Startups Directory

Expel is a 24/7 managed SOC (Security Operations Center) that monitors cloud, hybrid, and on-premises environments using its proprietary Expel Workbench platform paired with expert security analysts. Unlike traditional MSSPs, Expel operates with complete transparency—customers see the same interface and investigation details as Expel analysts, eliminating the black box. The company helps organizations stop cyberattacks faster by extracting maximum value from existing security investments through API-based integrations that deploy in hours, not weeks.

Wiz is a cloud-native security platform that provides real-time visibility across multi-cloud environments (AWS, Azure, GCP, OCI, Kubernetes) using agentless APIs and graph-based analysis. It identifies exploitable attack paths and prioritizes risk based on business impact, enabling security teams to fix issues before they reach production. The platform serves enterprise security teams and has won over 40% of Fortune 100 companies with its unified "single pane of glass" approach to cloud security.

Saviynt's Identity Cloud is an AI-powered platform that maps, governs, and secures all types of identities—human, machine, and AI agents—across on-premises, cloud, and hybrid environments. The platform unifies identity governance and administration (IGA), privileged access management (PAM), application access governance, and identity security posture management into a single SaaS solution. It helps enterprises automate lifecycle tasks like onboarding, offboarding, access reviews, and compliance reporting while enforcing just-in-time security principles. Saviynt serves 600+ enterprises including more than one-fifth of the Fortune 100, managing over 100 million identities at half the cost of competitors like SailPoint.

Invicti Security is an application security platform that unifies DAST, SAST, IAST, SCA, API security, secrets scanning, and container security to help enterprises identify and remediate vulnerabilities across their application portfolio. The platform's core differentiator is proof-based scanning, which safely exploits potential vulnerabilities to confirm they are real and exploitable, achieving 99.98% accuracy and eliminating alert fatigue. Invicti serves over 3,600 organizations globally across banking, healthcare, government, and technology sectors.

1Password is a zero-knowledge password manager that securely stores and organizes credentials, payment cards, and personal information in an encrypted vault accessible only through a master password or biometric authentication. Used by over 100,000 businesses including IBM, Slack, and Shopify, it employs a two-key security model (account password plus Secret Key) that makes brute-force attacks practically impossible. The platform includes browser plugins for autofill, strong password generation, and team collaboration features, positioning itself as a 'human-centric' security solution that lets users focus on productivity rather than security complexity.

SentinelOne's Singularity Platform is a unified, AI-driven endpoint security solution that prevents, detects, and autonomously responds to threats across endpoints, IoT devices, and cloud workloads in real-time. The platform uses patented behavioral AI and machine learning to block known and unknown threats without relying on signatures, with autonomous decision-making at the device level rather than requiring cloud decisions. A key differentiator is the one-click instant rollback capability that reverts systems to a safe state before damage occurs. Enterprise customers across all industries rely on SentinelOne to protect trillions of dollars in enterprise value across millions of endpoints.

Ten Eleven Ventures is the original cybersecurity-focused venture capital firm investing across all stages, from seed to growth equity. Founded in 2014 and managing over $1 billion in assets under management, the firm exclusively targets exceptional founders addressing critical digital security challenges, including AI defense systems and privacy technologies. Beyond capital deployment, Ten Eleven operates as a platform for the cybersecurity community through technical coaching and curated retreats connecting portfolio founders with senior security professionals. The firm has generated 7 unicorns and 21 acquisitions including Cylance ($1.4B), KnowBe4 ($4.6B), and Ping Identity.

Orca Security provides agentless cloud security scanning for AWS, Azure, and Google Cloud environments using proprietary SideScanning technology that analyzes block storage without deploying agents or impacting workload performance. The platform delivers instant visibility across multi-cloud infrastructure, detecting vulnerabilities, misconfigurations, malware, and compliance violations. Orca serves enterprise organizations requiring rapid deployment, complete cloud asset visibility, and minimal operational overhead. The company has achieved $1.8B valuation with backing from Google, Temasek, and other tier-one investors.

Cyera is an AI-native data security platform that discovers, classifies, governs, and protects sensitive data across cloud, SaaS, on-premise, and AI environments. It converges Data Security Posture Management (DSPM), Data Loss Prevention (DLP), and identity into a single unified platform. The platform deploys agentlessly in five minutes with an AI-powered classification engine delivering 95% accuracy, and includes Browser Shield for real-time visibility and policy enforcement on AI tool usage. Cyera secures data for 20% of the Fortune 500 across financial services, retail, healthcare, technology, and telecom.

ReliaQuest's GreyMatter platform is an XDR-based security operations platform that consolidates alerts and telemetry from siloed security tools (SIEM, EDR, IDS, cloud, antivirus, firewall) into a single normalized view without requiring a data lake. The platform uses AI and automation to reduce duplicate alerts by 41-43% and enables automated threat containment within 5 minutes of detection. GreyMatter Discover, launched October 2025, unifies asset data across security and cloud tools to surface exposures and enable immediate action.

NinjaOne is a unified IT operations platform that consolidates endpoint management, patch management, backup, and remote access into a single console. It serves MSPs and enterprises struggling with endpoint sprawl—over 50% of employees use 4-5 devices daily, yet 90% of organizations can't actively monitor all endpoints. The platform automates IT tasks, improves security, and reduces operational costs through a lightweight agent that provides centralized visibility and control across Windows, Mac, Linux, and mobile devices.

Socure is an AI-powered identity verification and fraud prevention platform that processes identity data across 400+ authoritative sources to make real-time verification decisions in milliseconds. The platform serves financial services, fintechs, gaming, healthcare, and e-commerce companies seeking to approve more customers while reducing fraud risk. Socure's self-learning models improve with each verification through feedback from its Risk Insights Network of 2,300+ customers, enabling significantly higher auto-approval rates for underserved demographics like Gen Z and immigrants.

Armis provides an agentless cybersecurity platform that identifies, monitors, and protects managed, unmanaged, and IoT devices across enterprise networks in real-time. Unlike traditional solutions requiring agent installation, Armis uses passive network monitoring and an AI-powered Asset Intelligence Engine to detect threats across the entire attack surface regardless of device type or operating system. The platform serves Fortune 100/500 companies and government entities, delivering comprehensive asset visibility and threat detection without the operational overhead of agent deployment.

SonarSource provides a unified code quality and security analysis platform that scans over 750 billion lines of code daily across 35+ programming languages. The company offers SonarQube (self-managed and cloud), SonarQube for IDE, and related tools to help engineering teams prevent bugs, vulnerabilities, and code quality issues before they reach production. Used by 75% of Fortune 100 companies and 7M+ developers globally, SonarSource positions itself as the 'clean code' platform combining quality, security, and maintainability—differentiating from point solutions focused solely on security.

NetSPI is the pioneer of Penetration Testing as a Service (PTaaS), combining AI-driven speed with 350+ in-house pentesters to deliver continuous attack surface management, expert-validated vulnerability findings, and streamlined remediation workflows. The platform serves Fortune 500 companies, including 9 of the top 10 U.S. banks, 4 of the top 5 cloud providers, and 4 of the top 5 healthcare companies. NetSPI differentiates through its 20+ year history, proprietary Resolve™ orchestration platform, and integrated approach spanning penetration testing, attack surface management, and breach simulation.

Netskope is a cloud-native security platform that provides converged security and networking services through a CASB (Cloud Access Security Broker) and SASE architecture. The company monitors and governs cloud, SaaS, web, and private application traffic while preventing data theft and malware attacks using policies, algorithms, and heuristics. Netskope serves enterprises needing zero-trust security at scale, with 25% of Fortune 100 companies as customers. The platform went public in September 2025 after raising $1.44B across 9 funding rounds.

Arctic Wolf delivers cloud-native managed detection and response (MDR) and security operations services through its AI-driven Aurora Platform, serving mid-market to enterprise organizations across endpoints, networks, cloud environments, and web applications. The company's Security Operations Graph processes over nine trillion telemetry events weekly, built on golden datasets curated by 1,000+ security experts over 14+ years, to detect ransomware, malware, and advanced threats without alert fatigue. Arctic Wolf's managed service delivery model differentiates it from point solutions—Concierge Security Teams provide 24/7 monitoring, automated remediation, and expert analysis aligned with customer business context. The company has established itself as the system-of-record platform in cybersecurity operations, serving 6,000+ customers globally.

Sysdig is a cloud-native security platform that stops cloud attacks in real time through runtime insights and AI-powered threat detection. It delivers unified visibility across cloud workloads, identities, and services to uncover hidden attack paths and prioritize vulnerabilities that matter most. The platform combines vulnerability management, adaptive runtime defense, compliance automation, and forensics in a single agent, serving enterprise DevOps and security teams managing containerized and Kubernetes environments. Sysdig differentiates through its ContainerVision and ServiceVision technologies, offering both security and observability capabilities that competitors typically provide separately.

ID.me is a digital identity verification platform that enables users to complete one high-assurance identity verification (document + liveness check) and reuse that credential across government and private-sector portals. Operating as "Sign in with Google" for high-stakes identity, ID.me uses machine vision, AI, and SIM verification to authenticate users and allow them to maintain control of their digital identity. The platform eliminates repeated verification friction across multiple agencies and services, powering over 409 million logins annually.

eSentire is a cloud-native managed detection and response (MDR) platform that combines AI/ML with 24/7 human-led threat hunting to detect and contain cyber attacks in under 15 minutes. The company serves 2,000+ organizations across 80+ countries and 35 industries, with particular strength in financial services, legal, healthcare, and government. eSentire differentiates through its Atlas XDR platform, elite threat hunter access, and Threat Response Unit (TRU) for advanced incident investigation, complemented by digital forensics capabilities acquired through CyFIR.

Quantinuum develops trapped-ion quantum computing hardware and software middleware for enterprise applications in cybersecurity, drug discovery, materials science, and financial modeling. The company operates Helios, the world's most accurate commercial quantum computer with 98 fully connected qubits and 99.9975% single-qubit gate fidelity. Its software products, including InQuanto for quantum chemistry simulations and TKET optimization toolkit, enable organizations to run production quantum applications on Quantinuum's hardware and other quantum platforms.

SandboxAQ develops Large Quantitative Models (LQMs)—physics-aware AI systems that solve complex problems in drug discovery, cybersecurity, and GPS-denied navigation. The company spun out from Alphabet in 2022 with six years of internal R&D and serves Global 1000 enterprises through cloud-delivered software subscriptions. Unlike general-purpose LLMs, SandboxAQ's models incorporate quantitative reasoning for measurable real-world outcomes in regulated, calculation-intensive domains.

Devo is a cloud-native security analytics platform that provides SIEM, SOAR, and UEBA capabilities for information security and operations teams. Unlike traditional solutions that index and transform data, Devo stores raw data in hot format with micro-indexing, delivering query results in milliseconds and maintaining 400 days of always-hot data retention. The platform excels at real-time alerting, threat detection, compliance, and fraud prevention, with particular strength in correlating security data for deeper context and faster incident response.

Island is an enterprise-grade secure browser built on Chromium that replaces legacy security tools like SASE platforms and VDI by embedding security controls directly into the browser. It enables organizations to enforce granular, context-based policies that allow data to flow freely between enterprise apps while preventing unauthorized sharing, data leakage, and malicious activities. The browser provides last-mile controls over print, downloads, screenshots, and copy/paste even outside the browser environment, giving enterprises complete visibility and governance over user activity.

Coalition is an active cyber insurance provider that combines continuous vulnerability scanning, threat detection, and automated response with traditional insurance coverage. Unlike reactive cyber insurance that only pays claims, Coalition proactively monitors policyholders' internet-facing devices 65,000 times weekly to identify and remediate risks before incidents occur. The company serves over 100,000 SMB and mid-market customers across North America, delivering 70% lower claims frequency than the industry average while resolving 56% of incidents at no cost to policyholders.

Abnormal Security is an AI-native email and cloud application security platform that uses behavioral anomaly detection and natural language processing to stop sophisticated Business Email Compromise (BEC) attacks and account takeovers. The platform deploys via API in minutes and ingests thousands of behavioral signals to block socially engineered, payloadless attacks that bypass traditional email filters. It protects over 3,200 organizations including 25%+ of Fortune 500 companies across email, Microsoft 365, Google Workspace, and 12+ SaaS applications including Salesforce, Workday, and Slack. What sets Abnormal apart is its AI-first approach that replaces legacy Secure Email Gateways with autonomous threat detection that learns legitimate business communication patterns.

Ontic is a Connected Intelligence Platform that unifies security operations by aggregating threat indicators, OSINT data, and case management into a single system of record. It serves Fortune 500 companies and federal agencies to identify threats, assess risk, and respond faster to protect people and organizations. The platform consolidates research, incident investigation, real-time threat detection, and vulnerability assessments—solving the problem that investigators lose up to 50% of their time chasing down disparate data sources.

Critical Start delivers AI-assisted managed detection and response (MDR) with contractual response accountability, combining 24x7 AI-accelerated threat detection with human-validated investigation across IT and OT environments. The platform uses the Trusted Behavior Registry (TBR) Agent to filter known-good behavior and surface true threats faster, with guaranteed sub-60-minute time-to-respond for critical alerts. Serving global enterprises in finance, healthcare, and manufacturing, Critical Start differentiates through complete signal coverage, flexible deployment, and transparent SLA-backed service delivery.

Axonius is a cybersecurity asset management platform that aggregates and normalizes security data from 1,100+ business, IT, and security sources to provide unified visibility across endpoints, cloud services, and SaaS applications. The agentless, single virtual appliance integrates with 300+ security and IT solutions and automatically identifies security gaps while enforcing policies. It serves enterprise organizations including Fortune 500 companies and federal agencies seeking complete asset inventory and automated policy validation across their entire infrastructure.

Aleo is a Layer 1 blockchain that uses zero-knowledge proofs to enable private, scalable decentralized applications. Unlike traditional blockchains where validators execute every transaction, Aleo offloads smart contract execution off-chain through a Prover Market, allowing users to hide transaction details while processing thousands of transactions per second. The platform combines general-purpose programmability with privacy by default, differentiating itself as one of the first blockchains to leverage zero-knowledge technology for both privacy and scalability.

Blackpoint Cyber delivers 24/7 managed detection, response, and remediation (MDR) services powered by a human-led Security Operations Center. The platform detects advanced threats by identifying malicious use of legitimate IT administration tools—a blind spot for traditional EDR and antivirus solutions. Built specifically for MSPs and their customers, Blackpoint eliminates alert fatigue by taking remediation action in real-time rather than leaving it to customers.

CyberCube provides AI-powered cyber risk analytics and modeling software that translates cybersecurity exposures into quantified financial risk for insurance underwriting and portfolio management. The platform serves insurers, reinsurers, and brokers across the cyber insurance value chain, enabling data-driven decision-making beyond traditional underwriting factors like industry and geography. CyberCube's actuarial science combined with big data AI can predict risk multipliers (2x, 10x, 20x) for individual companies, and has demonstrated forecast accuracy within 1% of actual industry loss ratios. The company is trusted by 75% of top 40 US/European cyber insurers and commands over two-thirds of the global cyber reinsurance market by premium.

DataBahn.ai is an AI-powered data pipeline and fabric platform that enables enterprises to securely collect, enrich, orchestrate, and optimize telemetry across security, application, observability, and IoT/OT systems. The platform solves critical challenges in SOCs by automating the identification and filtering of redundant, duplicated, or noisy security telemetry—over 80% of which may be unnecessary—reducing SIEM costs by up to 50% while maintaining incident detection coverage. With 500+ integrations and AI agents like Cruz (which detects schema drift) and the newly launched AIDI (Autonomous In-Stream Data Intelligence), DataBahn processes data in transit rather than after delivery, ensuring it arrives normalized, classified, and ready for use.

Tailscale is a Zero Trust identity-based connectivity platform that replaces legacy VPNs, SASE, and PAM solutions by enabling secure private networks through peer-to-peer mesh networking built on WireGuard. It connects remote teams, multi-cloud environments, CI/CD pipelines, Edge/IoT devices, and AI workloads without requiring port forwarding, firewall rule changes, or complex VPN configurations. The platform uses advanced NAT traversal (STUN/ICE) and DERP relay protocols to establish direct encrypted connections across any network topology. Trusted by 10,000+ paid business customers including Fortune 500 companies, AI startups like Mistral and Hugging Face, and enterprises like Duolingo, Instacart, and Revolut.

Contrast Security embeds runtime security sensors directly into application code to detect vulnerabilities and attacks in real time across the entire software lifecycle. Unlike traditional static or dynamic scanning tools, it uses patented deep security instrumentation to observe actual data flows and execution paths in development, testing, and production environments. The platform combines IAST (Interactive Application Security Testing) and RASP (Runtime Application Self-Protection) capabilities in a single solution, dramatically reducing false positives and enabling developers and security teams to act on real threats. Trusted by Fortune 500 companies including BMW, AXA, and NTT.

Vanta is an agentic trust platform that automates compliance and security monitoring by performing 1,200+ control checks hourly across 35+ global frameworks. It replaces manual, point-in-time compliance processes with continuous monitoring and AI-powered automation that reduces audit completion times by 50%. The platform integrates with 300+ systems to collect evidence automatically and power real-time risk detection, enabling organizations to maintain compliance at scale without manual overhead.

Sublime Security is an AI-powered email security platform that deploys autonomous agents to detect, triage, and stop targeted email attacks in real time. Built on Message Query Language (MQL), a domain-specific language for email behavior detection, it enables security teams to write and deploy custom defenses without MX record changes across Microsoft 365 or Google Workspace. The platform combines transparency and flexibility with autonomous threat investigation, reducing manual review work by 62% while catching significantly more threats than traditional blackbox solutions.

CHEQ is a go-to-market security platform that protects digital customer journeys by distinguishing legitimate users from bots, fraudsters, and malicious actors using real-time traffic, identity, and threat intelligence. The platform processes 6 trillion signals daily across 1 million domains with a false positive rate below 0.009%, serving over 15,000 brands globally. CHEQ's modular suite includes acquisition protection, form validation, analytics integration, and privacy compliance tools, delivering an estimated 671% ROI by eliminating wasted marketing spend on invalid traffic.

Torq is an AI-driven security hyperautomation platform that automates threat detection, investigation, prioritization, and response across enterprise security operations. The platform uses agentic AI (notably its Socrates agent) to autonomously handle alert triage, case management, and threat remediation at scale, claiming to resolve 95% of Tier-1 alerts without human intervention. It serves Fortune 500 enterprises and MSSPs seeking to reduce mean time to respond (MTTR) and investigation overhead, positioning itself as an open, modern alternative to monolithic legacy SOAR platforms from Palo Alto Networks and Splunk.

BlueVoyant is an AI-driven managed cybersecurity platform that provides real-time threat monitoring, detection, and response across networks, endpoints, supply chains, and digital footprints (clear, deep, and dark web). The platform integrates managed detection and response, third-party risk management, and digital risk protection into a single unified solution. Founded by former U.S. Cyber Command and NSA officials alongside intelligence veterans, BlueVoyant serves 900+ clients across 40+ countries, combining advanced threat intelligence with automated response mechanisms to reduce detection and response times.

Tines is a no-code AI orchestration platform that enables security and IT teams to automate mission-critical workflows without writing code. It serves as the integration layer between disparate security and IT tools, allowing teams to build intelligent agents that monitor alerts, manage compliance, handle employee lifecycle, and orchestrate patch management. Founded by former security leaders from eBay and DocuSign who experienced the pain of manual security operations firsthand, Tines has grown to a $1.125B valuation with 378 employees.

Semperis is an enterprise identity protection platform that enables organizations to automatically recover from Active Directory disasters, cyberattacks, and accidental changes. The platform combines hybrid identity threat prevention, detection, response, and purpose-built disaster recovery using patented technology that decouples Active Directory from the underlying operating system to prevent malware reinfection. It serves Fortune 500 enterprises across financial services, healthcare, government, and other industries worldwide. The company achieved unicorn status in 2024 with $1B valuation after growing to $100M ARR.

SparkCognition is an industrial AI company that delivers machine learning solutions for predictive maintenance, anomaly detection, and cybersecurity. The platform uses IoT sensor data and advanced algorithms to predict equipment failures before they occur, identify cyber threats, and optimize operations across industrial assets like turbines, pumps, and generators. SparkCognition serves energy, manufacturing, and maritime sectors, helping operators avoid costly downtime and reduce operational inefficiencies by billions of dollars.

Versa Networks provides a unified SASE (Secure Access Service Edge) platform that converges SD-WAN, next-generation firewall, zero-trust network access, and security services on a single OS and software stack. Built from the ground up rather than assembled from point products, Versa serves enterprises and service providers globally with on-premises, cloud, and hybrid deployment options. The platform eliminates vendor sprawl and complexity by delivering full network and security convergence with centralized management and policy enforcement across WAN, LAN, cloud, and data center environments.

Cybereason is a cybersecurity platform combining EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), and next-gen antivirus to detect and remediate threats across endpoints, servers, cloud workloads, and networks. Founded by Israeli Unit 8200 veterans, the platform uses behavioral analysis and cross-machine correlation to identify complex attacks with exceptional accuracy. The company has achieved perfect scores in MITRE ATT&CK evaluations and is trusted by Fortune 500 companies including Lockheed Martin. It differentiates through deep expertise in offensive cyber operations translated into defensive capabilities, enabling threat hunting and root cause analysis at scale.

Silverfort provides agentless, proxyless Runtime Access Protection (RAP) that extends MFA, risk-based authentication, and Zero Trust policies across all enterprise systems—on-premise, cloud, and legacy applications—without requiring endpoint or application modifications. It integrates directly with existing Active Directory and identity systems to analyze authentication risk in real-time and enforce MFA on resources previously unprotectable by traditional solutions. Silverfort serves over 1,000 enterprise customers globally and differentiates through its ability to protect legacy, custom, and command-line tools that competitors cannot cover.

SpyCloud is a cybercrime analytics platform that recaptures and analyzes darknet breach and malware data to protect enterprises from identity-based attacks. The company operates the world's largest repository of compromised credentials and malware intelligence, enabling organizations to detect and remediate exposures across employees, contractors, customers, and non-human accounts in minutes. SpyCloud integrates with existing security infrastructure (EDR, IdP, SIEM, SOAR) to automate identity risk mitigation at scale, serving half of the Fortune 10 and government agencies globally.

Cyberhaven is a unified data security platform that combines DSPM, DLP, insider risk management, and AI security with deep data lineage capabilities. It records every event for every piece of data—every move, copy, edit, and share—across endpoints and cloud applications to provide complete visibility into how data moves throughout an organization. The platform delivers 95% fewer false positives than traditional DLP solutions and enables customers to investigate incidents up to five times faster. Founded by five PhD researchers, it's trusted by top 5 North American banks, Fortune 500 companies, and highly regulated enterprises.

Horizon3.ai provides NodeZero, an autonomous penetration testing platform that safely executes real attack techniques at scale without agents or network disruption. The platform discovers and exploits vulnerabilities by chaining attack paths together—exactly as real attackers would—across internal networks, external surfaces, cloud infrastructure (AWS, Azure, Kubernetes), and web applications. Built by veterans in tech and military, it's trusted by 3,000+ organizations including Fortune 500 companies and national defense partners who need continuous proof of their security posture.

Coro is a unified cybersecurity platform that consolidates 14 integrated modules—including EDR, SASE, email security, and threat detection—into a single solution for SMBs and mid-market companies. Using AI-driven automation, it detects and remediates over 92% of threats automatically while maintaining ease of use and affordability. The platform is designed to replace 15-25 disparate security tools, reducing complexity and cost for organizations that lack dedicated security teams.