He spent twenty years inside enterprise security learning what every dashboard quietly admits: the last mile isn't a firewall. It's a busy person who never clicked “update.”
Shreyas Sadalgi — running the company that argues your coworkers can be the firewall.
Somewhere in every company there is a security alert with a green button next to it. Enable MFA. Update the laptop. Confirm it was you. The button is the whole defense. And it sits there, unclicked, because the person who needs to press it is in three meetings and a parking-lot phone call. Shreyas Sadalgi built a company around that unpressed button.
He is the co-founder and CEO of Amplifier Security, a startup that emerged from stealth in 2024 with a contrarian premise. For decades the security industry has treated employees as the weakest link - the careless click, the reused password, the leak waiting to happen. Sadalgi flipped the sentence around. What if the workforce isn't the vulnerability but the patch? What if the problem was never the people, but the fact that no tool ever bothered to talk to them like people?
That idea has a name in the trade: the last mile. Policy says one thing. Human behavior does another. The gap between them is where breaches live. Verizon's 2025 Data Breach Investigations Report pegs the human-error share of breaches at 68 percent. Sadalgi's pitch is not another scanner to find the gap - the industry has hundreds of those. It's a way to actually close it, one conversation at a time.
Amplifier reads like the company Sadalgi was researching his whole career without knowing it. He trained as an engineer at the National Institute of Technology Karnataka, took a master's in computer science at Rutgers, and did executive work at Stanford. Then he spent two decades in the rooms where enterprise security gets sold, strategized, and stitched together - across network, identity, endpoints, web and SaaS.
At Centrify, the identity-security company, he ran business development as senior vice president. At BetterCloud, the SaaS operations platform, he was chief business strategy officer, steering partnerships and acquisitions. These are not the jobs of someone hunting for zero-days. They're the jobs of someone watching, again and again, the same expensive tools fail at the same cheap problem: getting a human to do the one thing the software couldn't do for them.
By the time he started Amplifier, he had a co-founder who'd seen the other side of the same wall. Tommy Donnelly has been a CISO or CIO three separate times, with a long specialty in human-centric security. One founder spent his career selling and shaping the tools; the other spent his deploying them and living with the gaps. They were describing the same elephant from opposite ends.
What they built is a security copilot called Ampy. It plugs into the security tools a company already owns, normalizes the mess of alerts those tools spit out, and then does the part nobody else does: it reaches out to the actual employee, in plain language, and walks them through the fix. No ticket queue. No nagging email from an inbox nobody reads. A nudge that feels like a helpful colleague rather than an audit.
Under the hood sit two pieces Sadalgi talks about constantly. The User Security Graph maps real-time security data across every connected tool into a living profile of each employee's risk. The AI Automation Studio is a drag-and-drop, natural-language workshop where security teams build the engagement workflows - the conversations - without writing code. Together they form what one investor called a purpose-built message bus between the security team and everyone else in the building.
The phrase Sadalgi keeps returning to is human-in-the-loop. Not full autonomy, where the machine quietly fixes things and hopes nobody notices. Not the status quo, where the human is left alone with a dashboard they'll never open. Something in between: automation that knows when to bring a person in, and how to make that moment painless enough that they actually act.
The most radical thing about Sadalgi's pitch might be the metric he wants security teams to chase. Net Promoter Score. The number marketers use to ask whether customers would recommend you to a friend. He wants CISOs to track whether employees actually like the security program - to build, in his words, a positive security culture without all of the toil.
In an industry that has historically run on fear, friction, and the assumption that users are the enemy, that's close to heresy. It's also a sharp commercial instinct. A tool employees resent gets ignored, routed around, and quietly disabled. A tool they don't mind gets used. Sadalgi is betting that likeability is not a soft virtue in security. It's the whole ballgame.
Investors bought it. Amplifier raised $3.3 million in pre-seed funding led by Cota Capital when it left stealth, then an oversubscribed $5.6 million seed led by TechOperators in April 2025 - roughly $9 million in all. The cap table reads like a security yearbook: angel checks from the founders of Slack, MobileIron, Centrify, PeopleNet, Skyflow and Mercury, plus leaders from Arctic Wolf, GreyNoise, Citrix and OneTrust. TechOperators' Daniel Ingevaldson noted the firm had known Sadalgi for years before leading the round. The bet was on the founder as much as the idea.
Before any of that money arrived, more than fifteen companies had already run Amplifier in private beta, reporting real time saved and risks found faster. Design partners are the truest vote a startup gets - people who use the thing before there's a polished demo to fall for. Sadalgi had a roomful of them.
He works out of the San Francisco Bay Area while the company keeps roots in Atlanta, a quietly growing security hub. The geography is almost a metaphor for the product: two places, one conversation, the value living in the connection between them. That's the whole thesis. Security has never lacked tools. It has lacked a way to reach the human at the end of the line and get them to press the button. Shreyas Sadalgi spent twenty years watching that button go unpressed. Now he runs the company built to tap someone on the shoulder.
“Amplifier flips the script by engaging employees on behalf of all security tools in a more human-friendly way.”
B.E. at NIT Karnataka, M.S. in Computer Science at Rutgers, executive work at Stanford.
Inside identity security, learning how enterprise security actually gets bought and deployed.
Leading partnerships and M&A strategy across the SaaS operations world.
Co-founds Amplifier with Tommy Donnelly; $3.3M pre-seed led by Cota Capital.
TechOperators leads; total funding reaches roughly $9M for “Autonomous User Security.”
The User Security Graph pulls real-time data from every connected tool into one living risk profile per employee.
→The AI Automation Studio lets security teams design engagement workflows in plain language - no code required.
→Ampy reaches the employee directly, in human terms, and walks them through the fix - so risk gets self-healed.
The thesis that flips two decades of security orthodoxy: employees aren't the weakest link, they're the unused defense.
Angels from Slack, Mercury, Skyflow, MobileIron, Centrify and PeopleNet, plus leaders from Arctic Wolf, GreyNoise, Citrix and OneTrust.
He wants CISOs to measure whether employees actually like the program - likeability as a security control.
Paired with Tommy Donnelly, a three-time CISO/CIO - the seller of tools meets the survivor of them.
A private beta of real companies vouched for the product before the seed money showed up.
Investors describe Amplifier as a purpose-built channel between security teams and the rest of the workforce.
The copilot has a name - Ampy - because a tool you talk to should feel less like software and more like a colleague.
His favorite success metric is borrowed from marketing: Net Promoter Score, applied to whether employees like security.
Two coasts, one product: he works from the Bay Area while Amplifier keeps roots in Atlanta.
His co-founder has held the CISO or CIO chair three times - the company is built on scar tissue, not theory.
“A platform loved by employees that helps security teams build a positive culture without all of the toil.”