12 Cybersecurity Startups To Watch From RSAC 2024

Numerous early-stage vendors—including in fast-growing areas such as cloud security and identity security—showcased at RSAC 2024 this week.

Cybersecurity Startups To Watch

Innovation from startups in the cybersecurity space shows no signs of slowing down, as the threats continue to evolve and intensify. At the RSA Conference in San Francisco this week, a large array of cybersecurity startups have been showcasing their offerings in many of the fastest-growing segments of the market such as security for cloud environments and identities. The RSAC Early Stage Expo was packed with booths from dozens of security startups, while 10 companies were chosen as finalists for this year’s RSAC Innovation Sandbox. A startup focused on detection of deepfakes, Reality Defender, was awarded the “Most Innovative Startup” recognition in this year’s contest as concerns about AI-powered attacks continues to grow.

Among the other startups in this year’s RSAC Innovation Sandbox is RAD Security, which is focused on helping CISOs with two of their biggest priorities today — cloud security and identity security, said Brooke Motta, co-founder and CEO of RAD Security. The startup’s approach brings a focus on detecting anomalous user behavior that can help with identifying a previously unknown vulnerability, making the company’s offering akin to a “zero day detector,” Motta said.

Other notable startups showcasing at RSAC 2024 included companies focused on application, security, software supply chain security and patch management, along with a number of other startups focused on cloud security and identity security.

What follows are the details on 12 cybersecurity startups to watch from RSAC 2024.

Aembit

Aembit — a finalist in this year’s RSAC Innovation Sandbox — offers a tool for automating and securing the workflow around workload identity and access management. The offering addresses the issue of protecting interactions between workloads, which often involves the use of static credentials that come with a number of security risks. Aembit came out of stealth in March 2023 with $16.6 million in seed funding from investors including Ballistic Ventures and Ten Eleven Ventures.

Astrix Security

Astrix Security uses an agentless approach with the aim of enabling greater control over non-human identities across SaaS, IaaS and PaaS. The tool provides rapid discovery of all non-human identities and access tokens while also detecting and remediating risky access, according to the company. Astrix has raised nearly $40 million in funding, including a $25 million Series A round led by CRV in June 2023.

Dazz

Dazz offers a cloud security platform focused on improved prioritization and remediation of cloud vulnerabilities. Rather than generating alerts, the Dazz platform aims to correlate issues across detection tools and provide a robust remediation plan, the company said. This week, the company unveiled new capabilities including automated code-fixing for vulnerabilities in containers as well as AI-powered guidance on remediation. Dazz has raised $60 million in funding to date, including a Series A round of $50 million in late 2021 from investors including Insight Partners, Greylock Partners and Index Ventures.

Endor Labs

Endor Labs aims to provide enhanced security for the software supply chain, with a platform focused on enabling the secure use of open-source software, spanning dependency selection, management and remediation of code security issues. In August, Endor announced a Series A funding round at $70 million from investors including Lightspeed Venture Partners and Dell Technologies Capital.

Legit Security

Legit Security offers an application security posture management platform that aims to provide improved visibility and security throughout the software development process. The startup’s “code to cloud” platform offers a “unified” control plane for application security along with capabilities around automated discovery and analysis in the software development life cycle, the company said. In September, Legit Security announced raising a $40 million funding round led by CRV.

Mitiga

Mitiga — a finalist in this year’s RSAC Innovation Sandbox — provides capabilities for “advanced” visibility, threat detection, investigation and response in cloud and SaaS deployments. The offering ultimately enables customers to address cloud threats “70 times faster than traditional capabilities,” the company said. Mitiga has raised $45 million in total funding led ClearSky Security.

Nagomi Security

With its Proactive Defense Platform, Nagomi Security says that it provides “end-to-end” visibility of an organization’s cyber defense capabilities, with mapping against the MITRE ATT&CK framework. The result is that security teams are enabled to prioritize risks based on their organization's threat profile, while also receiving highly prescriptive remediation guidance for reducing exposure, the startup said. In April, Nagomi emerged from stealth and announced having raised $30 million in funding from numerous investors including Team8, TCV, the CrowdStrike Falcon Fund and Okta Ventures.

RAD Security

RAD Security presented its latest advancement at RSAC 2024 as part of this year’s RSAC Innovation Sandbox, focused on what the company calls a “cloud native workload fingerprint.” The cloud native detection and response technology works by creating behavioral fingerprints of a user’s normal behavior to help with enabling detection of zero day attacks, while also assisting with application of zero trust principles and real-time verification of security posture, according to the company. Formerly KSOC (Kubernetes Security Operations Center), RAD Security raised $6 million in seed funding in 2022 led by .406 Ventures.

Reality Defender

Deepfake detection startup Reality Defender received the “Most Innovative Startup” award in this year’s RSAC Innovation Sandbox. The company utilizes a “multi-model approach” and “hundreds” of patented techniques to effectively detect deepfakes across images, video, audio and text, according to Reality Defender. The company offers an API that allows organizations to upload large amounts of content and “scale your detection capabilities on demand,” Reality Defender said on its website.

Seal Security

Utilizing advances in Large Language Models, Seal Security enables teams to create an automated pipeline to improve capacity for patching activities. The approach provides users with access to security patches from five programming languages — and can ultimately enable remediation of more than 95 percent of vulnerabilities discovered in the past five years that were deemed critical or high-severity, the startup said. In February, Seal Security emerged from stealth with a seed funding round of $7.4 million led by Vertex Ventures Israel.

Sentra

Sentra offers a data security posture management platform that aims to offer improved visibility into sensitive cloud data, along with greater automation for risk assessment and access analysis related to the data. At RSAC 2024 this week, the startup unveiled a new offering, Sentra DataTreks, along with on-premises support to aid in helping organizations with determining when sensitive data has traveled between environments. In January 2023, Sentra announced raising $30 million in Series A funding led by Standard Investments.

Token

Token aims to provide “next-generation” multifactor authentication with its smart ring technology. The Token Ring eliminates the vulnerabilities associated with traditional authentication through the use of an integrated fingerprint sensor, ensuring that only authorized users can access it. In April, Token closed on $30 million in debt financing from Grand Oaks Capital to support growth and product development.