The 10 Hottest Cybersecurity Startups Of 2020 (So Far)
The 10 hottest cybersecurity startups include companies solving challenges around verifying user identities without passwords, securing and isolating applications from the network, and protecting data in motion between clouds and devices.
Creating A More Secure Future
Some of the brightest minds in cybersecurity have in recent years formed companies to address everything from verifying user identities without passwords to securing and isolating applications from the network to protecting data in motion between clouds and devices.
CRN has identified 10 cybersecurity startups founded since 2018 with at least $10 million of outside funding that stood apart from the pack thanks to new funding, the launch of partner initiatives, or key product enhancements or updates. Five of the top startups are based in California, two are based in Massachusetts, and the remaining three are headquartered in Texas, Ireland and Israel, respectively.
These companies are solving security challenges such as connecting users on any device to private apps, providing fast and inexpensive visibility into public cloud platforms, and fulfilling data request obligations under new privacy regulations. Here’s a look at how the 10 hottest cybersecurity startups have made themselves sticky with partners and customers alike.
For more of the biggest startups, products and news stories of 2020, click here.
CEO: Dor Knafo
Axis Security was founded in 2018, and in March closed a $14 million Series A round led by Ten Eleven Ventures to offer organizations simple and secure control of private application access. The San Mateo, Calif.-based company employs 32 people today, up from just 10 employees a year ago, according to LinkedIn.
A month later, the company unveiled the Axis Security Partner Program (ASPP) for VARs, systems integrators, MSSPs, OEM partners and distributors to help enterprises offer secure application access for their remote workforce. The two-tier program includes business development opportunities, training, joint marketing, partner collateral, marketing co-op funds, sales leads and field account planning.
The company’s Axis Application Access Cloud provides a new agentless model for connecting users on any device in minutes to private apps without touching the network or the applications. The product solves the issue of implicitly open network access and removes the pain points of network-based security associated with Virtual Private Networks (VPNs).
CEO: Abhijit Ghosh
Confluera was founded in 2018, and in May closed a $20 million Series B round led by Icon Ventures to accelerate the adoption of autonomous security for cloud infrastructure. The Palo Alto, Calif.-based company currently employs 25 people, according to LinkedIn.
The company’s Real-time Attack Interception and Defense platform aims to deterministically stop security breaches in their tracks. Confluera said its platform shifts the cybersecurity paradigm from manually connecting the dots after-the-fact to intercepting and stopping ongoing complex, multi-stage attacks in real time.
Confluera 1.0 delivers easy to understand attack campaign stories in the form of attack progressions that are prioritized automatically based on associated risk scores, along with suggestions for response and remediation, which are fully actionable. The stories themselves contain the sequence of tactics and techniques used by the adversaries to gain deeper and wider access to the enterprise infrastructure.
CEO: Partha Panda
Cysiv was founded in 2018, and in February closed a $26 million Series A round led by ForgePoint Capital to scale business operations and fuel further platform enhancements. The Irving, Texas-based company employs 63 people today, up from just 43 employees a year ago, according to LinkedIn.
The company was incubated within Trend Micro, and launched as a partnership between Trend Micro and HITRUST, a security and privacy standards development firm, to provide advanced cyber risk management as a service to U.S. enterprises that need to better defend themselves from cyberattacks. Cysiv subsequently spun out of Trend Micro and now operates as an independent company.
Cysiv’s SOC-as-a-Service platform is technology- and vendor-agnostic, and can ingest security logs from a wide range of sources, along with other important contextual data. It leverages advanced data science techniques to automate the time-consuming, complex but critical activities for detecting, investigating and remediating hidden, evasive and emerging threats, according to the company.
CEO: Shane Curran
Evervault was founded in 2018, and in May closed a $16 million Series A funding round led by Index Ventures to allow software developers to process sensitive data in a fundamentally better, simpler and secure way. The Dublin, Ireland-based company currently employs 11 people, according to LinkedIn.
The company is building an API for data privacy that leverages “privacy cages” to empower developers to process highly sensitive data in a way that is simple, scalable and privacy-preserving. Evervault is building the API alongside specific companies that handle highly sensitive data like location data, bank account data, payments data, kids’ data, enterprise data, and health and medical data.
Evervault is aiming to distill what GDPR did in 99 Articles down to a line of code, which the company said is conceptually simple but operationally complex. Proceeds from the Series A round will allow Evervault to welcome new people to the team, but the company’s singular focus will remain around empowering developers to solve data privacy with ease.
CEO: Avi Shua
Orca Security was founded in 2019, and in March closed a $20 million Series A funding round led by GGV Capital to invest substantially in talent, go-to-market growth, and research and development. The Los Angeles-based company currently employs 47 people, up from just 21 employees a year ago, according to LinkedIn, and is looking to double its team and total business by the end of 2020.
The company said it has created the first and only cloud security tool that can within minutes find vulnerabilities, malware, misconfigurations, leaked and weak passwords, lateral movement risk, and high-risk data without agents or per asset integrations. This allows customers to gain more visibility into AWS, Azure, and GCP at a fraction of the time and operational cost of alternative solutions, Orca said.
Orca said it treats a customer’s cloud estate as an interconnected web of assets, prioritizing risk based on environmental context. As a result, Orca said it can cut through thousands of security alerts to reveal the critical few that matter, along with their precise path to remediation.
CEO: Amit Bareket
Perimeter 81 was founded in 2018, and in March closed a $4.5 million Series A extension round led by Toba Capital to support the company’s rapid growth and accelerate its development and go-to-market strategy. The Tel Aviv, Israel-based company currently employs 62 people, up from just 39 employees a year ago, according to LinkedIn.
The company rolled out Zero Trust Application Access in July, which uses device trust policy validation to authorize employees before granting them swift access to applications in a session that is fully audited and can be recorded and monitored. The tool secures the network, employees, and applications using Zero Trust guidelines, and isolates the applications from the network at all times.
Later that month, the company integrated with SentinelOne to ensures that endpoints are fully compliant and protected before they join Perimeter 81’s secure cloud-based network. Then in February, Perimeter 81 teamed up with SonicWall to make it possible for businesses to connect to a single secure network and gain access to physical and cloud resources no matter their location.
CEO: Rick Song
Persona was founded in 2018, and in January closed a $17.5 million Series A round led by First Round Capital and Coatue Management to help secure and ID both sides of any Internet transaction to reduce data breaches, deep fakes and synthetic identity fraud. The San Francisco-based company currently employs 39 people, up from just 11 employees a year ago, according to LinkedIn.
The company said it protects customers from liability by only giving them the personally identifiable information data they need to operate their business. Eliminating humans from the review process is the only way to verify identities in a secure and scalable way, so Persona said it has focused on automating what has historically been a slow and painful process.
Persona utilizes best practices such as database lookups, reverse phone lookups, document verification, government ID verification, and biometric options such as uploading a selfie and live video capture to produce a facial similarity score. The company tailors the identity verification experience based on the individual's unique risk profile to streamline the process for users while deterring fraud, Persona said.
CEO: Guru Pai
Privafy was founded in 2019, and in January the company received $22 million in minority investments to continue scaling product development for its cloud-based security business. The Burlington, Mass.-based company currently employs 63 people, up from just 36 employees a year ago, according to LinkedIn.
The company’s cloud-native application will provide comprehensive protection as data traverses between locations, clouds, mobile devices, and the Internet of Things (IoT). The application delivers a full spectrum of protection against cyberattacks, including unauthorized intrusions and access, malware attacks, DDoS and malicious service interruption, ransomware, botnets and more, Privafy said.
Privacy’s encryption protects against unauthorized snooping attacks, its endpoint identity protection defends against endpoint cloning, and its firewall technology delivers dynamic perimeter security with deep content inspection. The company is working with channel partners, broadband and wireless carriers, and next-generation managed service providers to ensure the solution is available globally.
CEO: Brian Hazzard
Randori was founded in 2018, and in April closed a $20 million Series A funding round led by Harmony Partners to grow the company’s Attack Platform and bring a continuous red team experience to market. The Waltham, Mass.-based company employs 29 people, according to LinkedIn, and plans to double its headcount over the next year with hiring across engineering, go-to-market and attack operations.
The company was started to provide CISOs with visibility into where threat actors will strike next and the ability to easily validate and understand the impact specific attacks pose to their organizations. A year later, the company debuted Randori Recon, which provides organizations with a stack ranked list of their most tempting targets.
Then in February, the Randori Attack Platform debuted to enable organizations to practice defending against real-world attacks in a safe, cost-effective and continuous manner, helping them assess where and how they are most likely to be breached. The platform mirrors today’s nation-state actors and criminal adversaries by emulating all stages of a real-world attack, according to Randori.
CEO: Rehan Jalil
Securiti.ai was founded in 2018, and in January closed a $50 million Series B funding round led by General Catalyst to continue its rapid growth around customer adoption, global presence, and product capabilities. The San Jose-based company currently employs 186 people, up from just 99 employees a year ago, according to LinkedIn.
The company debuted Privacy.ai in November to help automate all major functions needed to comply with a myriad of complex global privacy regulations in one place by using artificial intelligence and skillful bots. Firms can use Privacy.ai to fulfill their data request obligations in hours instead of weeks at a fraction of the cost of manual operations, while significantly reducing the risk of financial penalties.
By January, Privacy.ai had seen rapid adoption and processed more than 100 million identifies, prompting the company to introduce additional product enhancements as well as freemium and self-service offerings. Security.ai expanded into new regions including South America, Canada and Asia-Pacific, plus the company added new vice president positions around sales, marketing and Asia-Pacific.