The 10 Hottest Cloud Security Startups Of 2021 (So Far)

The 10 hottest cloud security startups include companies providing centralized insights, anomaly detection and compliance across multi-cloud environments, and protecting AWS, Azure and GCP workloads.

Security On A Cloudy Day

Some of the security industry’s sharpest minds have over the past decade founded new companies to address everything from to finding security issues in public cloud infrastructure to anomaly detection and compliance across multi-cloud environments to workforce-level protection for Amazon Web Services, Microsoft Azure and Google Cloud Platform.

CRN has identified 10 cloud security startups founded since 2015 with at least $4 million in outside funding that stood apart from the pack thanks to new funding, the launch of partner initiatives, or key product enhancements or updates. Four of the top startups are based in California, three are based in Israel, and the remaining three are headquartered in Colorado, South Dakota, and England.

These companies are solving security challenges such as securing cloud-native workloads with in-memory protection, safeguarding the data lifecycle across cloud data stores, and providing centralized insights across on-premise, cloud, and SaaS environments. Here’s a look at how the 10 hottest cloud security startups have made their mark on the industry.

See the latest entry: The 10 Hottest Cloud Security Startup Companies of 2022

For more of the biggest startups, products and news stories of 2021 so far, click here.

Aqua Security

CEO: Dror Davidoff

Aqua Security was founded in 2015, and in March closed a $135 million Series E funding round led by ION Crossover Partners to keep improving its product, acquiring additional customers, and educating the market about cloud-native security as it prepares for an IPO in a few years. The Ramat Gan, Israel-based company employs 335 people, up 33 percent from 251 employees a year ago, according to LinkedIn.

The company has significant plans to enhance its Kubernetes security offering to address evolving security requirements around the technology. Aqua Security also intends to make big investments around enhancing the security around cloud infrastructure as infrastructure as code (IaC) becomes more of a standard across the industry.

Going forward, there will be additional run-time technologies Aqua will need to secure as new types of workloads emerge beyond containers, serverless and lightweight virtual machines. Aqua Security hopes the additional funding will drive more customer acquisition, better coverage of cloud security problems, and more use of the company’s technology by the open source community.

Armo

CEO: Shauli Rozen

Armo was founded in 2019, and in January closed a $4.5 million seed funding round led by Pitango First to expand its go-to-market efforts and the commercial offering around its technology. The Tel Aviv-based company currently employs 23 people, according to LinkedIn.

The company said it provides DevOps teams with a new approach to cloud-native workload and application deployment that infuses inherent security and visibility into applications, creating a virtual control plane that can be easily deployed in any cloud-native environment. Global enterprises have chosen Armo as their future security and visibility infrastructure, running in production environments.

Armo Workload Fabric provides an in-memory security layer as well as governance layers such as data flow compliance, transparent data protection, and secured tunneling and networking. In addition, the company said its platform seamlessly integrates into the DevOps pipeline at the CI/CD phase, eliminating operational complexity.

Automox

CEO: Jay Prassl

Automox was founded in 2015, and in April closed a $110 million Series C funding round led by Insight Partners to expand the enterprise functionality of the company’s platform and build out its sales and go-to-market operations. The Boulder, Colo.-based company employs 203 people, up 95 percent from 104 employees a year ago, according to LinkedIn.

The company delivers a cloud-native IT operations platform that offers the visibility, automation, and control IT teams need to effortlessly advance operations at scale, streamline IT workflows, and minimize risk and exposure. With automation and real-time visibility, IT operations teams can easily keep pace with their infrastructure and provide more strategic value and security outcomes for their business.

Automox in March hired Jeff St. Clair from Palo Alto Networks as chief revenue officer to build on five consecutive quarters of rapid growth and expand the company’s base of more than 1,900 customers across 30 countries. A month later, the company named CrowdStrike co-founder and former CTO Dmitri Alperovitch as chair of the board to help bring modern IT operations to the enterprise.

Cado Security

CEO: James Campbell

Cado Security was founded in 2020, and in April closed a $10 million Series A funding round led by Blossom Capital to accelerate the company’s growth through the expansion of key functions including engineering, customer support, and go-to-market operations. The London-based company employs 18 people, according to LinkedIn.

The company’s platform automates data collection from multiple sources, including cloud and containers, while also supporting traditional, on-premises systems to provide 100 percent of the data with no extra effort. Cado’s patent-pending architecture scales up and down to provide rapid processing when needed and save costs when not.

Cado’s analytics engine correlates all systems, users, processes, and files so analysts can immediately visualize the scope of an organization’s IT environment. From there, the customer can conduct an investigation in aggregate - rather than analyzing at the system level - to get to the root cause of an incident quickly and precisely.

Cyral

CEO: Manav Mital

Cyral was founded in 2018, and in May closed a $26 million Series B funding round led by Redpoint, Costanoa Ventures, A.Capital, and Silicon Valley CISO Investments (SVCI) to help secure the modern data cloud. The Milpitas, Calif.-based company currently employs 46 people, up 53 percent from just 30 employees a year ago, according to LinkedIn.

The company gives security and engineering teams a quick and simple way to evaluate cloud security risks and proactively protect company and customer data without disrupting existing DevOps workflows. Cyral said it automates workflows and enables collaboration between DevOps and Security teams to automate assurance and prevent data leakage.

Cyral developed a unique stateless interception technology that can be implemented as security as code, allowing for ease in implementation and in management across all data services. Once deployed, the company’s technology intercepts all activity across data repositories, applies granular access controls, and alerts and blocks any anomalous behavior with zero impact on performance.

Dasera

CEO: Ani Chaudhuri

Dasera was founded in 2019, and in May closed a $6 million seed funding round led by Sierra Ventures to expand its engineering and go-to-market teams as well as launch a SaaS offering. The Sunnyvale, Calif.-based company employs 22 people, according to LinkedIn.

The company enables safe use of sensitive data by automatically securing the full lifecycle of cloud data stores. Initially developed at UC Berkeley, the Dasera platform enables compliance and security teams to find, flag and fix vulnerabilities for data misuse across the data lifecycle.

Traditional security solutions have been focused solely on ingress (firewalls and access control) and egress (data loss prevention). But in today’s cloud-native environments, Dasera said so many security and compliance risks originate from the day-to-day creation of new data stores, data moving between data stores, and the usage of data among those with access.

Lacework

CEO: David Hatfield

Lacework was founded in 2015, and in January closed a $525 million funding round led by Sutter Hill Ventures and Altimeter Capital to expand its go-to-market and partner ecosystem operations and grow its engineering and R&D teams across the U.S. and Europe. The San Jose, Calif.-based company today employs 525 people, up 265 percent from just 144 employees a year ago, according to LinkedIn.

The company gives customers visibility, context, and telemetry to quickly assess cloud security postures, prove compliance, secure cloud workloads, investigate anomalous activity, or answer an auditor’s question. Lacework’s security architecture understands and detects threats in cloud applications, tackling the massive security data processing required to record and analyze changes in the cloud.

Lacework said the next phase of its growth will focus on extending its market-leading SaaS security platform and expanding into new adjacent spaces, all with a focus on enabling customers to innovate in the cloud with speed and safety. The company is also looking to deliver additional integrations across the DevOps toolchain and into security data lake initiatives for Snowflake customers.

Orca Security

CEO: Avi Shua

Orca Security was founded in 2019, and in March closed a $210 million Series C funding round led by CapitalG and Redpoint Ventures to dramatically expand its identity and access management capabilities and bolster its alerting around attacks already in progress. The Los Angeles-based company employs 138 people, up 151 percent from just 55 employees a year ago, according to LinkedIn.

The company is focused on having its product natively spot essential risks from vulnerabilities, misconfigurations, and exposed data as well as identify overprivileged users and incorrectly assigned permissions. Orca Security additionally wants to move from its present focus on prevention to detecting attacks as they unfold by examining the risk around critical attack vectors.

Orca Security’s funding will also allow for investment in agentless, workload-deep, context-aware security and compliance for Google Cloud, Amazon Web Services and Microsoft Azure. The company said it prioritizes risks based on the underlying security issue combined with environmental context, including its accessibility and potential damage to the business.

Query.AI

CEO: Dhiraj Sharan

Query.AI was founded in 2018, and the company in May closed a $4.6 million seed funding round led by ClearSky Security to scale its go-to-market and engineering teams to meet significant demand for its platform. The Brookings, S.D.-based company currently employs 32 people, up 68 percent from 19 employees a year ago, according to LinkedIn.

The company provides security teams with a simple and cost-effective approach to significantly elevate security investigation and response through real-time access and centralized insights to data across on-premises, multi-cloud, and SaaS applications. Query.AI said it delivers an effective way to speed security investigation and response goals while simultaneously reducing costs.

Query.AI simultaneously normalizes and enriches data across any platform to enable investigations without complexity. The security investigations control plane provides guided data exploration and support for natural language processing, eliminating the need for security analysts to be experts in individual systems and giving firms the flexibility to determine where data is stored and who has access.

Wiz

CEO: Assaf Rappaport

Wiz was founded in 2020, and the company in March got $130 million of Series B funding led by Advent International and in June received an additional $120 million of funding from Salesforce Ventures, Blackstone, and Aglaé Ventures. The Tel Aviv-based company currently employs 84 people, up 265 percent from just 23 employees a year ago, according to LinkedIn.

The company said its architecture facilitates scanning of the entire cloud environment across all compute types and cloud services for vulnerabilities, configuration, network, and security issues. Wiz said it offers a weighted view of risk that allows customers to assess vulnerabilities and misconfigurations based on severity, exposure, exploitability, blast radius and business impact.

Ten percent of the Fortune 500 are already using Wiz, according to the company. Wiz’s customers include electronic signature vendor DocuSign, materials science and manufacturing firm Avery Dennison, and life insurance provider MassMutual, according to the company’s website.