The 10 Hottest Cybersecurity Startups Of 2019

The 10 hottest cybersecurity startups include companies solving challenges around identity control, complying with new privacy regulations, and safeguarding cloud platforms and IoT assets.


What’s Next In Security?

An array of up-and-coming security vendors are looking to make their mark on everything from identity protection and control to complying with new privacy regulations to safeguarding cloud platforms and IoT devices.

CRN has identified 10 cybersecurity startups founded since 2017 that stood out from the crowd this year thanks to new funding, the launch of partner programs, or key product enhancements or updates. Four of the top startups are based in California, three are headquartered in Israel, two are located in the Northeastern United States, and one is based in the United Kingdom.

These companies are solving security challenges such as cyber threats against rail networks, enforcing accountability on critical assets, and monitoring the internet to catch breaches before they happen. Here are the steps the 10 hottest cybersecurity startups have taken this year to make themselves more relevant to the channel.

Sponsored post

Abnormal Security

CEO: Evan Reiser

Abnormal Security was founded in 2018, and in November closed a $24 million Series A funding round led by Greylock Partners to better protect enterprises from unknown or targeted email attacks through a combination of identity models, relationship graphs and content analysis.

The San Francisco-based company said a composite analysis of identity, relationships and email content helps stop attacks that lead to account takeover, financial damage and organizational mistrust. Abnormal Security intends to build a state-of-the-art data science and behavioral analysis platform and apply it to email security challenges.

The company said it provides unprecedented protection against targeted attacks by analyzing more sources of data than other email security products, including data beyond email. The company said that more than 70 percent of business email compromise attacks identified through Abnormal Security platform customer deployments were not initially blocked by secure email gateway offerings.


CEO: Amir Levintal

Cylus was founded in 2017, and in June closed a $12 million Series A funding round led by Magma Venture Partners and Vertex Ventures to increase research and development efforts, grow its workforce, and accelerate activities in the European Union, United States, and Asia-Pacific.

The Tel Aviv, Israel-based company helps rail and metro companies avoid safety incidents and service disruptions caused by cyberattacks. The company's flagship CylusOne offering detects cyber threats in both trackside and onboard signaling and control networks, and facilitates a timely and effective response before any harm is done.

Cylus in September was tapped for the Silicon Valley Plug and Play program, allowing the company to protect railway systems, including the implementation of Positive Train Control (PTC), with the highest cybersecurity standards. Two months later, the company got the ISO 27001 and ISO 9001 certifications, recognizing its quality management systems and commitment to information security management.


CEO: Daniel Barber

DataGrail was founded in 2018, and in July closed a $5 million Series A funding round led by Cloud Apps Capital to accelerate growth and meet demand from customers and prospects in advance of new privacy laws in California and Nevada. American Express Ventures joined DataGrail’s Series A round in November to help the company advance its mission.

The San Francisco-based company helps businesses operationalize and manage privacy management, including the accessing and deletion of personal data. Discovering and mapping personal data within seconds allows DataGrail customers to reduce inefficiencies and eliminate error-prone processes, while helping them continuously comply with data privacy regulations, the company said.

DataGrail in April landed TrustArc executive Mikhail "Misha" Nikitin as its first vice president of sales to direct the company’s overall sales leadership strategy. Six months later, the company announced a partnership with Okta to make it easier for customers to manage matters of privacy and identity and enable continuous compliance with privacy laws.

Immersive Labs

CEO: James Hadley

Immersive Labs was founded in 2017, and in November closed a $40 million Series B round led by Summit Partners to support expansion initiatives in North America.

The Bristol, England-based company offers a cyber skills development platform designed to enable security specialists and business users to step into real-world cybersecurity situations based on real-world attack techniques and emerging or zero-day threats. These simulations aim to strengthen skill levels across the board, from identifying phishing attacks to reverse-engineering malware.

Immersive Labs has experienced rapid growth since its launch, with a 750 percent year-over-year increase in annual recurring revenues and an employee base that is now more than 100 strong. The company plans to build on its momentum from its new North American headquarters in Boston.

Obsidian Security

CEO: Glenn Chisholm

Obsidian Security was founded in 2017, and in February closed a $20 million Series B round led by Wing Venture Capital to transform how enterprise identity is monitored and secured.

The Newport Beach, Calif.-based company's intelligent identity protection offering analyzes user activity, permissions and configuration data with advanced machine learning to enable better security and identity management. The platform provides complete visibility, smarter identity lifecycle management, and efficient incident response and forensics to help organizations protect their users and critical assets.

Two months later, Obsidian appointed data ethicist Laura Noren as VP of privacy and trust to protect data subjects’ privacy and advocate for fairness in statistical and machine learning models. Noren’s new role at Obsidian is a proactive privacy and data ethics position integrated into the data science and engineering teams, which the company said is a first in the cybersecurity industry.

Orca Security

CEO: Avi Shua

Orca Security was founded in 2019, and in June closed a $6.5 million seed round led by YL Ventures to provide organizations with seamless visibility into their cloud infrastructure footprint.

The Tel Aviv, Israel-based company was founded by former Check Point executives Avi Shua and Gil Geron to deliver full stack IaaS and PaaS cloud security visibility. Orca said its patent-pending SideScanning technology can be deployed instantaneously without the impact and complexity of per asset agents.

Orca's technology automatically assesses the security state of every discovered asset throughout the entire technology stack, including the cloud control plane, operating system, applications and business data. The platform can deliver complete visibility into issues such as compromised resources, vulnerable software, and misconfigurations.


CEO: Karim Hijazi

Prevailion was founded in 2017, and in July closed a $10 million Series A round led by AllegisCyber to invest in engineering and sales executives and create an industry-leading Tailored Intelligence team. Legion Capital Partners made a strategic investment in Prevailion four months later to give the company access to Managing Partner Mike Viscuso’s breadth of knowledge, connectivity, and relationships.

The Columbia, Md.-based company also plans to use the proceeds to continue growing its internal and external legal, policy, and operational expertise. Prevailion received $2 million in seed financing in April 2018 as a winner of the inaugural DataTribe challenge in recognition of their vision to disrupt cybersecurity and data science.

Prevailion is a business compromise intelligence platform that uses nation-state level tools to clandestinely monitor the internet to catch breaches before they happen. The company said it transforms the way organizations approach risk mitigation and business decision-making by providing a full view of confirmed evidence of compromise for customers and their partner ecosystems.

Sonrai Security

CEO: Brendan Hannigan

Sonrai Security was founded in 2017, and in January closed a $18.5 million Series A round led by Polaris Partners and TenEleven Ventures to deliver unparalleled data and identity control across all cloud accounts and within any data store.

The New York-based company provides a common interface with deep granularity and extensibility for both SecOps and DevOps teams, enabling both comprehensive data security and confident compliance. By focusing on data and users, Sonrai offers the ability to assess and reduce risk, comprehensively monitor usage and movement, and enforce accountability on the most critical assets.

Sonrai Co-Founder Hannigan was previously general manager of IBM Security, which he helped establish and grow to become a $2 billion division. Hannigan joined IBM following its 2011 acquisition of security intelligence and analytics company Q1 Labs, where he had served as CEO.


CEO: Vishal Jain

Valtix was founded in 2018, and in June closed a $14 million Series A round led by Trinity Ventures, Vertex Ventures and Wing Venture Capital to remove the security barrier for enterprise cloud adoption by making inline network security simple and automatic.

The Santa Clara, Calif.-based company said its offering runs as a cloud native service, targets the pain of security management, and accelerates security agility. The platform automatically discovers new applications that run in the cloud and automatically follows these applications to ensure the right inline security rules and protections are applied.

Valtix in October enabled AWS customers to get superior speed, throughputs and parallel performance for network security protection within the public cloud that was previously only available on-prem. And a new offering in November allows users of Valtix Cloud Firewall with Valtix Cloud Controller to discover, deploy and defend the network security threat landscape across cloud applications and API services.


CEO: Netanel Davidi

Vdoo was founded in 2017, and in April closed a $32 million Series B round led by WRV Capital and GGV Capital to increase market adoption of its IoT security platform while also expanding its technical capabilities.

The Tel Aviv, Israel-based company said the proceeds will be used to deliver comprehensive automated analysis capabilities - including zero-day vulnerabilities detection - that enable device vendors to implement unprecedented security levels at scale. The round will fuel the expansion of a rapidly growing partner and distribution network, which already includes NTT, Macnica, DNP and Fujisoft in Japan.

Vdoo in January debuted its Embedded Runtime Agent (ERA), which is automatically tailored for each device based on an analysis of its firmware binary. The Vdoo agent is focused on the device’s threat landscape and resources, while avoiding any significant performance or functionality impact to the device.