- There are 21,729 startups who either compete in or rely on cybersecurity technologies and solutions as a core part of their business models today, 1,653 of which have received seed funding in the last twelve months.
- Nearly $10B was invested in privacy and security companies in 2019, an all-time high in the last decade up more than five-fold from $1.7B in 2010, according to a recent Crunchbase query.
- From network and data security to I.T. governance, risk measurement, and policy compliance, cybersecurity is a growing industry estimated to be worth over $300B by 2025, according to C.B. Insight’s Emerging Trends Cybersecurity Report downloadable here.
- C.B. Insights predicts the worldwide identity and access management (IAM) market is expected to reach $23B by 2025.
In 2020, 268 startups have raised a total of $4.7B, averaging $21M each with a median funding amount of $6.1M according to a recent Crunchbase query. The global information security and risk management end-user spending are forecast to grow at a five-year CAGR of 9.2% to reach $174.5 billion in 2022. New growth in spending is related to digital transformation, regulatory compliance, increased security threats, and response capabilities, according to Gartner’s latest market estimates. New startups continue to attract investors as cybersecurity investments are viewed as the cure for uncertainty and the proliferating, more complex nature of breach attempts.
The 20 Best Cybersecurity Startups To Watch In 2020
Get started on your cybersecurity degree at American Military University.
Based on a methodology that equally weighs a startup’s ability to attract new customers, current and projected revenue growth, ability to adapt their solutions to growing industries and position in their chosen markets, the following are the best 20 cybersecurity startups to watch in 2020:
Beyond Identity – Beyond Identity’s proprietary technology replaces passwords with fundamentally secure X.509-based certificates across organizations today. This patent-pending approach creates an extended Chain of Trust framework, the startup designed to include user and device identity, along with a real-time snapshot of the device’s security posture for adaptive risk-based authentication and authorization. Beyond identity’s cloud-native solution enables customers to increase business velocity, implement new business models, reduce operating costs, and achieve complete passwordless identity management. Beyond Identity has raised a total of $30M in funding over 1 round.
Confluera – Confluera is a cybersecurity startup helping organizations find sophisticated security attacks going on inside of corporate infrastructures. The startup delivers autonomous infrastructure-wide cyber kill chain tracking and response by leveraging the ‘Continuous Attack Graph’ to stop and remediate cyber threats in real-time deterministically. They built to detect and prevent attackers from navigating infrastructure deterministically. Confluera technology combines machine comprehended threat detection with accurately tracked activity trails to stop cyberattacks in real-time, allowing companies to simplify security operations radically. It frees up human security personnel to focus on more important work instead of spending hours trying to join the dots between the thousands of alerts they receive daily, many of which are false positives. Confluera has raised a total of $29M in funding over two rounds.
Cryptoloc Technology Group – Cryptoloc is an ISO 27001:2013 certified Australian cybersecurity firm founded in Brisbane in 2010. What makes this startup noteworthy is how they developed and patented a high-security cryptographic technology which can be deployed across four products. These products include their B2C document storage platform called Your Digital File, a B2B white-label equivalent called Vault, a secure document signing API, and an anti-counterfeiting and product tracking solution. In 2020, the startup opened its new Regional H.Q. for Europe in Cambridge, and over the next three years, they plan to recruit up to 50 people who will support the company’s presence in Europe.
Cyble – Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights into cyber threats introduced by suppliers. It enables them to respond to them faster and more efficiently. Cyble strives to be a reliable partner/facilitator to its clients, allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web, and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.
Cmd – Founded in early 2016, Cmd allows organizations to monitor and control user interaction within their Linux environment intuitively. The Cmd platform provides comprehensive visibility and real-time, pre-execution protection without the need for human intervention. Cmd is the first to design their core product to help CIOs, CTOs, and security teams log, understand, predict, and control user behavior in their Linux environment. The Cmd team believes that organizations can’t confidently predict and control user behavior until they define their baseline of “normal.” Armed with this understanding, organizations can use Cmd to build policies that restrict file access, prompt for authentication, or even block risky commands pre-execution. “Cmd was born out of the painful frustrations that we had faced personally as Security Officers protecting Linux. We knew there had to be a better way. And so we went out and created it: user-friendly, accessible solutions that made sense for modern DevOps teams operating in the cloud,” said Jake King, CEO, and co-founder. Cmd has raised a total of $21.6M in funding over two rounds.
Darktrace – Darktrace relies on A.I. and a team of mathematicians to continually fine-0tune and improves its Enterprise Immune System. The Immune System relies on machine learning and A.I. algorithms to detect and respond to cyber-threats across diverse digital environments, including cloud and virtualized networks, IoT, and industrial control systems. The technology is self-learning and requires no set-up, identifying threats in real-time and updating its understanding as the environment changes. By applying its unique machine learning, Darktrace has identified 63,500 previously unknown threats in over 5,000 networks, including zero-days, insider threats, and subtle, stealthy attacks. With 620 employees in 32 offices and dual headquarters in San Francisco and Cambridge UK, Darktrace was named ‘Most Innovative Security Company of the Year 2017,’ ‘Bloomberg Innovator,’and ‘GSN Homeland Security’award winner. The company’s valuation is $825 million, and its investors include Invoke Capital, Talis Capital, Hoxton Ventures, Summit Partners, KKR, Softbank, TenEleven, Samsung Ventures, and Insight Venture Partners.
Dathena Science – Dathena Science was founded to fulfill the vision of bringing an entirely new approach to enabling enterprises to achieve greater privacy and data security protection. Enterprises around the world face the daunting challenge of harnessing, managing, and controlling data in a more regulated environment with growing societal expectations with regards to privacy protection. Leveraging the power of the latest A.I. technologies, Dathena is delivering solutions now in production for enterprise-level customers. Dathena Science has raised a total of $12M in funding over three rounds. Their latest funding was raised on May 13, 2020, from a Series A round.
Druva – What makes Druva unique is how effectively they have been able to develop, launch, and implement their AWS-based enterprise backup data across data center, cloud, and endpoint workloads. The Druva Cloud Platform architecture and pricing have made it possible for customers to drive down backup costs by 50% by freeing themselves from the burden of unnecessary hardware, capacity planning, and software management. Druva currently has over 4,000 customers and is a privately held company headquartered in Sunnyvale, California, and is funded by Sequoia Capital, Viking Global Investors, Tenaya Capital, Riverwood Capital, and Nexus Partners.
ExtraHop – ExtraHop delivers cloud-native network detection and response to secure the hybrid enterprise. Our breakthrough approach applies advanced machine learning to all cloud and network traffic to provide complete hybrid and multi-cloud visibility, real-time threat detection, and intelligent response. With this approach, we give the world’s leading enterprises, including The Home Depot, Credit Suisse, and Caesars Entertainment, the perspective they need to rise above the noise to detect threats, ensure the availability of critical applications and secure their investment in the cloud. ExtraHop has raised a total of $61.6M in funding over five rounds.
ForgeRock – ForgeRock is breaking new ground in the areas of digital identity management and how organizations interact securely with customers, employees, devices, and things. Organizations adopt the ForgeRock Identity Platform as their digital identity system of record to monetize customer relationships, address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), and leverage the internet of things. ForgeRock serves many enterprises, including Morningstar, Vodafone, GEICO, Toyota, TomTom, and Pearson, as well as governments like Norway, Canada, and Belgium, securing billions of identities worldwide. ForgeRock has offices across Europe, the USA, and Asia.
HUB Security – HUB Security specializes in hardware security solutions for regulation and privacy, fintech, cloud, and blockchain. The startup also develops military-grade identity, and key management solutions that focus on fintech and cloud services featuring homomorphic encryption accelerated hardware and Fips140-2 level 4 designed security. Its HSM platform for cloud, finance, and blockchain applications is integrated in Swiss banks and financial institutes.
Kentik – Kentik’s innovative approach to creating, fine-tuning, and scaling network intelligence platforms for enterprises is noteworthy in its ability to find gaps in cybersecurity strategy coverage. With Kentik, businesses eliminate the visibility and intelligence gaps associated with running dynamic and complex networks and achieve greater network performance, reliability, and security. The Kentik Network Intelligence Platform integrates and analyzes diverse data streams from the internet, edge, cloud, and data center and hybrid infrastructures and provides real-time visualizations and AIOps-powered insights and automation.
Liongard – Liongard is an information technology company that specializes in providing I.T. automation, managed services, and automated documentation. It features a software application platform that enables companies, businesses, and organization management team to record and capture daily snapshots of rich configuration data for cloud, network, and on-premise systems. The company was founded in 2015 and headquartered in Houston, Texas. Liongard has raised a total of $22.8M in funding over three rounds.
Ontic – Ontic is a protective intelligence software platform that unifies real-time and historical data related to physical security threats and potential threat behaviors. Their platform enables collaboration across connected workflows so that security teams can get more relevant intelligence—faster—for early threat detection. Ontic’s automated, smart, and actionable insights allow corporate security and school leaders to identify pre-incident indicators better, assess risk, and mitigate potential threats to protect employees, facilities, students, and schools. Ontic has raised a total of $16.7M in funding over two rounds.
RiskIQ – RiskIQ provides organizations the visibility and intelligence they need to secure their Enterprise Digital Footprint and map their Adversaries’ infrastructure. RiskIQ products, powered by proprietary virtual-user technology, threat analysis engine, and global proxy network, enable an organization to defend against threats targeting its websites, mobile applications, brands, customers, and employees. RiskIQ is used by eight of the ten largest financial institutions in the U.S. and five of the nine leading Internet companies in the world. The company is headquartered in San Francisco and backed by Battery Ventures and Summit Partners.
SafeBreach – SafeBreach is a pioneer in the emerging category of breach and attack simulation. The company’s groundbreaking platform provides a “hacker’s view” of an enterprise’s security posture to predict attacks proactively, validate security controls, and improve SOC analyst response. SafeBreach automatically executes breach methods with an extensive and growing Hacker’s Playbook of research and real-world investigative data. SafeBreach is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder, and investor Shlomo Kramer.
Secret Double Octopus – Secret Double Octopus, has developed the world’s only password-free, keyless authentication technology to protect identity and data across cloud, mobile, and IoT environments. Based on Secret Sharing algorithms, originally developed to protect nuclear launch codes, Secret Double Octopus’ technology prevents cyber attackers from accessing enough critical information to be useful for attacks, eliminating brute force, man-in-the-middle, PKI manipulation, and key theft and certificate authority weaknesses. Secret Double Octopus has raised a total of $22.5M in funding over three rounds.
Semperis – Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory, on-premises, and on the cloud. The Semperis Directory Services Protection Platform provides enterprises with the capabilities to automatically restore an entire Active Directory forest, quickly recover thousands of objects or a single crucial attribute, and instantly revert to a previous Active Directory state. Semperis customers include Fortune 500 companies and enterprises spanning financial, healthcare, government, and other industries worldwide. Semperis has raised a total of $40M in funding over six rounds.
Source Defense – What makes Source Defense noteworthy is its unique approach to preventing attacks on websites and web properties of third-party origin. Their SaaS-based platform allows a site owner to set and enforce permissions, receive real-time alerts, and monitor third-party vendors’ behavior in real-time. By removing the security considerations from third-party integrations, Source Defense removes person-hours spent on tests and integrations, allowing sites to focus on generating revenues and new opportunities while keeping the site visitors safe and the site in high performance. Source Defense has raised a total of $20.5M in funding over three rounds.
Zero Networks – What makes Zero Networks unique is how it automates the development and enforcement of network access rules throughout an entire network. Its technology customizes who can access specific resources in a network by learning how users and machines communicate. Zero Networks provides a bypass mechanism through a two-factor authentication wall on users’ mobile phones, ensuring unusual but legitimate connections are not affected. Zero Networks was founded in 2019 and is headquartered in Tel Aviv, Israel.
Almost $10B Invested In Privacy And Security Companies In 2019; Crunchbase; By Gené Teare January 29, 2020
The Impact of COVID-19 On Global Cybersecurity Sector is Severe: Research, CISO Magazine, May 1, 2020
Where Smart Money V.C.s Are Placing Early-Stage Bets In Cybersecurity, C.B. Insights, September 5, 2019