of the economy - hospitals, manufacturers, financial firms - which is exactly where AI adoption is both most valuable and most dangerous. Named customers include:
Opsins are the light-sensitive proteins in your eye that make vision possible. For a company whose job is helping enterprises see what their AI can see, that's a fitting choice.
Opsin's founding insight: AI didn't create data sprawl. It just made a decade of messy permissions suddenly visible - and searchable in plain English.
Security tools that take six months to deploy get shelved. Opsin promises a full risk map within about 24 hours of a one-click connection.
A co-founder contributed to the OWASP GenAI Data Security Risks 2026 report - helping define the category Opsin sells into.
Profile compiled from public sources. Figures such as funding and customer results are as reported by Opsin and press coverage; treat metrics as approximate. Video interviews and product demos were not publicly available at time of filing - see the "Book a demo" link for the latest product walkthrough.