BREAKING  Opsin raises $7M seed led by Race Capital to stop GenAI oversharing Gartner names Opsin in 2026 AI TRiSM report Culligan cuts sensitive data exposure 80% with Opsin Coverage: Microsoft Copilot · ChatGPT Enterprise · Claude · Gemini Full risk map in 24 hours via one-click API "See every AI agent. Stop every risk." BREAKING  Opsin raises $7M seed led by Race Capital to stop GenAI oversharing Gartner names Opsin in 2026 AI TRiSM report Culligan cuts sensitive data exposure 80% with Opsin Coverage: Microsoft Copilot · ChatGPT Enterprise · Claude · Gemini Full risk map in 24 hours via one-click API "See every AI agent. Stop every risk."
Company Dispatch · AI Security

Opsin wants your AI to know less.

A San Jose startup is betting that the biggest risk in enterprise AI isn't the model - it's everything the model can suddenly read. So it built a security layer to see what your copilots see, and stop them before they overshare.

Founded 2024 San Jose, CA Seed · $7M ~21 people
Opsin logo and brand mark with the tagline See every AI agent, stop every risk
The house style: a friendly robot face, boxed and tidy, surrounded by every other AI agent in the building. The whole company is in that picture - a room full of bots, and one that keeps count.
YesPress Company File Filed: San Jose, California Beat: Enterprise AI / Data Security Status: Seed-stage, growing
The Story

The most expensive thing your AI can do is read a file it was never supposed to open.

Here is a fact about enterprise software that nobody enjoys saying out loud: for about a decade, companies have been quietly accumulating permissions the way a garage accumulates boxes. Someone shares a folder "just for now." A contractor gets added to a Teams channel and never removed. A finance spreadsheet lands in a SharePoint site that half the company can technically reach. None of it was a problem, exactly, because nobody was actually going to click through 400,000 documents to find the one labeled Project Falcon - Do Not Circulate.

And then everybody turned on Copilot.

This is the moment Opsin was built for. The company, founded in 2024 and based in San Jose, sells software that watches what generative AI tools - Microsoft Copilot, ChatGPT Enterprise, Claude, Google's Gemini - can actually see inside a company, and stops them from surfacing the things they shouldn't. The pitch fits on a sticker: See every AI agent. Stop every risk. The problem underneath it is older and messier than the AI boom that made it urgent.

"We always knew data sprawl was a problem. Copilot just made it visible." - Amir Niaz, CISO, Culligan International

That quote, from the security chief at water-treatment company Culligan, is the entire thesis of the business compressed into eleven words. Generative AI did not create the mess. It industrialized the retrieval of it. A human employee with bad permissions is a slow, distractible threat. An AI assistant with the same permissions is a tireless one that will happily answer "summarize what we're paying our VPs" in natural language, in seconds, drawing from any document it's allowed to touch. The permissions didn't change. The speed of exploitation did.

What Opsin actually does

Opsin's approach is refreshingly un-mysterious, which in security is a compliment. It breaks down into three verbs: assess, monitor, remediate. First it connects - via a one-click API integration, the company says - and within roughly 24 hours produces a map of what an AI tool could surface if asked. It does this partly by simulating the AI itself, running natural-language queries the way Copilot would, to find the sensitive data hiding in reach. Then it watches, continuously, how employees actually use these tools and where exposure happens. Then it fixes the oversharing - across SharePoint, OneDrive, Teams - and keeps it fixed as the company keeps changing.

The un-glamorous genius here is the sequencing. Plenty of vendors will sell you a dashboard. Opsin's bet is that you can't govern what you can't see, and you can't see what an AI can reach until you look through the AI's own eyes. The name, fittingly, echoes opsins - the light-sensitive proteins in your retina that make vision possible. A security company named after the biology of seeing is either a nice coincidence or a very deliberate one.

"Opsin started by solving data oversharing in Copilot. We are now securing an entire generation of autonomous enterprise agents." - James Pham, CEO & Co-Founder

That second quote points at where this is going. When Opsin launched, the enemy was oversharing: an AI reading a document it shouldn't. By 2026 the framing had widened to agents - AI that doesn't just say things but does things, taking actions inside enterprise systems. Opsin now describes itself as an enterprise agent security platform, cataloging every copilot and AI app across an organization, mapping what each can access and change, and flagging what could go wrong. The scope grew because the threat did. An assistant that overshares a file is a leak. An agent that can act on that file is a different order of problem.

By The Numbers
$7M
Seed round
24h
To first risk map
80%
Exposure cut at Culligan
2024
Year founded
The Product Line

Four ways to keep a helpful robot from being too helpful.

01 / ASSESS

AI Readiness Assessment

Simulates how a tool like Copilot searches and retrieves data through natural-language queries, then reports your exposure - typically within 24 hours - before you roll anything out.

02 / PROTECT

Ongoing Oversharing Protection

Continuously detects, fixes, and prevents AI-driven oversharing across SharePoint, OneDrive, and Teams, so protection keeps pace as adoption scales.

03 / RESPOND

AI Detection & Response

Monitors how employees use GenAI, catches policy violations and sensitive-data exposure, and hands security, GRC, and legal teams the full context to investigate.

04 / MAP

Agent Cataloging & Posture

Discovers every copilot and AI app in the enterprise, maps what each can access and change, and remediates the oversharing and misconfigurations underneath.

The Founders

Three people who read the permissions so the AI wouldn't have to.

Opsin was founded by an ML-systems builder, a career security engineer, and an engineering leader - a combination aimed squarely at a problem that is one part machine learning and two parts unglamorous access control.

JP

James Pham

CEO & Co-Founder
OW

Oz Wasserman

Co-Founder & CPO
JM

Jeremy Mailen

Co-Founder · Engineering

Co-founder Oz Wasserman brings more than 15 years in cybersecurity and contributed as an author on the OWASP GenAI Data Security Risks 2026 report - a detail that tells you Opsin is trying to help write the category's rulebook, not just sell against it.

$7,000,000
Seed · April 2025 · Led by Race Capital

The round included CapitalX, Lockstep Ventures, and a group of cybersecurity and enterprise-SaaS angels. The thesis Race Capital bought into is a contrarian one: the winners of the AI era won't only be the model builders - they'll also be the companies quietly making sure the models don't get anyone fired.

The Timeline
2024

Opsin is founded to close a gap legacy security tools couldn't - AI-driven data oversharing.

APRIL 2025

Closes a $7M seed round led by Race Capital to stop GenAI oversharing.

EARLY 2026

Recognized in Gartner's 2026 Emerging Tech report on AI TRiSM and the Market Guide for Guardian Agents.

JUNE 2026

Positions itself for the "second generation" of enterprise AI security as agents move from saying to doing.

Who's Buying

The least flashy industries make the best customers.

Opsin's customer list skews toward the most regulated, most cautious corners of the economy - hospitals, manufacturers, financial firms - which is exactly where AI adoption is both most valuable and most dangerous. Named customers include:

Footnotes

Small things worth knowing.

A name that means "to see"

Opsins are the light-sensitive proteins in your eye that make vision possible. For a company whose job is helping enterprises see what their AI can see, that's a fitting choice.

The lights, not the mess

Opsin's founding insight: AI didn't create data sprawl. It just made a decade of messy permissions suddenly visible - and searchable in plain English.

Speed is the feature

Security tools that take six months to deploy get shelved. Opsin promises a full risk map within about 24 hours of a one-click connection.

Writing the rulebook

A co-founder contributed to the OWASP GenAI Data Security Risks 2026 report - helping define the category Opsin sells into.

Share & Connect

Pass it along.

Profile compiled from public sources. Figures such as funding and customer results are as reported by Opsin and press coverage; treat metrics as approximate. Video interviews and product demos were not publicly available at time of filing - see the "Book a demo" link for the latest product walkthrough.