Latest Trending
Last Updated, Apr 1, 2023, 6:05 AM
Top 60 Cybersecurity Startups to Watch
Share This


Despite economic headwinds and softening venture capital (VC) funding. information security products and services remain in high demand, and promising cybersecurity startups can still land eye-popping funding rounds.

VCs invested $15.3 billion in cybersecurity startups in 2022, according to Crunchbase. While that’s down significantly from a record $22.8 billion in 2021, it’s still up 68% from 2020.

This article looks at the top 70 cybersecurity startups to watch in 2023 based on their innovations in new and emerging technologies, length of operation, early funding rounds, scalability, and more. You’ll find more detail beginning in our section on cybersecurity startup trends below.

We’ll start with the top 20 startups overall and then look at other noteworthy startups in a number of markets, including threat detection, identity, DevSecOps, cloud security, and attack surface management.

Also read:

Table of Contents

Top 20 Cybersecurity Startups 

Startup Est Headquarters Staff Funding Round
Apiiro Security 2019 Tel Aviv, Israel 65 $135.0 B
Bishop Fox 2005 Phoenix, AZ 382 $154 B
BluBracket 2019 Palo Alto, CA 27 $18.5 A
Cado Security 2020 London, UK 37 $31.5 A
Confluera 2018 Palo Alto, CA 22 $29.0 A
Cycode 2019 Tel Aviv, Israel 96 $80.6 B
Deepwatch 2015 Tampa, FL 386 $256 C
Drata 2019 San Diego, CA 332 $328.2 C
Fortanix 2016 Silicon Valley, CA 205 $135.3 C
Huntress Labs 2015 Ellicott City, MD 201 $99.8 Debt
Immersive Labs 2017 Bristol, UK 374 $189 C
Laika 2019 New York, NY 188 $98 C
NetSPI 2001 Minneapolis, MN 349 $500 Private Equity
Open Raven 2019 Los Angeles, CA 45 $19.1 A
Perimeter 81 2018 Tel Aviv, Israel 238 $165.0 C
Salt Security 2016 Silicon Valley, CA 202 $271 D
Saviynt 2011 Los Angeles, CA 989 $375 Debt
Socure 2012 Incline Village, NV 545 $741.9M Debt
Vanta 2017 San Francisco, CA 335 $203 B
Versa Networks 2012 San Francisco, CA 629 $316.3 Private Equity
Apiiro Security icon

Apiiro Security

Claiming to be the world’s first Code Risk Platform, Apiiro Security offers risk visibility across design, code, and cloud segments. Apiiro can connect across hybrid infrastructure through a read-only API and promises real-time inventory and actionable remediation for risks in addressing DevSecOps.

Read more: And the Winner of the 2021 RSAC Innovation Contest is…

Bishop Fox

Bishop Fox icon

Bishop Fox is a cybersecurity consulting firm that provides expert services in penetration testing, vulnerability assessments, and security consulting. A $129 million funding round last year brought a renewed growth focus to this 18-year-old firm. Their services help organizations identify security vulnerabilities, assess risk, and develop effective security strategies. Bishop Fox’s team of experts includes former NSA operators, ethical hackers, and security researchers.

BluBracket icon

BluBracket

As source code exploits become a growing concern, BluBracket offers a deep scan of organization codebases for enhanced visibility into code mistakes, lingering tokens, and problematic commit history. Clients can use BluBracket’s Risk Score to measure vulnerability and take informed steps to improve application security.

Cado icon

Cado Security

Cado Security made a name by offering the first cloud-native forensics and response platform. The Cado Response platform gives security teams the capability to respond to threat incidents in cloud or container environments rapidly. Most traditional tools used for investigating cyber attacks cannot assess potential impacts on these environments.

Confluera icon

Confluera

Confluera focuses on another attractive factor for remote workforces — autonomy. The cybersecurity startup offers an extended detection and response (XDR) solution that tracks network traffic and automatically combines the information with machine-comprehended threat detection. It uses this data to show a complete narrative of an attack in real time.

Cycode icon

Cycode

In a time of growing supply chain attacks, Cycode is a startup filling the vulnerability gap often present in the software supply chain and DevOps pipeline. Cycode focuses on all phases of the software development lifecycle (SDLC) with solutions for Infrastructure as Code, source control and code leakage, hardcoded secrets, and code tampering.

Also read: SBOMs: Securing the Software Supply Chain

Deepwatch icon

Deepwatch

Deepwatch provides intelligence-driven managed security services, offering 24/7 threat detection, response, and compliance solutions. The platform combines advanced technology, human expertise, and global threat intelligence to identify and mitigate cyber threats in real time. Deepwatch’s services are designed to help organizations of all sizes reduce their cybersecurity risk.

Drata icon

Drata

Drata is a compliance automation platform that streamlines the compliance process for organizations. The platform provides continuous monitoring, risk assessment, and reporting to maintain compliance with industry standards and regulations, including SOC 2, HIPAA, and PCI DSS. Drata’s automated approach reduces the time and cost of achieving and maintaining compliance.

Fortanix icon

Fortanix

Fortanix is a provider of confidential computing solutions that help organizations protect their sensitive data and applications from insider and external threats. The platform uses hardware-based security technologies such as Intel SGX to secure data and applications throughout their lifecycle, including while in use. Fortanix’s solutions enable organizations to maintain control of their data and protect against advanced threats.

Huntress Labs icon

Huntress Labs

Huntress Labs is a provider of advanced threat detection and response solutions for MSPs and SMBs. Their platform provides continuous monitoring and detection of security threats on endpoints and servers, enabling MSPs to proactively protect their clients’ environments. Huntress Labs’ solutions are easy to deploy and use, and provide actionable insights into security risks.

Immersive Labs icon

Immersive Labs

Immersive Labs is a cybersecurity training platform that helps organizations train and upskill their employees in a gamified and engaging way. The platform offers a range of interactive cybersecurity scenarios and simulations that enable learners to develop practical skills in a safe, virtual environment. Immersive Labs’ platform can be customized to fit each organization’s specific needs.

Laika

Laika icon

Laika bills itself as a “complete compliance solution” that includes workflows, advanced automations, auditing, penetration testing, and AI-powered vulnerability management to automate the process of identifying and prioritizing security vulnerabilities in enterprise environments. The platform uses machine learning to analyze and classify vulnerabilities based on severity, exposure, and potential impact, enabling organizations to prioritize remediation efforts more effectively.

NetSPI

NetSPI icon

NetSPI is a leading provider of penetration testing and vulnerability assessment services. One of the oldest companies on this list, NetSPI’s eye-popping $410 million funding from KKR last year lande the company on this list. NetSPI’s services help organizations identify and mitigate security risks in their networks, applications, and infrastructure. A team of experts uses a combination of automated and manual testing techniques to identify vulnerabilities and provide actionable recommendations for improving security posture.

Open Raven icon

Open Raven

Open Raven is committed to data security visibility and compliance for the cloud and brings impressive cybersecurity industry experience to the table. Open Raven analyzes data at rest, classifies inventory, and automates data governance as these become critical capabilities for the hybrid infrastructure’s security posture.

Perimeter 81 icon

Perimeter 81

Perimeter 81 is already a well-known vendor and offers a robust security stack that includes zero trust, SASE, FWaaS, and SD-WAN solutions. Clients can take advantage of Perimeter 81’s industry-leading technologies related to unified networking and security while capitalizing on the least privileged access trend.

Salt Security icon

Salt Security

Salt Security is a provider of API security solutions that help organizations protect their APIs from attacks and breaches. Their platform uses advanced machine learning algorithms to identify and block attacks in real-time, while also providing detailed insights into API usage and security risks. Salt Security’s solutions are easy to deploy and integrate with existing security infrastructure.

Saviynt icon

Saviynt

Saviynt is a cloud-based identity and access governance (IAG) platform that helps organizations manage user identities, entitlements, and access privileges across cloud and on-premises applications. Their platform uses artificial intelligence and machine learning to automate IAG processes and reduce risk. Saviynt’s solutions are designed for enterprises in various industries, including financial services, healthcare, and retail.

Socure icon

Socure

Socure offers digital identity verification solutions that use artificial intelligence and machine learning to authenticate the identities of individuals in real time. The platform helps businesses prevent fraud, reduce risk, and enhance the customer experience. Socure serves a wide range of industries, including financial services, healthcare, and e-commerce.

Vanta icon

Vanta

Vanta is a security and compliance automation platform that simplifies the process of achieving and maintaining compliance certifications such as SOC 2, ISO 27001, and HIPAA. The platform automates the collection of evidence, streamlines audit preparation, and provides continuous monitoring to ensure ongoing compliance. Vanta’s platform is easy to use and can be deployed in minutes.

Versa Networks icon

Versa Networks

Versa Networks is a leading provider of secure SD-WAN solutions that enable organizations to optimize their WAN connectivity while maintaining a strong security posture. Their platform provides centralized visibility and control over network traffic and allows for the implementation of security policies across the entire network.

Read more: Top Enterprise Network Security Tools

Best Threat Detection Startups

Startup Est Headquarters Staff Funding Round
Anvilogic 2019 Palo Alto, CA 68 $39.4 B
Cyble 2019 Alpharetta, GA 112 $14.6 A
SenseOn 2017 London, UK 76 $26.4 A
SnapAttack 2021 Columbia, MD 24 $8.0 A
Stairwell 2019 Palo Alto, CA 49 $24.5 A
Anvilogic icon

Anvilogic

Anvilogic’s namesake platform offers continuous assessment, detection automation, and hunt, triage, and response capabilities for security teams. Designed to automate SOC operations and reduce alert noise, Anvilogic is a no-code, user-friendly solution with out-of-the-box policies aligned to the MITRE ATT&CK framework.

Cyble icon

Cyble

Powered by machine learning and human analytics, Cyble is a threat intelligence startup offering solutions for attack surface management, third-party risk scoring, and monitoring for brand reputation and dark web exposure. Cyble Vision can integrate with an existing SIEM or SOAR and provide incident response, threat analysis, and vulnerability management.

Also read: Top Endpoint Detection & Response (EDR) Solutions

SenseOn icon

SenseOn

SenseOn is a cybersecurity startup with an “AI Triangulation” technology that emulates actual security analyst behavior for detection, investigation, and response. SenseOn products are available as a network appliance, lightweight endpoint agent, or cloud-hosted microservices, with an Enterprise solution for deployment across multiple global sites.

SnapAttack icon

SnapAttack

SnapAttack is a threat hunting and detection startup recently spun out from Booz Allen’s DarkLabs incubator. SnapAttack seeks to empower clients with proactive threat intelligence, behavioral analytics, and attack emulation through a collaborative platform. Enterprise and service providers are currently available, with a free community subscription coming soon.

Stairwell icon

Stairwell

Stairwell is an advanced threat detection startup presenting its Inception platform for threat intelligence, SOC functionality, and incident response capabilities. Inception helps collect files across environments, analyze historical and real-time data, investigate abnormal behavior, and connect security systems through the Inception API.

Best DevOps and AppSec Startups

GitGuardian icon

GitGuardian

GitGuardian is a developer favorite offering a secrets detection solution that scans source code to detect certificates, passwords, API keys, encryption keys, and more. Ranked as the top-downloaded security app on GitHub, GitGuardian’s products include solutions for internal repository monitoring and public repository monitoring for prompt remediation.

Evervault icon

Evervault

Evervault is on a mission to make encrypting sensitive data seamless with its security toolkit for developers. The developer-friendly startup offers Relay to encrypt field-level data and codes to isolate and process code as needed. With robust encryption policies, Evervault can help reduce insurance premiums and offers PCI-DSS and HIPAA compliance automation.

Also read: Top Code Debugging and Code Security Tools

Satori icon

Satori

Satori is a data access startup for monitoring, classifying, and controlling access to sensitive data. Satori’s platform creates a layer of protection and visibility between data users and data stores to guard against vulnerabilities related to transferring sensitive data. Ultimately, Satori aims to provide data access control, visibility into usage and traffic, and compliance fulfillment.

Ubiq Security icon

Ubiq Security

Ubiq Security offers an API-based platform that integrates data encryption directly into application development. Without the need for experienced developers, encryption expertise, or excessive manual hours, Ubiq Security makes securing applications during the development process seamless, allowing personnel to focus on what’s most important.

Wabbi icon

Wabbi

Wabbi is a cybersecurity startup with a continuous security platform offering solutions for managing vulnerabilities, application security policies, and release infrastructure. As rapid software development is the new norm, Wabbi aims to help organizations securely deliver software to clients and achieve continuous authority-to-operate (ATO).

Best Cloud Security Startups

Startup Est Headquarters Staff Funding Round
Araali Networks 2018 Fremont, CA 15 Seed
DoControl 2020 New York, NY 65 $43.4 B
Ermetic 2019 Palo Alto, CA 171 $97.3 B
Grip Security 2021 Tel Aviv, Israel 63 $25.0 A
Isovalent 2017 Mountain View, CA 81 $29.0 A
Lightspin 2020 Tel Aviv, Israel 81 $20.0 A
Mitiga 2019 Tel Aviv, Israel 96 $32.0 A
Privafy 2019 Burlington, MA 84 $22.0 Venture
Strata 2019 Boulder, CO 45 $37.5 B
Valence Security 2021 Tel Aviv, Israel 40 $32.0 A
Araali Networks icon

Araali Networks

To secure cloud-native workloads, Araali Networks offers identity-based threat management to prevent malicious communications and data leaks. With a trio of products, customers can choose from Lens for visibility into cloud infrastructure, Sense for actionable alerts and risk prioritization, and Shield for protecting vulnerable applications.

DoControl icon

DoControl

DoControl is a startup specializing in SaaS data access control with a platform offering cloud asset management, automated security workflows, and continuous cloud infrastructure monitoring. As organizations increasingly rely on SaaS applications for data storage and transfer, DoControl helps guard against unauthorized access of sensitive data.

Ermetic icon

Ermetic

Ermetic’s cloud security platform brings together cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) to give clients an identity-first, multi-cloud security solution. With cloud asset management, organizations can gain visibility, assess risks across traffic, and automate remediation for anomaly and threat detection.

Grip Security icon

Grip Security

Grip Security boasts a solution that beats traditional cloud access security brokers (CASB), providing clients with a complete SaaS inventory upon deployment for visibility, governance, and data security. No matter the device or location, Grip’s solution helps enhance and automate security policy enforcement across an organization’s cloud infrastructure.

Isovalent icon

Isovalent

Isovalent’s flagship product, Cilium, is powered by the open-source eBPF kernel technology and offers infrastructure services for networking, monitoring, and security for organizations. Isovalent’s solutions were designed with scale in mind to secure mission-critical and complex workloads in cloud environments, including Kubernetes.

Lightspin icon

Lightspin

Lightpsin is a cloud-native application protection platform (CNAPP) offering agentless tools to protect cloud and virtual environments, including Kubernetes infrastructure. With graph-based analytics into existing relationships, the startup’s solutions help visualize prospective attack routes so clients can prioritize sensitive remediation within their cloud stack.

Mitiga icon

Mitiga

To accelerate investigation, response, and time to recovery, Mitiga is the cloud incident response company offering emergency IR, ransomware readiness, and incident readiness and response. By capturing and processing cloud forensic data, Mitiga’s IR experts can help clients proactively manage vulnerabilities and breaches from a central crisis management dashboard.

Privafy icon

Privafy

Privafy aims to serve a valuable corner of the market – securing data in motion. As up to 80 percent of data breaches occur while data moves between cloud networks, Privafy offers security for cloud infrastructure as well as a list of edge computing solutions to securely deploy IoT devices and edge networks in the years to come.

Strata Identity icon

Strata Identity

Strata Identity offers an identity orchestration solution, the Maverics Platform, which aims to solve enterprise organizations’ complex identity and access management (IAM) problems. By integrating identity systems across the modern infrastructure, organizations can easily create and replicate orchestrations for apps.

Valence Security icon

Valence Security

Valence Security’s focus is the third-party integration risks presented by a universe of cloud applications used for business workflows. With the rise of the SaaS to SaaS supply chain, as Valence calls it, organizations need visibility into application interactions. Through its platform, Valence brings workflows, permission scopes, API keys, and OAuth access tokens to light.

Read more: Cloud-based security: SECaaS

Best Cyber Asset and Attack Surface Management Startups

Horizon3 icon

Horizon3.Ai

Horizon3.ai presents its solution, the NodeZero, as Autonomous Penetration Testing as a Service (APTaaS) for identifying an organization’s potential attack vectors. Whether on-premises, cloud, IoT, internal, or external attack surfaces, NodeZero can identify vulnerable controls, maximize security infrastructure, and leverage the latest threat intelligence.

JupiterOne icon

JupiterOne

JupiterOne is a cyber asset management startup providing clients with a cloud-native solution for insights into relationships, governance and compliance, and empowering security engineering. JupiterOne helps aggregate cyber assets for central visibility and faster investigations with increasing complexity in security operations and assurance.

Noetic Cyber icon

Noetic Cyber

Noetic Cyber offers a continuous cyber asset management and controls platform to give clients a comprehensive view of systems, policies, and the relationship between entities. Real-time visibility means organizations can identify and act on misconfigurations and coverage gaps and maximize existing infrastructure with a proactive remediation strategy.

Randori icon

Randori

Randori bills itself as the world’s first automated breach and attack simulation (BAS) platform. By mirroring malicious attackers in a real-world attack, Randori provides an up-to-date assessment of an organization’s attack surface and identifies vulnerabilities and their potential impacts.

Sevco Security icon

Sevco Security

Sevco Security is a cloud-native cyber asset and attack surface management platform offering a real-time inventory of assets, multi-source correlation, and asset telemetry to support incident response workflows. With robust visualizations of network devices and traffic, Sevco’s agentless asset intelligence platform gives network administrators the visibility to identify and remediate coverage gaps.

SpiderSilk

SpiderSilk offers an impressive proprietary internet scanner that maps out a company’s assets and network attack surface to detect vulnerabilities. Over the years, SpiderSilk’s research has informed several high-profile breaches, and for clients, the vendor can simulate cyberattacks to ensure organizations take preventive measures before the real thing.

Also read: Overcoming Zero Trust Security Challenges

Best Identity & Access Management Startups

Startup Est Headquarters Staff Funding Round
Authomize 2020 Tel Aviv, Israel 70 $22.0 A
Cerby 2020 San Francisco, CA 53 $15.5 Seed
Deduce 2019 New York, NY 35 $17.3 Seed
SafeBase 2020 San Francisco, CA 33 $18M A
Securden 2018 Delaware, OH 62 $11.7 A
Truora 2018 Cali, Colombia 147 $18.7 A
Authomize icon

Authomize

Authomize is the cloud identity and access security platform designed to map all identities and assets across XaaS environments. Putting observability first, Authomize continuously monitors security policies to identify exposed assets, entitlement escalation paths, and hidden and unmonitored permissions. Authomize utilizes an AI-based engine to manage and automate remediation for clients’ Authorization Security Lifecycle.

Cerby icon

Cerby

Cerby is on a mission to wrangle unmanageable applications, otherwise known as shadow IT — or the universe of apps employees use without permission from the IT department. Through application APIs and robotic process automation (RPA), Cerby helps automate access corresponding to managed identity platforms like Okta and Azure AD while monitoring for application misconfigurations that violate security policies.

Deduce icon

Deduce

Deduce is an identity-focused cybersecurity startup with two core solutions: Customer Alerts for protecting users and their data from account takeover and compromise, and Identity Insights for validating legitimate users and stopping fraud. Deduce offers actionable identity intelligence through event-level telemetry to act against abnormal user activity.

SafeBase icon

SafeBase

SafeBase is a trust-focused security platform streamlining the third-party risk management process between companies. Through the Smart Trust Center, companies can quickly share their private documents, compliance policies, risk profile, and product security details. SafeBase’s stack of features covers enterprise authentication, role-based access, security questionnaires, and auto-populated NDA templates.

Securden icon

Securden

Securden is the privileged access governance upstart offering companies password management, privilege management for endpoints and servers, secure remote access, and endpoint application control. Designed for least privilege and zero trust security architectures, Securden specializes in privilege management for Windows-centric organizations and data centers.

Truora icon

Truora

A leading startup hailing from Latin America, Truora offers a stack of solutions to simplify and secure user interactions. On top of solutions for chatbots, electronic signatures, and employee background checks, Digital Identity by Truora helps organizations quickly and safely verify online identities by validating documents, email, and phone, facial recognition, and more.

Best Remote Access Security Startups

BastionZero icon

BastionZero

BastionZero is the Infrastructure Access as a Service company helping organizations configure, manage, and secure access controls to hybrid infrastructure targets. Through a central cloud console, engineers can authenticate and access all servers, containers, clusters, and databases. Designed to remove the hassle of VPNs, BastionZero offers passwordless access, identity-aware logging, SSO, and MFA.

Tailscale icon

Tailscale

Building off the open source WireGuard protocol, Tailscale is a VPN service that utilizes a peer-to-peer mesh network, or “tailnet,” and removes the central gateway server for network traffic. Tailscale allows companies to integrate existing SSO and MFA solutions, define role-based access controls for sensitive targets, and ensure network traffic meets compliance policies through log audits.

Talon Cyber Security icon

Talon Cyber Security

As organizations increasingly adopt remote personnel, Talon Cyber Security addresses web and browser-based threats with a secure, corporate browser. Based on Chromium OS, Talon’s browser-centric security solution aligns with its larger strategy to protect the distributed workforce and enable secure access to hybrid infrastructure.

Twingate icon

Twingate

In the race to replace traditional VPNs, Twingate offers a secure zero-trust network access (ZTNA) for computers, servers, and cloud instances. Twingate allows network administrators to map resources, approve users for resources, and connect to any device from anywhere. Easy to integrate into existing infrastructure, Twingate includes identity-indexed analytics, universal MFA, and built-in split tunneling.

Best Compliance & Governance Startups

Startup Est Headquarters Staff Funding Round
Dasera 2019 Mountain View, CA 30 $9.0 Seed
Ethyca 2018 New York, NY 39 $27.5 A
Strike Graph 2020 Seattle, WA 52 $11.9 A
Unit21 2018 San Francisco, CA 159 $47.0 B
Dasera icon

Dasera

Dasera is the data governance platform offering continuous policy enforcement, automated audits, and access to more data to inform decision-making. Monitoring for misconfigurations, cloud data stores, and change management across hybrid infrastructure, Dasera reduces manual workloads and ensures security while sharing data with necessary stakeholders.

Ethyca icon

Ethyca

Ethyca is compliance-focused as regulatory enforcement becomes an essential part of data privacy. With Ethyca, clients get a bundle of tools for privacy by design in the development process. Ethyca can automate compliance tasks, including real-time data mapping, automated subject requests, consent management, and subject erasure handling.

Strike Graph icon

Strike Graph

Strike Graph is the cybersecurity compliance helping companies meet a long list of security frameworks, including SOC 2, ISO 27001 and 27701, HIPAA, GDPR, CCPA, and PCI DSS. From certification readiness to dedicated Audit Success Managers, Strike Graph can help companies automate evidence collection, streamline security questionnaires, and challenge vulnerabilities through penetration testing.

Unit21 icon

Unit21

Boasting a simple-to-use API and dashboard, Unit21 is a hot startup for enterprise organizations looking to mitigate fraud and money laundering risks without needing extensive engineering personnel. Unit21 is a no-code platform with operations and case management solutions, transaction monitoring, identity verification, and analytics and reporting for compliance.

See the Top Governance, Risk & Compliance (GRC) Tools

Other Top Cybersecurity Startups

Startup Est Headquarters Staff Funding Funding Type
BreachQuest 2021 Dallas, TX 30 $4.4 Seed
Cape Privacy 2018 New York, NY 30 $25.0 A
Cowbell Cyber 2019 Pleasanton, CA 246 $123.3 B
Havoc Shield 2019 Chicago, IL 13 $5.2 Unknown
Hook Security 2019 Greenville, SC 16 $1.6 A
Neosec 2021 Palo Alto, CA 59 $20.7 A
Nucleus Security 2018 Sarasota, FL 66 $23.1 B
Shift5 2019 Arlington, VA 89 $72.5 B
SolCyber 2017 Dallas, TX 24 $20.0 A
Torq 2020 Portland, OR 112 $78M B
BreachQuest icon

BreachQuest

BreachQuest is a digital forensics and incident response (DFIR) startup preparing to launch its Priori Platform for active continuous monitoring, detection, and recovery capabilities. With plenty of cybersecurity experience at the helm — including NSA, DoD, and U.S. Cyber Command — BreachQuest has client preparedness for attacks top of mind.

Cape Privacy icon

Cape Privacy

Cape Privacy addresses secure communication between organizations by building machine learning models on encrypted data. Currently ideal for industries like financial services managing sensitive data, Cape Privacy’s Snowflake is an innovative multi-party computation (MPC) platform that prevents single points of failure and ensures compliance.

Cowbell Cyber icon

Cowbell Cyber

Cowbell Cyber is a dedicated cyber insurance company that relies on continuous risk assessment, AI data analytics, and real-time underwriting to give clients pre- and post-breach services. The risk management startup offers visibility into exposures dubbed Cowbell Factors, giving clients opportunities for potential remediation and better coverage.

Havoc Shield icon

Havoc Shield

Designed for small businesses, Havoc Shield offers clients a suite of cybersecurity tools to manage cybersecurity programs with confidence. In a single bundle, Havoc Shield’s stack covers asset inventory, vulnerability management, endpoint protection, patch management, email security, cyber awareness training, and vendor risk management.

Hook Security icon

Hook Security

The eponymous Hook Security specializes in phishing testing and security awareness training to transform workforce culture surrounding cybersecurity. Available as a managed service or self-managed solution, Hook Security’s solutions include a customizable phishing simulator, learning management system, reporting, and a catalog of available awareness training content.

Neosec icon

Neosec

Neosec is a cybersecurity startup using behavioral analytics to address rising concerns surrounding vulnerabilities in APIs. By maintaining an inventory of an organization’s APIs, Neosec can determine the risk posture presented by a critical portion of the traffic. Neosec’s leadership has strong industry roots, further supporting the vendor’s likelihood of success.

Nucleus Security icon

Nucleus Security

Nucleus Security is a risk-based vulnerability management platform offering risk scoring and reporting, asset management, and vulnerability intelligence. Sitting at the intersection of threat intelligence, asset management, and vulnerability scanning data, Nucleus offers a central hub with over 100 security integrations to optimize visibility into cybersecurity coverage gaps.

Shift5 icon

Shift5

In the vendor’s own words: “We protect planes, trains, and tanks from cyber attacks.” Specializing in cybersecurity solutions for operational technology (OT), Shift5 offers protection for the world’s transportation infrastructure and weapons systems. Shift5 continuously monitors data intake from hardware and software to visualize critical insights, detect anomalies, and prevent intrusions.

SolCyber icon

SolCyber

SolCyber is the newest managed security service provider (MSSP) on the block to reduce cyber risk, wastage, and complexity. Led by a C-suite with solid industry and technical experience, SolCyber currently offers foundational and extended coverage to meet varying needs in building out cybersecurity systems and adequate SOC capabilities.

Torq

Torq icon

Torq is the no-code security automation platform for building and integrating workflows between cybersecurity systems. With a long and impressive list of potential use cases, teams can utilize Torq to automate security workflows related to cloud security posture management, email phishing response, application security, data security, and more. For example, companies with existing EDR, XDR, and SIEM systems can automate threat hunting workflows with Torq.

Also read: Choosing a Managed Security Service: MDR, Firewalls & SIEM

Investor Considerations for Cybersecurity Startups

Potential To Scale, Lean R&D

Scalability will always be one of the most critical factors for investing in a successful startup. When there are growth opportunities, startups should and usually do capitalize on them.

Investors are also looking for startups that can continue to improve their products without the need for substantial capital investment. Lean research and development (R&D) show efficiency, even with limited resources. Investors can evaluate how the product and business model evolve before investing more capital. This fact makes any startup’s quality of personnel and leadership a critical factor in the organization’s success.

A Solid Business Plan

Another factor investors have always looked for is an air-tight business plan. They want assurance that there is a marketable problem that the product solves. Investors also want to see financial reports and revenue growth projections backed up by market analysis.

Compliance Mindset

Regulatory compliance, such as HIPAA, GDPR, and CCPA, is essential for organizations collecting and protecting user information, including virtually all enterprise-level companies. Investors will be looking for startups that can ensure customers will maintain compliance.

Remote Work Experts

Remote work is and will continue to be, for the foreseeable future, a top-of-mind factor for venture capitalists. Even with vaccines, a largely remote workforce is likely here to stay.

Startups that can immediately impact the remote worker ecosystem will garner much attention. Specifically, startups with SaaS (software-as-a-service), those that provide automation, and products that include endpoint protection will fall into this category.

As organizations, clients, and end-users increasingly rely on cyberinfrastructure, the need to protect these systems will only deepen.

Given the relative newness of IT industries at large, cybersecurity remains a budding marketplace with plenty of opportunities for new vendors. Some of the best cybersecurity companies are longtime technology stalwarts. Still, many have proven the right solution and service can catch on fast with eager investors ready to help worthy startups scale.

Most Popular Cybersecurity Startup Solutions in 2023

  • Application Security
  • Attack Surface Management
  • Cloud Security
  • Cyber Asset Management
  • Digital Forensics and Incident Response
  • Identity and Access Management
  • Governance, Risk, and Compliance
  • Risk Scoring and Assessments
  • Software Development Lifecycle (SDLC)
  • Threat Detection (EDR, XDR)

Endpoint Security and Protection Against Ransomware

Endpoint security, including traditional endpoint detection and response (EDR) and increasingly, its advanced iteration, extended detection and response (XDR), continue to be in high demand in light of the boom in remote work.

Products like EPP, EDR and XDR solutions secure the devices spanning a remote ecosystem and will continue to be invaluable. The healthcare segment alone saw significant investment in cybersecurity due to the adoption of telehealth and teleworking models.

Also read: Antivirus vs. EPP vs. EDR: How to Secure Your Endpoints

Most Popular Headquarters for Cybersecurity Startups

The United States, Israel, Canada, and the United Kingdom continue to be popular national locations for cybersecurity startups, with most of the funding directed between the first two.

Within the United States, the San Francisco Bay Area remains the hottest region for startups. The second-largest contingent of cybersecurity startups is a continent away from Palo Alto, in New York City. The industry newcomers benefit from the proximity to partnerships, skilled IT personnel, and funding opportunities.

Though it’s hard to compare to the presence of San Francisco and New York, other U.S. cities holding multiple top contenders this year include:

  • Atlanta, GA
  • Austin, TX
  • Boston, MA
  • Chicago, IL
  • Dallas, TX
  • Los Angeles, CA
  • San Diego, CA

Top Startup Selection Criteria

For this list we’ve generally favored companies that have been around for 5 years or less and are still in their first few rounds of funding, although older companies receiving renewed investor interest have also made this list. Sources include our observations and analysis of the cybersecurity market and startup databases such as Growjo and Crunchbase.

Our top startups are independent companies with innovative cybersecurity products or services, with a viable business plan with evidence of scalability.

We look for evidence of solid growth and traction, but once companies become too big to be called “startups” anymore — more than $100 million in revenue has been our primary criteria for “graduation” — we move them to our “graduated” list below.

Graduated Startups

Several security companies making previous eSecurity Planet top startup lists continue to be prominent vendors heading into 2023, whether as well-funded growing companies or the newest acquired team for other top IT service providers. These companies include:

Startup Founded HQ Staff Funding Stage
Abnormal Security 2018 San Francisco, CA 492 $284.0 C
Axis Security 2018 San Mateo, CA 140 $99.5 Series C
Bitglass 2013 Campbell, CA 70 $150.1 Acquired by Forcepoint
Cato Networks 2015 Tel Aviv, Israel 532 $596.0 Venture
Cybereason 2012 Boston, MA 1,308 $750.6 Series F
Darktrace 2013 Cambridge, UK 2,208 $230.5 IPO: “DARK” on LSE
Illumio 2013 Sunnyvale, CA 578 $557.5 Series F
Immuta 2015 Boston, MA 269 $158.2 Series D
JupiterOne 2018 Morrisville, NC 159 $119.0 Series C
OneTrust 2016 Atlanta, GA 3,340 $926.4 Series C
Orca Security 2019 Los Angeles, CA 405 $632.0 Series C
Randori 2018 Waltham, MA 87 $29.8 Acquired by IBM
SECURITI.ai 2018 Santa Clara, CA 413 $155.0 C
SentinelOne 2013 Mountain View, CA 1,676 $696.5 IPO: “S” on NYSE
Snyk 2015 Boston, MA 1,294 $849.5 G
Vdoo 2017 Tel Aviv, Israel 31 $70.0 Acquired by JFrog
Wiz 2020 Tel Aviv, Israel 470 $900.0 D

Bottom Line: Cybersecurity Startups

Despite the economic headwinds and tighter venture capital funding environment in the last year, there’s still demand for innovative startups that can help solve some of the pressing cybersecurity problems confronting organizations today.

Those headwinds will likely continue a while longer, but startups with a promising future that can conserve cash will be well prepared for the eventual rebound.

Read next: 34 Most Common Types of Network Security Protections

Sunny Yadav contributed to this report

24World Media does not take any responsibility of the information you see on this page. The content this page contains is from independent third-party content provider. If you have any concerns regarding the content, please free to write us here: contact@24worldmedia.com

Latest Post

5 Characteristics of Truth and Consequences in NM

Last Updated,Sep 30, 2024

How To Make Your Wedding More Accessible

Last Updated,Sep 11, 2024

Ensure Large-Format Printing Success With These Tips

Last Updated,Sep 11, 2024

4 Reasons To Consider an Artificial Lawn

Last Updated,Sep 11, 2024

The Importance of Industrial Bearings in Manufacturing

Last Updated,Sep 11, 2024

5 Tips for Getting Your First Product Out the Door

Last Updated,Sep 11, 2024

Most Popular Metal Alloys for Industrial Applications

Last Updated,Sep 6, 2024

5 Errors To Avoid in Your Pharmaceutical Clinical Trial

Last Updated,Aug 20, 2024

Ways You Can Make Your Mining Operation Cleaner

Last Updated,Aug 12, 2024

Tips for Starting a New Part of Your Life

Last Updated,Jul 16, 2024

Easy Ways To Beautify Your Home’s Exterior

Last Updated,Jun 18, 2024

Tips for Staying Competitive in the Manufacturing Industry

Last Updated,May 3, 2024