These Are The Stellar Security Startups To Know In 2023
Cyberattacks are unrelenting and rapidly evolving and businesses are demanding the latest defensive weapons to fight back. As part of CRN’s Stellar Startups for 2023, here are 48 security startups, founded in 2017 or later, who are developing leading-edge cybersecurity technology that solution providers should be aware of.
Staying Ahead Of The Bad Guys
Business IT systems continue to face unrelenting – and ever evolving – cybersecurity attacks including malware and ransomware, phishing scams, denial of service attacks and data theft. What’s more, the vulnerable “attack surface” for cyberattacks has expanded with the expansion of hybrid/multi-cloud computing, the growth of ecommerce platforms, the proliferation of IoT and mobile devices, and the move to remote work.
With so many high-profile security incidents making headlines, cybersecurity is top-of-mind for many IT managers. And that’s driving demand for cybersecurity solutions from solutions providers and strategic service providers.
Late last year McKinsey & Co. said that globally organizations spent around $150 billion on security solutions and services in 2021, a number that’s growing 12.4 percent annually. But beyond actual cybersecurity spending, the consulting firm said that given the rapid increase in cyberthreats the total addressable cybersecurity market – the potential opportunity for vendors and solution providers – is a staggering $1.5 trillion to $2.0 trillion.
While many businesses and organizations rely on systems and software from established cybersecurity vendors for protection, some of the most innovative offerings for battling increasingly sophisticated cyberattackers is coming from a wave of startups who are pushing the boundaries of what cybersecurity technology can do.
Leading-edge cybersecurity technologies present a major opportunity for solution providers and strategic service providers. As part of CRN’s Stellar Startups for 2023, here are 48 security startups, founded in 2017 or later, that solution providers should be aware of.
Top Executive: Evan Reiser, CEO
Abnormal Security develops a behavioral AI-based email security platform that learns the behavior of every identity within a cloud email environment and analyzes the risk of every event to block sophisticated attacks. In August the company surpassed $100 million in annual recurring revenue.
In August Abnormal Security said it had achieved $100 million in annual recurring revenue in four years
Top Executive: Maor Bin
Adaptive Shield, a leader in SaaS Security, enables security teams to secure their entire SaaS stack through threat prevention, detection and response. With Adaptive Shield, organizations continuously manage and control all SaaS and 3rd-party connected applications, as well as govern all SaaS users and risks associated with their devices.
In July Adaptive Shield received a strategic investment from Blackstone Innovations Investments, bringing the company’s total capital raised to $44 million.
Top Executive: Brendan O’Connor, Co-Founder, CEO
AppOmni is a pioneer in enterprise SaaS security. The startup provides centralized visibility into every facet of SaaS application security including configuration management, data access management, governance and compliance, and identity-based threat detection. AppOmni is used by four of the Fortune 10 and industry leaders across finance, healthcare and government.
In June the company launched SaaS Identity Fabric to secure access to data across a SaaS ecosystem.
Top Executive: Shankar Somasundaram, CEO
Asimily offers a robust risk management platform that secures IoT devices for medical, diagnostic, life sciences, and pharmaceutical companies in the healthcare industry. With an extensive knowledge base of IoT and security protocols, Asimily inventories and classifies every device across a healthcare organization, both connected and standalone.
Top Executive: Derik Belair, Co-Founder, CEO
Augmentt is a multi-tenant, SaaS security platform built for specifically for MSPs. Augmentt ‘s platform provides full visibility and control over Microsoft and cloud apps, allowing MSPs to easily audit customer environments, proactively protect with security configurations, and detect threats and alerts when they arise.
Top Executive: Dean Sysman, CEO
Axonius develops a cybersecurity asset management platform that provides organizations with a comprehensive asset inventory, uncovers security coverage gaps, and automatically validates and enforces security policies. In May 2023 the company launched Axonius 5.0 for improved visibility into installed applications.
Axonius raised $200 million in Series funding in March 2022.
Top Executive: Prakash Linga, CEO
BluBracket’s source code scanning technology that protects software supply chains by preventing, finding and fixing risks in source code, developer environments and pipelines.
BluBracket was recently acquired by HashiCorp, a provider of DevOps infrastructure provisioning and management tools.
Top Executive: Joe Simpson, CEO
Blumira markets an automated threat detection and response cloud platform that provides enterprise-level security for small to medium businesses. The company launched its XDR platform in June and announced that the startup had raised $15 million in a Series B funding round.
Top Executive: James Campbell, CEO
Cado Security offers a cloud-native digital forensics platform that automates cybersecurity incident investigation and response efforts across cloud, container and serverless environments. In October the company expanded its offerings with the new Incident Readiness Dashboard, providing the ability to proactively run readiness checks, see readiness trends over time, and identify issues that could prevent the organization from rapidly responding to active threats.
In March the London, U.K.-based company raised $20 million in new funding.
Top Executive: Belsasar (Bel) Lepe, Co-Founder, CEO
Cerby officially launched in June of this year with what it described as the world’s first security platform for unmanageable applications.
Cerby provides identity teams with a comprehensive access management platform for nonstandard applications. Harnessing the power of identity providers (IdPs), Cerby removes the need for manual tools/compensating controls (like enterprise password managers) by automating everyday human security tasks based on SSO and lifecycle management cues from upstream IdPs.
In August the company raised $17 million in Series A funding.
Top Executive: David Bellini, Co-Founder, CEO
CyberFOX is a global cybersecurity technology provider focused on privileged access management (PAM) and password management for managed service providers (MSPs) and IT Pros. Its flagship products – Password Boss for password management and AutoElevate for PAM – supply critical elements of a comprehensive security strategy.
CyberFox released version 2.6 of AutoElevate in October with a number of new capabilities including password-less admin logic, multi-level settings, Windows event logs and biometric local authentication.
Top Executive: Mateo Barraza, Co-Founder, CEO
CyberQP, rebranded from Quickpass in April 2023, helps MSPs protect what matters. We provide privileged access management capabilities for MSPs, including protecting customer admin accounts and securing identities of their customers.
CyberQP raised an additional $12 million in funding in April.
Top Executive: Eyal Elyashiv, CEO
The Cynamics Next Generation (NG) Network Detection and Response (NDR) solution utilizes standard sampling protocols built in to every gateway, patented algorithms, plus AI and machine learning to provide threat prediction and visibility at speed and scale - built to protect networks of all sizes and complexity.
Top Executive: David Primor, Founder, CEO
Cynomi’s vCISO platform empowers MSSPs, MSPs and consultancies to offer structured cybersecurity services at scale, providing them with proactive cyber resilience. Combining proprietary AI algorithms with CISO-level knowledge, Cynomi’s platform streamlines the vCISO’s work while automating manual time-consuming tasks. Established in 2020, Cynomi now works with more than 50 partners worldwide.
Top Executive: Charlie Thomas, CEO
Deepwatch is a leading managed detection and response (MDR) security platform for the cyber resilient enterprise. The company’s platform combines comprehensive threat management capabilities, Deepwatch expert practitioners, and precise automated actions. The technology helps businesses and organizations take preventative actions to improve security posture and enhance speed of response.
Deepwatch raised $180 million in new funding in February.
The company unveiled significant enhancements to its Xcelerate Channel Partner Program in April, designed to recognize and reward partner expertise and investment at each level.
Top Executive: Dan Benjamin, Co-Founder, CEO
Dig is a leader in cloud data security. The Dig Data Security Platform uniquely combines DSPM, DLP, and data detection and response (DDR) capabilities into a single platform. Dig Security helps enterprises and mid-market organizations discover, classify, protect, and govern their cloud data.
On Oct. 31 Palo Alto Networks struck a deal to acquire Dig Security for an undisclosed sum.
Top Executive: Adam Gavish
DoControl is an agentless, event-driven SaaS Security Platform (SSP) that secures business-critical SaaS applications and data. DoControl’s SSP uncovers all SaaS users, third-party collaborators, assets and metadata, OAuth applications, groups, and activity events. DoControl helps reduce risk, prevent data breaches, and mitigate insider risk without slowing down business enablement.
In June 2022 DoControl launched its Accelerate Channel Program to extend its sales footprint through solution providers, global systems integrators, VARs, MSPs and consulting firms.
In April 2022 the company raised $30 million in Series B funding.
Top Executive: Kunal Agarwal
Legacy secure web gateways have defined cybersecurity for a generation but they route internet traffic through datacenters to perform security checks and are known for their complex configuration and dull UI. Dope.security says it redefines the market with its easy-to-deploy Fly-Direct architecture, for which it received a patent in November 2022. The product eliminates stopover datacenters and heightens performance, reliability, and privacy with a modern UI.
Dope.security, which exited stealth in September 2022, landed $16 million in Series A funding in March, in addition to an earlier $4 million seed funding round.
Top Executive: Yuriy Bulygin, Founder, CEO
Eclypsium’s cloud-based platform provides digital supply chain security for critical software, firmware and hardware in enterprise infrastructure. Eclypsium helps enterprises and government agencies mitigate risks to their infrastructure from complex technology supply chains.
Top Executive: Shai Morag, CEO
The Ermetic CNAPP platform reveals and prioritizes security gaps in AWS, Azure and GCP. It uses an identity-first approach to automate necessary components of cloud security, including cloud security posture management (CSPM), cloud infrastructure entitlement management (CIEM), cloud workload protection (CWP), Kubernetes security posture management (KSPM) and infrastructure as code (IaC).
Tenable, a developer of exposure management technology, just acquired Ermetic on October 2. Tenable will use Ermetic’s technology to boost the capabilities of the Tenable One Exposure Management Platform and Tenable Cloud Security.
Top Executive: James Hamilton, CEO
Gradient Cyber provides a comprehensive mid-market MXDR solution, which strengthens an organization’s cybersecurity posture, compliance and business resilience by finding and stopping attacks before they can do harm.
Top Executive: Lior Yaari, Co-Founder, CEO
Grip Security is a pioneer in SaaS identity risk management, providing innovative technology to help enterprises address the security risks associated with widespread SaaS adoption. The company’s SaaS Security Control Plane platform helps companies discover, prioritize, secure and orchestrate the mitigation and remediation of risks.
In August Grip raised $41 million in Series B funding, bringing its total financing to $66 million.
Top Executive: Tiffany Ricks, Founder, CEO
HacWare develops a generative AI-powered cybersecurity awareness platform that combines threat intelligence with user behavior to help technology solution providers combat phishing attacks through advanced phishing simulations, micro training, and human risk insights.
Top Executive: Jon Miller, Co-Founder, CEO
Halcyon’s cyber resilience platform is designed from day one to defeat ransomware. Global 2000 companies rely on Halcyon to augment existing XDR/EDR platforms and undo attacks in minutes with bypass and evasion protection, key capture and automated decryption, and exfiltration and extortion prevention.
Halcyon raised $50 million in Series A funding in April.
Top Executive: Snehal Antani, Co-Founder, CEO
Horizon3.ai was founded by former industry and U.S. National Security veterans to help organizations see their networks through the eyes of the attacker and proactively fix problems that truly matter, improve the effectiveness of their security initiatives, and ensure that they are prepared to respond to real cyberattacks.
Horizon3.ai said in October that a commissioned independent study found that the company’s NodeZero autonomous penetration testing system saved customers more than $325,000 a year in improved SecOps productivity and third-party “pentesting” and vulnerability scanner costs.
Horizon3.ai raised $40 million in Series C funding in August.
Top Executive: James Hadley, CEO
Immersive Labs, a leader in people-centric cyber resilience, is trusted by the world’s largest organizations and government entities to help them continuously assess, build and prove their cyber workforce resilience by providing realistic simulations and hands-on cybersecurity labs to evaluate individual and team capabilities and decision-making against the latest threats.
Immersive Labs raised $66 million in capital in October 2022 to continue its growth and accelerate investment in its Cyber Workforce Resilience platform.
Top Executive: Mike Fey, Co-Founder, CEO
Island says it has reimagined the browser. By considering the needs of the enterprise, the company has created a dramatic positive impact on every layer of cybersecurity and all IT functions while improving the end-user experience and productivity. Island can serve as the platform for the future of productive and secured work.
In October Island raised $100 million in Series C funding, boosting its valuation to $1.5 billion.
Top Executive: Erkang Zheng, Founder, CEO
Cybersecurity company JupiterOne specializes in cyber asset and attack surface management. A growing number of enterprises and Fortune 500 companies trust JupiterOne as the foundation for their enterprise security programs and realize the benefits of reduced cyber risk.
In July JupiterOne expanded its platform with integrations for hybrid infrastructure and AI-driven usability improvements.
Top Executive: Himanshu Shukla, Founder, CEO
LightBeam automates privacy, security and AI governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has pioneered a unique identity-centric and automation-first approach, tying together cataloging, control, and compliance in a hybrid, multi-cloud infrastructure. LightBeam says it is on a mission to create a secure privacy-first world.
Top Executive: Javed Hasan, Co-Founder, CEO
Lineaje provides continuous software supply chain security management to companies that build or use software. Lineaje’s product suite, which includes SBOM360, SBOM360 Hub, and Lineaje AI with BOMbots, enables companies to centrally manage their entire software supply chain for software built and bought.
In February the startup raised $7 million in a seed funding round led by Tenable Ventures.
Top Executive: Ricardo Villadiego, CEO
Lumu Technologies develops “continuous compromise assessment” cybersecurity technology that helps security teams detect and isolate instances of compromise, eliminating security blindspots and closing the breach detection gap to minutes.
Miami-based Lumu raised $30 million in Series B funding in September.
Top Executive: Thomas Pace, Co-Founder, CEO
NetRise is an industry-leading supply chain risk management and device security company that has built a platform to automatically analyze firmware, generate and manage software bills of material (SBOMs), and identify vulnerabilities and other underlying risks.
On Nov. 9 NetRise released Trace in the NetRise platform, what the company called the industry’s first AI-powered semantic search for supply chain security.
Top Executive: Yuen Pin Yeap, CEO
NeuShield delivers what it describes as a revolutionary approach to data protection. Rather than trying to detect and block threats one-by-one, the company’s patented NeuShield Data Sentinel product shields important data to prevent threats from modifying it.
In July NeuShield launched an update of NeuShield Data Sentinel Datacenter Edition with new exfiltration protection for database files in Microsoft SQL Server databases.
Top Executive: Connie Stack, CEO
Next DLP is a leading insider risk and data protection solution provider. The Reveal Platform by Next uncovers risk, stops data loss, educates employees, and fulfills security, compliance, and regulatory needs. The company’s leadership brings decades of cyber and technology experience from Fortra, Digital Guardian, Crowdstrike, Forcepoint, Mimecast and Veracode.
Top Executive: Oz Golan, CEO
Noname Security protects APIs from code to production. The company’s comprehensive API security platform automatically secures customer environments, detects vulnerabilities before they’re exploited, and greatly reduces API attack surfaces. Noname seamlessly integrates with existing API gateways, load balancers, WAFs, and more for complete visibility into the full API ecosystem.
In June Noname announced the general availability of its Active Testing V2, part of the Noname API Security Platform, for testing APIs before they are put into production.
Top Executive: Gil Geron, Co-Founder, CEO
Orca Security is a pioneer in developing agentless cloud security that is trusted by hundreds of enterprises globally. Its patented SideScanning technology provides 100-percent deep and wide visibility into risks and compliance issues across cloud workloads, configurations and identities. Orca surfaces the most critical risk combinations so teams can address those first.
In October Orca deepened its partnership with Google Cloud by integrating with Google Workspace and in November announced a new integration with Google Cloud’s Vertex AI. Also in November the company announced generative AI integration with Amazon Bedrock.
Top Executive: Chen Burshan, CEO
Skyhawk Security, a pioneer in Cloud Threat Detection and Response (CDR) technology, uses advanced AI and ML sequencing of context-based behaviors, providing runtime observability to detect and remediate malicious activities across cloud environments as they happen.
Top Executive: Scott McCrady, CEO
SolCyber provides an affordable, all-encompassing cybersecurity program subscription tailored for the mid-market. The startup’s subscription encompasses essential elements of a mature security program including curated tools, a 24x7 detection and response SOC, live training and advisory services, ensuring comprehensive protection against evolving digital threats.
Top Executive: Yasir Khalid, CEO
StrikeReady’s mission is to democratize human, i.e., analysts’ intelligence, so organizations worldwide can reduce adversarial risks and mitigate the skilled cyber talent shortage. StrikeReady’s CARA, the technology that powers the company’s cloud-based Security Operations and Management platform, has aided hundreds of analysts as the industry’s first cybersecurity co-pilot. It enhances analysts’ skill, knowledge and speed, and autonomously operates hundreds of cybersecurity products.
Talon Cyber Security
Top Executive: Ofer Ben-Noon, CEO
Talon Cyber Security’s enterprise browser security portfolio transforms the browser into a secure workspace, providing IT and security teams with deep visibility into – and tight control over – all web and software-as-a-service applications. In August the company debuted new digital experience metrics for the Talon Enterprise Browser.
On November 6 Palo Alto Networks struck a deal to acquire Talon Cyber Security for an undisclosed sum.
Top Executive: Danny Jenkins, CEO
ThreatLocker provides enterprise-level cybersecurity tools for the MSP industry to improve the security of servers and endpoints. ThreatLocker Application Control, Ringfencing, Storage Control, Elevation Control, and Network Control solutions are leading the cybersecurity market towards a more secure approach of blocking the exploits of unknown application vulnerabilities.
In November 2022 the company acquired Third Wall, a developer of tools used to lock down Microsoft Windows.
ThreatLocker raised $100 million in Series C funding in April 2022.
Top Executive: Ofer Smadari, Co-Founder, CEO
Torq’s security Hyperautomation platform automates all workflows and processes across the entirety of modern enterprise security organizations to deliver end-to-end cybersecurity protection. The Hyperautomation platform enables security professionals to create and deploy complex, sophisticated workflows in minutes, over 10X faster than legacy SOAR, according to the company.
In June Torq launched the Torq Partner Acceleration Program offering what the company described as the highest Guaranteed-margin opportunities possible. Rather than traditional “metal” tiers the new program is based on a customer outcome-based tiering system.
Top Executive: Rom Hendler, CEO
Trustifi provides SaaS-based cybersecurity solutions (inbound shield, data loss prevention, email encryption) that leverage sophisticated AI-driven tools. Trustifi is a market leader with the easiest-to-use and deploy email security products, providing both inbound and outbound email security from a single vendor, including automated compliance, email tokenization, and URL hunting features.
Top Executive: Tarun Thakur, Co-Founder, CEO
Veza is the identity security company that enables organizations to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations.
In August Veza received strategic investments from Capital One Ventures and ServiceNow Ventures, bringing the company’s total financing to $125 million.
Top Executive: Assaf Rappaport, CEO
Fast-growing Wiz offers a cloud security platform that brings together multiple capabilities including cloud security posture management, cloud-native application protection, and data security posture management.
The company landed $300 million in new funding in February, putting its valuation at $10 billion.
Top Executive: Ken Levine, CEO
Xcitium targets the SMB market with its threat detection and response cybersecurity tools including MDR, XDR, endpoint detection and response, and ZeroDwell containment. Earlier this year the company expanded its global partner operations, signing deals with value-added distributors in EMEA, APAC-J and Latin America.
Top Executive: Benny Lakunishok, Co-Founder, CEO
Zero Networks is a radically simple, unified network security platform combining micro-segmentation with advanced ZTNA to prevent lateral movement and ransomware. The company describes its patented technology as a paradigm shift in network security: Fully automated, agentless, and applies multi-factor authentication on any network asset. Customers include midmarket and large enterprises in various sectors.
Top Executive: Brett Cheloff, CEO
Zorus is a next-generation DNS filtering and behavioral insights security platform designed and built for MSPs. The company strives to keep MSPs’ customers safe from malicious links and insider threat behaviors regardless of where the device is located or what network it may be on.