The problems cybersecurity startups attempt to solve are often a bit ahead of the mainstream. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovative faster because they are unfettered by an installed base.
The downside, of course, is that startups often lack resources and maturity. It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor relationship. The rewards, however, can be huge if it gives that company a competitive advantage or reduces stress on security resources.
The vendors below represent some of the most interesting startups (defined here as a company founded or emerging from stealth mode in the past two years).
[Editor’s note: This article, originally published February 4, 2022, is periodically updated as new startups emerge.]
Recently emerging from stealth, 443ID offers a real-time risk API for open-source intelligence (OSINT) data. OSINT Risk produces a score that rates an individual’s or entity’s risk to a business based on signals that the customer chooses. Customers may start with 443ID-provided templates or custom build their own. The product then drives workflows through the authentication process, triggering actions such as a secondary authentication factor depending on the risk score.
BastionZero offers a cloud service that uses a “cryptographic multi-root zero-trust protocol” that the company claims provides more secure remote access without the need for privileged access. By “multi-root,” it means that BastionZero splits control of targets between a single sign-on (SSO) solution and its own service. two roots of trustIts service integrates with Linux, Kubernetes, webservers, databases, and SSO tools. BastionZero was founded in 2020.
Blueshift Cybersecurity offers an extended detection and response service for small- to medium-sized (SMB) businesses and the defense industry. Blueshift XDR provides its unique detection and prevention capabilities as a service with a 24/7/365 security operations center (SOC). It uses layered security, advanced automation and machine learning to prevent, repel and remediate cyber threats. The company was founded in 2021.
Cado’s main product is a cloud investigation and response platform, Cado Response, that provides forensic-level detail into cloud, container and serverless environments. It automatically collects data from cloud provider logs, disk storage, memory, and other sources. Patent-pending parallel-processing technology allows for faster processing of that data. Rulesets and reports are customizable. Cado was founded in 2020.
Emerging from stealth this February, Canonic Security offers a third-party SaaS app governance platform that allows organizations to test third-party apps in a sandbox before they are put into a production environment. The Israel-based company claims its platform can identify over-privileging, what the app connects to, and whether it has been compromised. It can also test functionality to determine if it does what the vendor claims.
Launched in December 2020 and emerging from stealth in March 2022, Cider Security sells what it calls the world’s first AppSec operating system. The platform provides security teams with a unified view of the engineering ecosystem, including the technologies, systems and processes unique to every engineering environment. It also offers controls and solutions to optimize security and achieve resilience across the CI/CD pipeline from code to deployment. Cider claims the platform will eliminate friction between security and engineering teams,
Cyera offers a cloud-native data security platform that can discover data across all cloud instances and datastores to identify which of it is most sensitive. The goal is to help companies assess cloud security risk and better enable remediation efforts. It also offers advice for what actions to take to mitigate risks. Cyera emerged from stealth mode on March 29 and was founded in 2021.
As organizations use more software-as-a-service (SaaS) platforms, security teams can find it hard to monitor and guard against the risks they present. Grip Security’s product promises to provide greater visibility across all SaaS platforms used in an organization. According to the company, this allows for better enforce security policies and identify security blindspots. The Grip platform can work standalone or with a cloud access security broker (CASB).
The cloud-native JupiterOne cyber asset attack surface management platform promises to bring more context to a range of security processes including vulnerability management, compliance, and identity and access management (IAM). The company also claims that its platform can better enable organizations to comply with security regulations. Enabling this are JupiterOne’s integration capabilities, which allow it to work within the existing security environment.
Visibility into data assets across the cloud has been difficult for security teams. Laminar claims its Cloud Data Security Platform provides observability across the entire public cloud, and that it prevents data leakage from “everything that you build and run in the cloud.” The agentless product can discover, classify and control data, as well as detect and remediate risks, according to Laminar. The company emerged from stealth mode in November 2021.
Lightspin offers a cloud-native application protection platform (CNAPP) that the company claims can identify, prioritize and remediate attack paths within the cloud stack. The platform will work in any cloud hosting environment including Amazon Web Services (AWS), Azure and Google Cloud Platform (GCP). The Lightspin platform works across all phases of DevOps. For example, it can perform IaC and API scanning during build, identify misconfigurations and exposed secrets during production, and provide malware and runtime protection during runtime.
Neosec provids a SaaS platform for application security. It is designed for organizations that expose its APIs to third parties. The platform allows for greater visibility into the entire API dataset to better understand user-entity relationships or potential threats, and the overall API landscape. Neosec stores historical data for threat hunding or for future use after a security event. Neosec was founded in 2020.
Noetic Cyber sells what it calls a “continuous cyber asset management and controls platform.” The company claims that this platform can provide greater visibility into the network, improved controls monitoring, and a better understanding of the relationship network entities. On the last point, Noetic’s platform can map relationships among assets to help identify security gaps. Noetic also offers integration with orchestration and automation workflows.
Israeli company OneLayer emerged from stealth mode on March 15. It offers a platform to provide security to LTE/5G cellular networks. The company claims its product can provide visibility into assets connected to the network, automate enforcement of corporate NAC policies, detect and respond to anomalous device behavior or traffic, and “zero trust” authentication while enabling new devices.
Tracking what Polar Security calls “shadow data” across the cloud can be a challenge. The company attempts to meet that challenge with its data security posture management (DSPM) solution, which it claims is the first automated data security and compliance platform. According to Polar Security, its platform will automatically map and follow data and data workflows of cloud-native data to better prevent vulnerabilities and meet regulatory compliance. Once the platform identifies data, an automated labeling feature allows for classifying sensitive data.
QuSecure officially launched on May 19, 2022, with what it claims as the first end-to-end quantum resilient orchestration platform. Nucleus Platform is post-quantum cryptography software designed to protect encrypted communications and data using a quantum-secure channel. It protects against known vulnerabilities using zero trust, next-generation encryption, active monitoring, and attack remediation deliverd by the cloud to devices and over existing infrastructure.
Emerging from stealth mode on May 24, Red Access offers a SaaS solution that promises to “make every web session secure.” That protection applies to all web applications, browsers and devices. The company claims its service can inspect and analyze both cloud and endpoints to block threats to browsing, files, identity and data. The service has an agentless architecture that Red Access says enables quick deployment and helps create a good user experience.
Red Vector, which made its public debut at this year’s RSA conference, offers a n automated platform called Fulcrum to manage insider threat risk. Fulcrum “synthesizes behavioral, information technology, and open-source intelligence data to perform advanced predictive analysis on key indicators of threat and risk.” The company also offers solutions targeted to critical infrastructure sectors.
Revelstoke offers what it claims is the first low-code security orchestration, automation and response (SOAR) platform. The company’s aim is to simplify the implementation and management of SOAR. It does so by offering low-code playbooks to automate security processes, pre-built integrations built on a unified data layer, case management though what it calls “guided investigations”, and a dashboard-based user interface.
Launched in 2020, SafeBase’s Smart Trust Center claims to simplify security and compliance reviews, more easily communicate a company’s security posture, and automate non-disclosure agreements (NDAs). Its goal is to speed the sales process at a time when corporate customers have heightened concerns about third-party risk. SafeBase claims the Smart Trust Center can automate access and provide compliance information for security and privacy standards and regulations such as SOC2, GDPR and HIPAA.
Seemplicity claims to automate, optimize and scale all risk reduction workflows into a single workspace. It integrates with all commercial and open-source scanners, providing a normalized, aggregated list of findings. Seemplicity also automates identification of remediation owners and tracks remediation progress. All workflows can be customized to the needs of a given security team. Seemplicity was founded in 2020.
The Sevco cloud-native security asset management platform promises to provide real-time asset intelligence to better identify security gaps. Its goal is to give a more complete picture of all the security tools deployed across the enterprise. Sevco’s asset telemetry technology maintains change event records of assets and key attributes for use in investigations and tracing. Sevco was founded in 2020.
StrikeReady recently came out of stealth mode with two products: Cognitive Security Platform, a cloud-based securuty and operations management platform, and Cyber Awareness and Response Analyst (CARA). The company claims that CARA is the world’s first digital cybersecurity analyst, and it is the engine behind the Cognitive Security Platform. CARA “learns in read-time from the institutional knowledge and practical experience of defenders around the world” to assist security teams to better manage incidents and alerts, and to better understand the threat landscape.
Talon claims to have created the first enterprise browser designed to provide a high level of security for distributed workforces. It does so through policies, which can be custom or selected from a predefined list. The browser can be deployed with a single integration and the company promises no additional operational overhead. Talon was founded in 2021.
The Torq no-code platform was designed for security automation. Workflows may be set up through a drag-and-drop designer, but the platform also includes hundreds of templates. The company claims the platform can connect to any security tool. Torq and its workflows may be used for threat hunting, phishing detection and response, identity lifecycle management, cloud security posture management, and more. The company was founded in 2020.
Copyright © 2022 IDG Communications, Inc.