- Cybersecurity, privacy and security startups have raised $1.9 billion in three months this year, on pace to reach $7.6 billion or more in 2021, over four times more than was raised throughout 2010 ($1.7 billion), according to a Crunchbase Pro query today.
- 22,156 startups who either compete in or rely on cybersecurity, security and privacy technologies and solutions as a core part of their business models today, 122 have pre-seed or seed funding in the last twelve months based on a Crunchbase Pro query.
- From network and data security to I.T. governance, risk measurement, and policy compliance, cybersecurity is a growing industry estimated to be worth over $300B by 2025, according to C.B. Insight’s Emerging Trends Cybersecurity Report downloadable here.
Today, 680 cybersecurity, privacy, and security startups have received $6.8 billion in funding over the last twelve months, with $4 million being the median funding round and $12.6 million the average funding round for a startup. The number of startups receiving funding this year, funding amounts and the methodology to find the top 20 cybersecurity startups are all based on Crunchbase Pro analysis done today.
New startups and established vendors are attracting record levels of investment as all organizations look to thwart increasingly complex, costly and unpredictable cyberattacks. There is an arms race going on between cyber attackers using A.I. and machine learning and the many startups and existing vendors whose goal is to contain them. CBInsights and PwC recently published their latest quarterly joint study of the venture capital landscape, MoneyTree™ Report, Q4, 2020. The study finds that monitoring and security deals were the third fastest-growing vertical in 2020, with Q4 being exceptional for all verticals, as the heat map below shows:
The 20 Best Cybersecurity Startups To Watch In 2021
Based on a methodology that equally weighs a startup’s ability to attract new customers, current and projected revenue growth, ability to adapt their solutions to growing industries and position in their chosen markets, the following are the top 20 cybersecurity startups to watch in 2021:
Axis Security – Axis Security’s Application Access Cloud™ is a purpose-built cloud-based solution that makes application access across networks scalable and secure. Built on zero-trust, Application Access Cloud offers a new agentless model that connects users online to any application, private or public, without touching the network or the apps themselves. Axis Security is a privately held company backed by Canaan Partners, Ten Eleven Ventures, and Cyberstarts. Axis is headquartered in San Mateo, California, with research and development in Tel Aviv, Israel.
Bitglass – What makes Bitglass unique and worth watching is how they are evolving their Total Cloud Security Platform to combine cloud access security brokerage, on-device secure web gateways, and zero-trust network access to secure endpoints across all devices. Its Polyscale Architecture is delivering uptimes of 99.99% in customer deployments. Bitglass’s 2020 Insider Threat Report has several interesting insights based on their recent interviews with a leading cybersecurity community. One interesting takeaway is 61% of those surveyed experienced an insider attack in the last 12 months (22% reported at least six).
Cado Security – Cado Security’s cloud-native forensics and response platform helps organizations respond to security incidents in real-time, averting potential breaches and security incidents. The Cado Response platform is built on analytics components that perform thorough forensic analyses of compromised systems. Cado’s platform, Cado Response, is an agentless, cloud-native forensics solution that allows security professionals to quickly and comprehensively understand an incident’s impact across all environments, including cloud and containers as well as on-premise systems. “Finding the root cause of security incidents in cloud or container environments is incredibly difficult. Traditional tools don’t support these new environments, and there is a shortage of people who know both forensics and cloud security,” said CEO James Campbell, formerly Director, Cyber Threat Detection and Response at PricewaterhouseCoopers. “Our Cado Response platform completely changes how security professionals can respond to incidents in the cloud.”
Confluera – Originally mentioned as one of the 20 Best Cybersecurity Startups To Watch In 2020, Confluera’s sustained innovation pace in the middle of a pandemic deserves special mention. They are one of the most resilient startups to watch in 2021.Confluera is a cybersecurity startup helping organizations find sophisticated security attacks going on inside of corporate infrastructures. The startup delivers autonomous infrastructure-wide cyber kill chain tracking and response by leveraging the ‘Continuous Attack Graph’ to stop and remediate cyber threats in real-time deterministically. Confluera’s platform is designed to detect and prevent attackers from navigating infrastructure. Confluera technology combines machine comprehended threat detection with accurately tracked activity trails to stop cyberattacks in real-time, allowing companies to simplify security operations radically. It frees up human security personnel to focus on more important work instead of spending hours trying to join the dots between the thousands of alerts they receive daily, many of which are false positives. The following is a video that explains how Confluera XDR for Cloud Infrastructure works:
DataFleets – DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance. The platform provides data scientists and developers with a “data fleet” that allows them to create analytics, ML models, and applications on susceptible data sets without direct access to the data. Each data fleet has easy-to-use APIs, and under-the-hood, they ensure data protection using advances in federated computation, transfer learning, encryption, and differential privacy. DataFleets helps organizations overcome data privacy and innovation struggle by maintaining data protection standards for compliance while accelerating data science initiatives.
DefenseStorm – DefenseStorm’s unique approach to providing cybersecurity and cyber-compliance for the banking industry make them one of the top startups to watch in 2021. Their DefenseStorm GRID is the only co-managed, cloud-based and compliance-automated solution of its kind for the banking industry. It monitors everything on a bank’s network. It matches it to defined policies for real-time, complete and proactive cyber exposure readiness, keeping security teams and executives updated on bank networks’ real-time security status. The company’s Threat Ready Active Compliance (TRAC) Team augments its bank customers’ internal teams to protect business continuity and skills availability while ensuring cost-effective coverage and management.
Enso Security – Enso is an application security posture management (ASPM) platform startup known for the depth of its insights and expertise in cybersecurity. With Enso, software security groups can scale and gain control over application security programs to protect applications systematically. The Enso ASPM platform discovers application inventory, ownership, and risk to help security teams quickly build and enforce security policies and transform AppSec into an automated, systematic discipline.
Ethyca – Ethyca is an infrastructure platform that provides developers and product teams with the ability to ensure consumer data privacy throughout applications and services design. It also provides your product, engineering, and privacy teams with unmatched ease of use and functionality to better care about your user’s data. The company helps companies discover sensitive data and then provides a mechanism for customers to delete, see, or edit their data from the system. Ethyca’s mission is to increase trust in data-driven business by building automated data privacy infrastructure. Ethyca’s founder and CEO Cillian Kiernan is a fascinating person to speak with on the topics of privacy, security, GDPR, and CCPA compliance. He continues to set a quick pace of innovation in Ethyca, making this startup one of the most interesting in data privacy today. Here’s an interview he did earlier this year with France 24 English:
Havoc Shield – Havoc Shield reduces the burden on small and medium businesses (SMBs) by giving them access to advanced security technology that protects against data breaches, phishing, dark web activity, and other threats. The Havoc Shield platform offers comprehensive security and compliance features that meet the standards of Fortune 100 companies, making it easier for businesses working to win deals with those companies. “For a long time, cybersecurity technology has been virtually inaccessible to small businesses, who largely can’t afford those resources,” said Brian Fritton, CEO and co-founder of Havoc Shield. “We created Havoc Shield because we believe in democratizing cybersecurity for the little guy. Small businesses deserve the ability to protect what they’ve built, just as much as larger companies that have dedicated cybersecurity staff.” Since the end of Q2 2020, Havoc Shield has quadrupled its client list. In the coming months, the company aims to grow its team to help more small businesses protect themselves from threats and achieve customer trust.
Illumio – Widely considered the leader in micro-segmentation that prevents the spread of breaches inside data centers and cloud environments, Illumio is one of the most interesting cybersecurity startups to watch in 2021. Enterprises such as Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite use Illumio to reduce cyber risk and achieve regulatory compliance. The Illumio Adaptive Security Platform® uniquely protects critical information with real-time application dependency and vulnerability mapping coupled with micro-segmentation that works across any data center, public cloud, or hybrid cloud deployment on bare-metal, virtual machines, and containers. The following video explains why Illumio Core is a better approach to segmentation.
Immuta – Immuta was founded in 2015 based on a mission within the U.S. Intelligence Community to build a platform that accelerates self-service access to and control sensitive data. The Immuta Automated Data Governance platform creates trust across data engineering, security, legal, compliance, and business teams to ensure timely access to critical data with minimal risk while adhering to global data privacy regulations GDPR, CCPA, and HIPAA. Immuta’s automated, scalable, no-code approach makes it easy for users to access the data they need when they need it while protecting sensitive information and ensuring customer privacy. Selected by Fast Company as one of the World’s 50 Most Innovative Companies, Immuta is headquartered in Boston, MA, with offices in College Park, MD, and Columbus, OH.
Isovalent – Isovalent makes software that helps enterprises connect, monitor and secure mission-critical workloads in modern, cloud-native ways. Its flagship technology, Cilium, is the choice of leading global organizations, including Adobe, Capital One, Datadog, GitLab, and many more. Isovalent is headquartered in Mountain View, CA, and is backed by Andreessen Horowitz, Google and Cisco Investments. Earlier this month, Isovalent announced that it had raised $29 million in Series A funding, led by Andreessen Horowitz and Google with participation from Cisco Investments. Google recently selected Cilium as the next-generation dataplane for its GKE offering calling Cilium “the most mature eBPF implementation for Kubernetes out there” in its “New GKE Dataplane V2 increases security and visibility for containers” blog: https://cloud.google.com/blog/products/containers-kubernetes/bringing-ebpf-and-cilium-to-google-kubernetes-engine.
JupiterOne – JupiterOne, Inc. reduces cloud security cost and complexity, replacing guesswork with granular data about cyber assets and configurations. The company’s software helps security operations teams shorten the path to security and compliance and improve their overall posture through continuous data aggregation and relationship modeling across all assets. JupiterOne customers include Reddit, Databricks, HashiCorp, Addepar, Auth0, LifeOmic, and OhMD. Earlier this year, JupiterOne received $19 million in venture funding. The Series A round was led by Bain Capital Ventures, with additional investment from Rain Capital, LifeOmic, and individual investors. “JupiterOne has developed a compelling product that integrates quickly, has applicability across enterprise segments, and is highly reviewed by current customers,” said Enrique Salem, partner at Bain Capital Ventures and former CEO at Symantec. Salem now joins the JupiterOne board. “We see a multibillion-dollar market opportunity for this technology across mid-market and enterprise customers. Asset management is the first step in building a successful security program, and it’s currently a tedious, imperfect process that’s well-suited for automation.”
Lightspin – Lightspin is a pioneer in contextual cloud security protecting native, Kubernetes, and microservices from known and unknown risks and has recently announced a $4 million seed funding round on November 24th. They will use the proceeds of the round to finance continued R&D on how to secure cloud infrastructures. The financing round was led by Ibex Investors LLC, the firm’s first global investment from its new $100 million early-stage fund, and also included participation from private angel investors. Lightspin’s technology uses graph-based tools and algorithms to provide rapid, in-depth visualizations of cloud stacks, analyze potential attack paths and detect the root causes, all of which are the most critical vulnerabilities that attackers can exploit.
Orca Security – Orca Security is noteworthy for its innovative approach to providing instant-on, workload-deep security for AWS, Azure, and GCP without the gaps in agents’ coverage and operational costs.Orca integrates cloud platforms as an interconnected web of assets, prioritizing risk based on environmental context. Delivered as SaaS, Orca Security’s patent-pending SideScanning™ technology reads cloud configuration and workloads’ runtime block storage out-of-band, detecting vulnerabilities, malware, misconfigurations, lateral movement risk, weak and leaked passwords, and unsecured PII.
SECURITI.ai – SECURITI.ai is an AI-Powered PrivacyOps company that helps automate all significant functions needed for privacy compliance on a single platform. It enables enterprises to grant individual and group rights to data and comply with global privacy regulations like CCPA and bolster their brands. They collect and manage consent from multiple sources, including web properties, web forms, and SaaS applications. Their AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. SECURITI.ai was founded in November 2018 and is headquartered in San Jose, California.
SecureStack – SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing them to become security experts. The results are faster time to business and a 60%-70% reduction in the app attack surface.
The SecureStack platform’s intelligent automation manages security controls across distributed infrastructures using rules and profiles customizable by customers. SecureStack is noteworthy for its analytics and logging expertise in helping enterprises scale applications across cloud infrastructures.
Stairwell – What makes Stairwell one of the top startups to watch in 2021 is its unique approach to cybersecurity built around a vision that all security teams should be able to determine what alerts are threat-related or not and why. Mike Wiacek, the founder of Google’s Threat Analysis Group and co-founder and former Chief Security Officer of Alphabet moonshot Chronicle, leads the company as its CEO and founder. Wiacek is joined by Jan Kang, former Chief Legal Officer at Chronicle, as COO and General Counsel. Stairwell is backed by Accel Venture Partners, Sequoia Capital, Gradient Ventures, and Allen & Company LLC.
Ubiq Security – What makes Ubiq Security one of the top cybersecurity startups to watch in 2021 is how rapidly their API-based developer platform is maturing while gaining traction in the market. Ubiq Security recently signed commercial agreements with the United States Army and the Department of Homeland Security. This month, the startup announced it had raised $6.4 million in a seed equity investment round. Okapi Venture Capital, an early investor in Crowdstrike, led the round with participation from TenOneTen Ventures, Cove Fund, DLA Piper Venture, Volta Global, and Alexandria Venture Investments. Ubiq will use the funds to accelerate platform development, developer relations, and customer acquisition.
Unit21 – Unit21 helps protect businesses against adversaries through a simple API and dashboard to detect and manage money laundering, fraud, and other sophisticated risks across multiple industries. Former Affirm and Shape Security employees Trisha Kothari and Clarence Chio founded Unit21 in 2018 and work with customers like Intuit, Coinbase, Gusto, and Line to create a powerful & customizable rules engine for risk and compliance teams. Unit21’s highly flexible, customizable, and intelligent cloud-based system provides a configurable engine for transaction monitoring, identity verification, case management, operations management, and analytics and reporting. On October 19th of this year, Unit21 announced a $13 million funding round led by A.Capital Ventures. Additional participation includes investors such as Gradient Ventures (Google’s A.I. venture fund), Core V.C., South Park Commons, Diane Greene (founder of VMWare), William Hockey (founder of Plaid), Chris Britt and Ryan King (founders of Chime), Sumit Agarwal (founder of Shape Security), and Michael Vaughan (former COO of Venmo). Unit21 will use the new capital to grow its product and distribution-focused management team, increase sales and marketing efforts, and sell into new industries.