The 10 Hottest Cloud Security Startups Of 2020
The 10 hottest cloud security startups include companies protecting containers and Kubernetes workloads on AWS, securing authentication and access policies in the cloud, and monitoring the binary code running inside a company’s cloud servers.
Head In The Clouds
See the latest entry: The 10 Hottest Cloud Security Startup Companies Of 2022
Some of the security industry’s sharpest minds have over the past half-decade founded new companies to address everything from protecting containers and Kubernetes workloads on AWS to securing authentication and access policies in the cloud to continuously monitoring the binary code running inside a company’s cloud servers.
CRN has identified 10 cloud security startups founded since 2014 with at least $4 million in outside funding that stood apart from the pack thanks to new funding, the launch of partner initiatives, or key product enhancements or updates. Seven of the top startups are based in California, two are based in Israel, and one is headquartered in New York.
These companies are solving cloud security challenges such as gaining more visibility into AWS, Microsoft Azure and Google Cloud Platform, create profiles for each unique identity with access to an organization’s cloud infrastructure, and proactively uncovering cloud data exposure problems before they become security incidents. Here’s a look at how the 10 hottest cloud security startups have made their mark on the industry.
CEO: Sachin Aggarwal
Accurics was founded in 2019, and closed a $5 million seed round in April led by ClearSky as well as a $15 million Series A round in October led by Intel Capital to help develop technology that self-heals cloud-native infrastructure by codifying security throughout the development life cycle. The Pleasanton, Calif.-based company employs 47 people, up from just 11 employees a year ago, according to LinkedIn.
The company came out of stealth mode in April 2020 with the intent of reconciling risk posture drift between infrastructure defined through code and infrastructure running in the cloud. These advances are critical as organizations rapidly embrace new technologies such as serverless, containers and service mesh, Accurics said.
A new release of the open-source static code analyzer in August should ensure templates avoid common security pitfalls in popular cloud providers such as AWS, Microsoft Azure, and Google Cloud Platform. In addition, built-in extensibility will enable support for other popular technologies such as AWS CloudFormation, Kubernetes, service mesh and serverless, according to Accurics.
CEO: Art Poghosyan
Britive was founded in 2018, and in September closed a $5.4 million seed round led by Upfront Ventures to help reinvent security for multi-cloud enterprise environments. The Glendale, Calif.-based company employs 18 people, according to LinkedIn.
The company provides greater control over access privileges, allowing users to dynamically elevate their own privilege levels (on a pre-authorization basis) to perform key administrative tasks for the minimum time requirement. Britive’s intelligent engine learns user behavior and recommends privilege right-sizing for users and machine IDs, while constantly monitoring for anomalies that indicate privilege misuse.
Britive in May partnered with Tevora to reduce security risks related to cloud data breaches, simplify and standardize the privilege authorization process, and achieve operational efficiency by managing the entire user and system account life cycle. Combining Britive’s privileged access platform with Tevora’s expertise in cybersecurity, risk and compliance should provide comprehensive security for the cloud.
CEO: Balaji Parimi
CloudKnox was founded in 2016, and in January closed a $12 million funding round led by Sorenson Ventures to accelerate the company’s product and go-to-market plans. The Sunnyvale, Calif.-based company employs 48 people, up from just 32 employees a year ago, according to LinkedIn.
The company’s Activity-Based Authorization Protocol enables security and infrastructure teams to easily create activity profiles for each unique identity and resource with access to an organization’s growing cloud infrastructure. CloudKnox in April was awarded patents for its authorization protocol and anomaly detection for permission misuse across hybrid and multi-cloud infrastructures.
CloudKnox partnered with Wipro in June to help enterprises proactively protect and manage their hybrid and multi-cloud infrastructure by continuously detecting and remediating over-permissioned identities. The company was recognized in June as an Amazon Web Services Security Competency Partner based on both the organization’s business history and references from CloudKnox customers.
CEO: Nethanel Gelernter
Cyberpion was founded in 2016, and in October closed an $8.25 million seed round led by Team8 Capital and Hyperwise Ventures to help security teams identify and neutralize the rising threats stemming from vulnerabilities within online assets throughout an enterprise’s far-reaching, connected ecosystem. The Tel Aviv, Israel based company c employs 29 people, according to LinkedIn.
The company’s platform systematically tracks, analyzes and maintains the vast inventory of known and unknown assets and their connections throughout an organization to continuously identify and neutralize vulnerabilities before attackers can exploit them. It provides timely alerts with actionable directions and automated proactive protection where possible to neutralize vulnerabilities.
Cyberpion enables organizations to see and manage their online ecosystem and protect them from vulnerabilities as it continues to expand. The company’s platform is a SaaS offering with a distributed architecture and works immediately without any installation, configurations or modifications.
CEO: Itai Tevet
Intezer was founded in 2015, and in January closed a $15 million Series B funding round led by OpenView accelerate sales growth and expand the technology into the larger threat protection market. The New York-based company employs 53 people, up from 38 employees a year ago, according to LinkedIn.
Intezer Protect debuted in January to continuously monitor the binary code running inside a company’s cloud servers, alerting the user on unauthorized or malicious software in real time. The tool produces only actionable and high confidence alerts, which in turn requires minimal work from the security team and enables them to quickly prioritize and respond to threats in their cloud infrastructure.
The company believes the key to mitigating cyberattacks is detecting and responding to the malicious code running in memory. In order for an adversary to conduct a successful cyberattack and inflict damage, such as stealing data, installing a backdoor, or deleting sensitive materials, they must run malicious code or commands on a victim‘s machine—whether within a container or a virtual machine.
CEO: Joel Fulton
Lucidum was founded in 2020, and in October closed a $4 million seed funding round led by GGV Capital and Silicon Valley CISO Investments (SVCI) to solve the fundamental challenge of asset discovery and visibility that’s preventing enterprises from efficiently managing, securing, and transforming technology. The San Jose, Calif.-based company employs nine people, according to LinkedIn.
The Lucidum platform employs machine learning against pre-existing data to provide context about known and unknown computers, mobile devices, cloud environments, IoT devices and microservices. Without agents or scans, Lucidum identifies anything that stores, processes or transmits data and answers questions about where an asset is, what it is, what it’s doing, and how it’s being used.
Through a growing list of integration with nearly 100 popular tools and platforms, Lucidum feeds IT operations, security, cloud, compliance, finance and other core disciplines with critical information about the assets it identifies. The Lucidum platform is available to a limited number of early access customers and a community edition will be available in the first quarter of 2021.
CEO: Dave Cole
Open Raven was founded in 2019, and closed a $4.1 million seed funding round led by Upfront Ventures in February and a $15 million Series A round led by Kleiner Perkins in June to accelerate the company’s growth through expansion of key functions including engineering, customer support, sales and marketing. The Los Angeles-based company employs 29 people, according to LinkedIn.
The company’s platform works with a business’ existing tools so customers can understand and manage all data from a single location, starting with an emphasis on structured data. The Open Raven Graph is designed to make understanding and managing data straightforward, balancing SaaS simplicity and scale with the data privacy of an on-premises tool through installation into an organization’s own cloud.
Open Raven Community Edition delivers real-time data leak monitoring to proactively uncover cloud data exposure problems before they become security incidents. The platform identifies at-risk data, locates unknown data and shows every AWS account and asset from every angle in a global 3-D map, making it easy for security teams to see and prevent data mishaps and maintain compliance.
CEO: Avi Shua
Orca Security was founded in 2019, and in March closed a $20 million Series A funding round led by GGV Capital to invest substantially in talent, go-to-market growth, and research and development. The Los Angeles-based company employs 64 people, up from 33 employees a year ago, according to LinkedIn.
The company said it has created the first and only cloud security tool that can within minutes find vulnerabilities, malware, misconfigurations, leaked and weak passwords, lateral movement risk, and high-risk data without agents or per asset integrations. This allows customers to gain more visibility into AWS, Microsoft Azure and Google Cloud Platform at a fraction of the time and operational cost of alternative offerings, Orca said.
Orca Security in October unveiled the second generation of its cloud security platform, featuring unique capabilities built specifically to respond to the public cloud security and compliance needs of global financial services customers. The new offerings are designed to help companies in highly regulated industries use the public cloud to innovate safely, while staying in compliance with stringent regulations.
CEO: Hed Kovetz
Silverfort was founded in 2016, and in August closed a $30 million Series B funding round led by Aspect Ventures to meet the increasing customer demand for secure authentication and access tools, which has been boosted by the global shift to remote work. The Tel Aviv, Israel-based company employs 65 people, up from 46 employees a year ago, according to LinkedIn.
The company’s platform enforces secure authentication and access policies for any user, device and system, both on-premises and in the cloud, without the need to deploy any agents, SDKs or proxies. Its unique architecture allows Silverfort to protect large and complex networks and cloud environments, with a risk engine that prevents threats such as account takeover, ransomware and lateral movement.
Silverfort enables its customers to protect many sensitive systems that other vendors can’t integrate with, such as homegrown/legacy systems, critical infrastructure, file systems, IoT, command-line interfaces and machine-to-machine access. The company also allows customers to migrate their existing servers and applications to the cloud in a secure manner without having to modify them.
CEO: Kamal Shah
StackRox was founded in 2014, and in September closed a $26.5 million venture funding round led by Menlo Ventures to accelerate growth, expand in key geographies such as Europe, the Middle East and Africa (EMEA), and support R&D efforts around Kubernetes-native container security. The Mountain View, Calif.-based company employs 71 people, up from 63 employees a year ago, LinkedIn reported.
The company in March integrated with AWS services to provide security and compliance for container and Kubernetes workloads on AWS. Then in May, the company added new capabilities to help analysts and incident responders make more informed security and compliance decisions, helping them quickly identify the most important event details, view them chronologically and add custom notes.
StackRox in August launched operations in EMEA to provide global customers with local access to its Kubernetes-native security capabilities. Then in October, the company debuted an open-source static analysis tool to identify misconfigurations in Kubernetes deployments, enhancing developer productivity while ensuring the automatic enforcement of hardened security policies for Kubernetes applications.