18 cybersecurity startups to watch

If you want to know what’s new in cybersecurity, watch what the startup vendors are doing. They typically begin with an innovative idea and are unfettered by an installed base and its mainstream approach. Startups often tackle problems no one else is addressing.

The downside, of course, is that startups often lack resources and maturity. It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor relationship. The rewards, however, can be huge if it gives that company a competitive advantage or reduces stress on security resources.

The vendors below represent some of the most interesting startups (defined here as a company founded or emerging from stealth mode in the past two years).

[Editor’s note: This article, originally published May 5, 2021, is periodically updated as new startups emerge.]

Abnormal Security

Founded in 2019, Abnormal Security offers a cloud-native email security platform that uses behavioral data science to identify and prevent email attacks. Its AI-based approach analyzes data user behavior, organizational structure, and relationships, and business processes to help identify anomalous activity that could indicate a cyberattack. Abnormal’s email protection platform promises to prevent business email compromise, supply chain attacks, invoice fraud, credential phishing, and email account compromise. It also provides tools to help automate incident response, and the platform provides a cloud-native API to integrate with enterprise platforms such as Microsoft Office 365, G Suite, and Slack.

Apiiro

Apiiro emerged from stealth mode in 2020. Its devsecops platform aims to shift the secure development lifecycle “from a manual and periodic ‘developers-last’ to an automatic risk-based ‘developers-first’ approach,” according to co-founder and CEO Idan Plotnik in a blog post. The Apiiro platform works by connecting all on-premises and cloud source control and ticketing systems through an API. It also provides customizable predefined code governance rules. Over time, the platform builds an inventory by “learning” all products, projects, and repositories. That data allows it to better identify risky code changes.

Axis Security

The Axis Security Application Access Cloud is a cloud-based application access solution that’s built on a zero-trust approach. It does not rely on having agents installed on user devices, so that organizations can connect users—on premises and remote—on any device to private apps, without  touching the network or the apps themselves. Axis emerged from stealth mode in 2020. 

BreachQuest

Formally emerging from stealth mode on August 25, 2021, BreachQuest offers an incident response platform called Priori. It is designed to provide greater visibility through constant monitoring for malicious activity. The company claims that Priori is able to provide instant information on the attack and what endpoints are compromised once a threat is detected.

Cloudrise

Cloudrise provides managed data protection and security automation services in a SaaS format. Despite its name, Cloudrise protects both cloud-based and on-premises data. The company claims it is able to integrate data protection into digital transformation projects. It automates operational processes across data protection and privacy solutions. Cloudrise was launched in October 2019.

Cylentium

Cylentium claims its cyber invisibility technology can “cloak” a business or home network and any device connected to it from detection by attackers. The company calls this concept “zero identity.” The company is marketing its products to businesses, consumers, and the public sector. Cylentium was launched in 2020.

Cytrio

Cytrio’s product claims to automate compliance with US state privacy laws: California’s CCPA/CCPR, Virginia’s VCDPA, and Colorado’s CPA. It offers a consumer-facing component that provides a portal for them to manage privacy, such as submitting data subject access requests (DSARs). Cytrio also offers discovery and classification features to identify personal information across an organization’s cloud and on-premises data stores. The company was launched in June 2020.

Deduce

Deduce, founded in 2019, offers two products for what it calls “identity intelligence.” Customer Alerts sends notifications to customers of potential account compromise, and Identity Risk Score uses aggregated data to assess the risk of account compromise. The company uses cognitive algorithms to analyze privacy-compliant data from more than 150,000 sites and applications to identify possible fraud. Deduce claims an over 90% reduction in account takeover damage.

Drata

Drata’s automated security and compliance platform is focused on audit readiness for standards such as SOC 2 or ISO 27001. It monitors and collects data on security controls to provide evidence of them being in place and working. The platform also helps to streamline workflows. Drata was founded in 2020.

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs. The company claims its credential management solutions remove the burdens of digital identity management. FYEO Domain Intelligence (“FYEO DI”) provides domain, credential and threat monitoring services, and FYEO Identity will provide password and identity management services beginning in Q4 2021. FYEO exited stealth mode in 2021.

Hive Pro

Hive Pro‘s Kronos predictive vulnerability analytics (PVA) platform centers on the four pillars of prevent, detect, respond and predict. It automates and orchestrates vulnerability remediation through a “single pane” view. The company’s Artemis product is a data-driven pen-test platform and service. Hive Pro was founded in 2019.

Infinipoint

Israeli firm Infinipoint was founded in 2019. It refers to its core cloud-based product as “device identity as a service,” or DIaaS, which is a device identity and posture solution. It integrates with SSO authentication and acts as a single enforcement point for all enterprise services. DIaaS uses risk intelligence to enforce policies, provides device security status, and claims to offer “one-click” remediation of vulnerabilities.

Kameleon

As a fabless semiconductor company, Kameleon is somewhat unique among cybersecurity vendors. It has developed what it calls a “Proactive Security Processing Unit” (ProSPU). It is designed to protect systems at boot and is targeted for use in data centers, managed computers, servers, and cloud computing systems. Kameleon was founded in 2019.

Noname Security

Noname, which came out of stealth mode in 2020, is focused on reducing risk from API vulnerabilities. Its Noname API Security platform claims to detect vulnerabilities and misconfigurations in real time following what it calls the D.A.R.T. approach: discover, analyze, remediate and test. The platform does not require agents or network modifications.

Open Raven

Open Raven’s cloud-native data security platform is designed to provide greater visibility into cloud resources. It maps all cloud data stores, including shadow cloud accounts, and identifies the data they hold. Open Raven then monitors in real time for data leaks and policy violations and alerts teams to fix them. It can also monitor log files for sensitive information that should be removed. The company emerged from stealth mode in 2020.

Satori

Founded in 2019, Satori refers to its data access service as “DataSecOps,” and its purpose is to separate security and privacy controls from the architecture. The service monitors, classifies, and controls access to sensitive data. You can configure policies based on criteria such as groups, users, data types, or schema to prevent unauthorized access, mask sensitive data or trigger a workflow. The service offers pre-configured policies for common regulations such as GDPR, CCPA and HIPAA.

Scope Security

Scope Security recently came out of stealth mode, having been founded in 2019. Its Scope OmniSight product is targeted to the healthcare industry and detects attacks on IT infrastructure, clinical systems, and EHR systems. A threat intelligence component can collect threat indicators from multiple internal and third-party sources, presenting the data through a single portal.

Strata

Strata’s main product is the Maverics Identity Orchestration Platform. It’s a distributed, multicloud identity management platform. Strata’s stated goal is to bring consistency across distributed cloud environments for user identity for apps deployed across multiple clouds and on-premises. Features include a Secure Hybrid Access solution to extend zero-trust access to on-premises apps for cloud users, an Identity Abstraction layer to better manage identity in a multicloud setting, and a Connector Catalog to integrate identity systems from popular cloud and identity management systems. Strata was founded in 2019.

SynSaber

Launched on July 22, 2021, SynSaber offers an industrial asset and network monitoring solution. It promises to provide “continuous insight and awareness into the status, vulnerabilities, and threats across every point in the industrial ecosystem, including IIoT, cloud, and on-premises.” SynSaber was founded by former Dragos and Crowdstrike leaders. 

Talon Cyber Security

Talon, launched in early 2021, sells a security-centered browser designed for enterprises with distributed workforces. It claims to isolate any work-related browsing activity from potential malware in the device with the aim to protect the browser against zero-day exploits and data leakage. It also provides security across all SaaS services used by the organization. 

Traceable

Traceable bills its main AI-based product as a cross between a web application firewall and run-time application self-protection. It claims to offer accurate detection and blocking of threats by monitoring application activity and continuously learning to distinguish normal from malicious activity. The product integrates with API gateways. Traceable was founded in July 2020.

TrustLogix

TrustLogix offers a data security governance platform that helps manage access across cloud and on-premises systems. It claims to provide a single view of data from an access and privacy perspective as well as data discovery and monitoring features and “fine-grained” access controls. TrustLogix promises the ability to work at scale while maintaining good performance because of its proxyless, agentless architecture. The company was founded in late 2019.

Wiz

Founded by the team that led Microsoft’s Cloud Security Group, Wiz provides a multicloud security solution designed to work at scale. The company claims its product can analyze all layers of the cloud stack to identify high-risk attack vectors and provide insight that allows for better prioritization. Wiz takes an agentless approach and can scan all virtual machines and containers. Wiz emerged from stealth mode in 2020.