Startups Directory

Expel is a 24/7 managed SOC (Security Operations Center) that monitors cloud, hybrid, and on-premises environments using its proprietary Expel Workbench platform paired with expert security analysts. Unlike traditional MSSPs, Expel operates with complete transparency—customers see the same interface and investigation details as Expel analysts, eliminating the black box. The company helps organizations stop cyberattacks faster by extracting maximum value from existing security investments through API-based integrations that deploy in hours, not weeks.

1Password is a zero-knowledge password manager that securely stores and organizes credentials, payment cards, and personal information in an encrypted vault accessible only through a master password or biometric authentication. Used by over 100,000 businesses including IBM, Slack, and Shopify, it employs a two-key security model (account password plus Secret Key) that makes brute-force attacks practically impossible. The platform includes browser plugins for autofill, strong password generation, and team collaboration features, positioning itself as a 'human-centric' security solution that lets users focus on productivity rather than security complexity.

SentinelOne's Singularity Platform is a unified, AI-driven endpoint security solution that prevents, detects, and autonomously responds to threats across endpoints, IoT devices, and cloud workloads in real-time. The platform uses patented behavioral AI and machine learning to block known and unknown threats without relying on signatures, with autonomous decision-making at the device level rather than requiring cloud decisions. A key differentiator is the one-click instant rollback capability that reverts systems to a safe state before damage occurs. Enterprise customers across all industries rely on SentinelOne to protect trillions of dollars in enterprise value across millions of endpoints.

Cyera is an AI-native data security platform that discovers, classifies, governs, and protects sensitive data across cloud, SaaS, on-premise, and AI environments. It converges Data Security Posture Management (DSPM), Data Loss Prevention (DLP), and identity into a single unified platform. The platform deploys agentlessly in five minutes with an AI-powered classification engine delivering 95% accuracy, and includes Browser Shield for real-time visibility and policy enforcement on AI tool usage. Cyera secures data for 20% of the Fortune 500 across financial services, retail, healthcare, technology, and telecom.

ReliaQuest's GreyMatter platform is an XDR-based security operations platform that consolidates alerts and telemetry from siloed security tools (SIEM, EDR, IDS, cloud, antivirus, firewall) into a single normalized view without requiring a data lake. The platform uses AI and automation to reduce duplicate alerts by 41-43% and enables automated threat containment within 5 minutes of detection. GreyMatter Discover, launched October 2025, unifies asset data across security and cloud tools to surface exposures and enable immediate action.

Armis provides an agentless cybersecurity platform that identifies, monitors, and protects managed, unmanaged, and IoT devices across enterprise networks in real-time. Unlike traditional solutions requiring agent installation, Armis uses passive network monitoring and an AI-powered Asset Intelligence Engine to detect threats across the entire attack surface regardless of device type or operating system. The platform serves Fortune 100/500 companies and government entities, delivering comprehensive asset visibility and threat detection without the operational overhead of agent deployment.

NetSPI is the pioneer of Penetration Testing as a Service (PTaaS), combining AI-driven speed with 350+ in-house pentesters to deliver continuous attack surface management, expert-validated vulnerability findings, and streamlined remediation workflows. The platform serves Fortune 500 companies, including 9 of the top 10 U.S. banks, 4 of the top 5 cloud providers, and 4 of the top 5 healthcare companies. NetSPI differentiates through its 20+ year history, proprietary Resolve™ orchestration platform, and integrated approach spanning penetration testing, attack surface management, and breach simulation.

Arctic Wolf delivers cloud-native managed detection and response (MDR) and security operations services through its AI-driven Aurora Platform, serving mid-market to enterprise organizations across endpoints, networks, cloud environments, and web applications. The company's Security Operations Graph processes over nine trillion telemetry events weekly, built on golden datasets curated by 1,000+ security experts over 14+ years, to detect ransomware, malware, and advanced threats without alert fatigue. Arctic Wolf's managed service delivery model differentiates it from point solutions—Concierge Security Teams provide 24/7 monitoring, automated remediation, and expert analysis aligned with customer business context. The company has established itself as the system-of-record platform in cybersecurity operations, serving 6,000+ customers globally.

eSentire is a cloud-native managed detection and response (MDR) platform that combines AI/ML with 24/7 human-led threat hunting to detect and contain cyber attacks in under 15 minutes. The company serves 2,000+ organizations across 80+ countries and 35 industries, with particular strength in financial services, legal, healthcare, and government. eSentire differentiates through its Atlas XDR platform, elite threat hunter access, and Threat Response Unit (TRU) for advanced incident investigation, complemented by digital forensics capabilities acquired through CyFIR.

Abnormal Security is an AI-native email and cloud application security platform that uses behavioral anomaly detection and natural language processing to stop sophisticated Business Email Compromise (BEC) attacks and account takeovers. The platform deploys via API in minutes and ingests thousands of behavioral signals to block socially engineered, payloadless attacks that bypass traditional email filters. It protects over 3,200 organizations including 25%+ of Fortune 500 companies across email, Microsoft 365, Google Workspace, and 12+ SaaS applications including Salesforce, Workday, and Slack. What sets Abnormal apart is its AI-first approach that replaces legacy Secure Email Gateways with autonomous threat detection that learns legitimate business communication patterns.

Cato Networks delivers a cloud-native SASE (Secure Access Service Edge) platform that converges WAN and network security into a single unified service, eliminating the need for traditional MPLS and dispersed security stacks. Built on a globally distributed private backbone, the platform uses physical or virtual Cato Sockets at network edges to route and inspect traffic through Cato's cloud infrastructure with integrated security enforcement. The company serves 3,000+ enterprises including Carlsberg and TAG Heuer Porsche Formula E, replacing legacy on-premises architectures with a subscription-based, cloud-native alternative.

Critical Start delivers AI-assisted managed detection and response (MDR) with contractual response accountability, combining 24x7 AI-accelerated threat detection with human-validated investigation across IT and OT environments. The platform uses the Trusted Behavior Registry (TBR) Agent to filter known-good behavior and surface true threats faster, with guaranteed sub-60-minute time-to-respond for critical alerts. Serving global enterprises in finance, healthcare, and manufacturing, Critical Start differentiates through complete signal coverage, flexible deployment, and transparent SLA-backed service delivery.

Verkada is an AI-powered, cloud-native security platform that unifies video surveillance, access control, alarms, intercoms, and air quality monitoring through a single integrated software interface called Verkada Command. Built by Stanford founders and a Meraki veteran, it replaces legacy hardware-based security systems with a modern, subscription-based model where sensors stream to secure cloud infrastructure with hybrid architecture for continuous operation during outages. The platform processes over 20 million images per hour to provide actionable insights like occupancy rates, foot traffic patterns, and security violations across enterprise campuses.

Axonius is a cybersecurity asset management platform that aggregates and normalizes security data from 1,100+ business, IT, and security sources to provide unified visibility across endpoints, cloud services, and SaaS applications. The agentless, single virtual appliance integrates with 300+ security and IT solutions and automatically identifies security gaps while enforcing policies. It serves enterprise organizations including Fortune 500 companies and federal agencies seeking complete asset inventory and automated policy validation across their entire infrastructure.

Upscale AI develops high-performance AI networking infrastructure combining custom silicon (SkyHammer ASICs), systems, and software to enable ultra-low-latency connections between GPUs, AI accelerators, and storage in large-scale AI clusters. The company competes directly with Nvidia's NVSwitch by building open-standards networking solutions designed for hyperscalers and AI infrastructure operators seeking scalable alternatives to proprietary architectures. Founded by serial entrepreneurs from Palo Alto Networks, Innovium, and Cavium, Upscale is backed by $300M+ in funding and positioning open standards as superior to closed ecosystems for AI infrastructure.

Blackpoint Cyber delivers 24/7 managed detection, response, and remediation (MDR) services powered by a human-led Security Operations Center. The platform detects advanced threats by identifying malicious use of legitimate IT administration tools—a blind spot for traditional EDR and antivirus solutions. Built specifically for MSPs and their customers, Blackpoint eliminates alert fatigue by taking remediation action in real-time rather than leaving it to customers.

Tailscale is a Zero Trust identity-based connectivity platform that replaces legacy VPNs, SASE, and PAM solutions by enabling secure private networks through peer-to-peer mesh networking built on WireGuard. It connects remote teams, multi-cloud environments, CI/CD pipelines, Edge/IoT devices, and AI workloads without requiring port forwarding, firewall rule changes, or complex VPN configurations. The platform uses advanced NAT traversal (STUN/ICE) and DERP relay protocols to establish direct encrypted connections across any network topology. Trusted by 10,000+ paid business customers including Fortune 500 companies, AI startups like Mistral and Hugging Face, and enterprises like Duolingo, Instacart, and Revolut.

Sublime Security is an AI-powered email security platform that deploys autonomous agents to detect, triage, and stop targeted email attacks in real time. Built on Message Query Language (MQL), a domain-specific language for email behavior detection, it enables security teams to write and deploy custom defenses without MX record changes across Microsoft 365 or Google Workspace. The platform combines transparency and flexibility with autonomous threat investigation, reducing manual review work by 62% while catching significantly more threats than traditional blackbox solutions.

NEC Corporation is a 125-year-old multinational IT and network solutions provider delivering systems integration, cloud computing, AI, IoT platforms, and telecommunications infrastructure to enterprises and governments globally. The company operates through ~15,000 systems engineers providing end-to-end design, development, deployment, and operations support. NEC differentiates through leadership in Open RAN, biometric authentication (Bio-IDIOM deployed in 70+ countries), and a patent portfolio exceeding 45,000 covering AI, 5G/6G, and cybersecurity. It serves diverse sectors including finance, government, healthcare, manufacturing, aerospace, and telecommunications across Japan and internationally.

BlueVoyant is an AI-driven managed cybersecurity platform that provides real-time threat monitoring, detection, and response across networks, endpoints, supply chains, and digital footprints (clear, deep, and dark web). The platform integrates managed detection and response, third-party risk management, and digital risk protection into a single unified solution. Founded by former U.S. Cyber Command and NSA officials alongside intelligence veterans, BlueVoyant serves 900+ clients across 40+ countries, combining advanced threat intelligence with automated response mechanisms to reduce detection and response times.

Noname Security is an AI-powered API security platform that automatically discovers, inventories, and protects all APIs across an organization's environment. The platform identifies vulnerabilities including data leakage, authorization issues, misconfigurations, and suspicious behavior without requiring agents or network modifications. It serves enterprises across financial services, healthcare, retail, and public sector, protecting over 10 million APIs and nearly $3 trillion in revenue streams. Noname was acquired by Akamai in May 2024 for $450M and is being integrated into Akamai's API Security offering.

Kai is an AI-native cybersecurity platform that autonomously performs critical security tasks across IT and OT environments without human intervention. Built from the ground up by the founders of category-defining companies Claroty and SecurityMatters, it integrates threat detection, vulnerability management, compliance automation, and remediation into a unified agentic AI system. Unlike legacy security tools that bolt AI onto fragmented dashboards, Kai reasons and acts at machine speed to eliminate human-speed bottlenecks in security operations.

Versa Networks provides a unified SASE (Secure Access Service Edge) platform that converges SD-WAN, next-generation firewall, zero-trust network access, and security services on a single OS and software stack. Built from the ground up rather than assembled from point products, Versa serves enterprises and service providers globally with on-premises, cloud, and hybrid deployment options. The platform eliminates vendor sprawl and complexity by delivering full network and security convergence with centralized management and policy enforcement across WAN, LAN, cloud, and data center environments.

Cybereason is a cybersecurity platform combining EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), and next-gen antivirus to detect and remediate threats across endpoints, servers, cloud workloads, and networks. Founded by Israeli Unit 8200 veterans, the platform uses behavioral analysis and cross-machine correlation to identify complex attacks with exceptional accuracy. The company has achieved perfect scores in MITRE ATT&CK evaluations and is trusted by Fortune 500 companies including Lockheed Martin. It differentiates through deep expertise in offensive cyber operations translated into defensive capabilities, enabling threat hunting and root cause analysis at scale.

Oasis Security is a platform for discovering, inventorying, and securing non-human identities (service accounts, API keys, secrets, tokens, certificates) across hybrid cloud environments. The platform combines automated discovery with contextual risk assessment and policy-driven remediation to enforce least privilege access without manual overhead. Founded by former Israeli intelligence operatives, Oasis has raised $195M and serves Fortune 500 enterprises including Chipotle, JLL, and Mercury Financial, achieving 5x ARR growth year-over-year.

XBOW is an AI-powered autonomous penetration testing platform that identifies and exploits vulnerabilities in web applications without human intervention. Using swarms of AI agents, it simultaneously explores multiple attack vectors, reducing testing times from weeks to hours while providing reproducible proof of exploitation. The platform is trusted by Fortune 500 companies including UKG, Samsung SDS, and Moderna, and recently ranked #1 on the HackerOne leaderboard, outperforming thousands of human hackers.

Exein develops embedded runtime security that integrates directly into device firmware to detect and prevent threats in real-time at the kernel level. The platform uses eBPF-based observability and AI-driven behavior analysis to protect IoT, industrial, automotive, and aerospace devices without degrading performance or requiring hardware changes. Unlike traditional endpoint security that detects breaches after compromise, Exein blocks malicious execution paths before they can run, eliminating entire attack classes at the edge.

Silverfort provides agentless, proxyless Runtime Access Protection (RAP) that extends MFA, risk-based authentication, and Zero Trust policies across all enterprise systems—on-premise, cloud, and legacy applications—without requiring endpoint or application modifications. It integrates directly with existing Active Directory and identity systems to analyze authentication risk in real-time and enforce MFA on resources previously unprotectable by traditional solutions. Silverfort serves over 1,000 enterprise customers globally and differentiates through its ability to protect legacy, custom, and command-line tools that competitors cannot cover.

SpyCloud is a cybercrime analytics platform that recaptures and analyzes darknet breach and malware data to protect enterprises from identity-based attacks. The company operates the world's largest repository of compromised credentials and malware intelligence, enabling organizations to detect and remediate exposures across employees, contractors, customers, and non-human accounts in minutes. SpyCloud integrates with existing security infrastructure (EDR, IdP, SIEM, SOAR) to automate identity risk mitigation at scale, serving half of the Fortune 10 and government agencies globally.

Cyberhaven is a unified data security platform that combines DSPM, DLP, insider risk management, and AI security with deep data lineage capabilities. It records every event for every piece of data—every move, copy, edit, and share—across endpoints and cloud applications to provide complete visibility into how data moves throughout an organization. The platform delivers 95% fewer false positives than traditional DLP solutions and enables customers to investigate incidents up to five times faster. Founded by five PhD researchers, it's trusted by top 5 North American banks, Fortune 500 companies, and highly regulated enterprises.

Horizon3.ai provides NodeZero, an autonomous penetration testing platform that safely executes real attack techniques at scale without agents or network disruption. The platform discovers and exploits vulnerabilities by chaining attack paths together—exactly as real attackers would—across internal networks, external surfaces, cloud infrastructure (AWS, Azure, Kubernetes), and web applications. Built by veterans in tech and military, it's trusted by 3,000+ organizations including Fortune 500 companies and national defense partners who need continuous proof of their security posture.

Coro is a unified cybersecurity platform that consolidates 14 integrated modules—including EDR, SASE, email security, and threat detection—into a single solution for SMBs and mid-market companies. Using AI-driven automation, it detects and remediates over 92% of threats automatically while maintaining ease of use and affordability. The platform is designed to replace 15-25 disparate security tools, reducing complexity and cost for organizations that lack dedicated security teams.

Alkira is a cloud-native network infrastructure-as-a-service platform that unifies connectivity across multiple clouds, data centers, and on-premises environments through a single control plane. It solves the fragmentation of east-west traffic between clouds by providing enterprises with an intuitive design canvas to deploy and manage network connectivity in minutes without hardware or agents. Founded by the team behind Viptela (acquired by Cisco for $610M), Alkira has raised $184M from top-tier investors including Kleiner Perkins, Sequoia Capital, and Tiger Global Management.

CyCognito is an attack surface discovery platform that autonomously simulates attacker techniques to identify internet-exposed and unmanaged assets across an organization's infrastructure. Using machine learning, NLP, and graph data models, it discovers business relationships, subsidiaries, and cloud environments without requiring customer integration or configuration. The platform prioritizes critical risks by filtering false positives through advanced AI, enabling security teams to focus remediation efforts on actual threats rather than vulnerability lists.

Cape is a privacy-first mobile carrier that owns and operates its own mobile core and SIMs, addressing network-layer vulnerabilities that app-based solutions cannot fix. Unlike traditional MVNOs that resell carrier services, Cape embeds privacy and security at the cellular infrastructure level to protect against SIM swaps, surveillance, and metadata breaches. Founded by former Palantir executives with national security expertise, Cape serves U.S. government agencies, enterprise executives, journalists, and privacy-conscious consumers across the country.

ExtraHop delivers a Network Detection and Response (NDR) platform called RevealX that applies cloud-scale AI to analyze petabytes of encrypted traffic daily across hybrid and multi-cloud environments. It combines NDR, network performance management, intrusion detection, and packet forensics in a single console to automatically discover devices, users, and applications while detecting threats and anomalies in real-time. The platform analyzes over 5,000 metrics and uses machine learning to baseline behavior and identify risks across all infrastructure and data-in-flight.

Claroty is an industrial cybersecurity platform that provides agentless, passive monitoring of OT, IoT, and IIoT assets across critical infrastructure environments. The platform integrates with existing security infrastructure to deliver visibility, threat detection, vulnerability management, and secure remote access without disrupting operational networks. Claroty's approach uses network traffic analysis rather than active scanning, making it the only practical solution for securing PLCs and SCADA systems that cannot tolerate downtime. The company serves Fortune 100 organizations in energy, manufacturing, pharmaceuticals, and other critical sectors.

Malwarebytes is a cybersecurity company that detects, prevents, and remediates malware, ransomware, spyware, and other cyber threats using AI-powered behavioral analysis and heuristics. The company serves both individual consumers and businesses through a freemium consumer model and a tiered enterprise offering (rebranded as ThreatDown). Unlike traditional antivirus software, Malwarebytes combines signature-based detection with behavioral analysis to catch threats competitors miss, earning recognition from The New York Times for its hybrid detection approach.

Nozomi Networks provides an industrial cybersecurity platform that delivers unified visibility, threat detection, and automated remediation for operational technology (OT), IoT, and cyber-physical systems. The platform uses AI-powered analysis to classify assets, detect anomalies, and prioritize vulnerabilities across complex industrial environments. Built by experts in industrial network security and AI, Nozomi protects over 105 million devices across critical infrastructure, energy, manufacturing, and utilities sectors globally.

ThreatLocker is a zero trust endpoint protection platform that stops ransomware and cyberattacks by using a deny-by-default application control model—only allowing approved software to run rather than trying to block threats after they appear. The platform includes application control, storage control, privileged access management, network access control, and EDR/MDR capabilities, with a learning mode that automatically catalogs apps and recognizes over 13,000 pre-built applications. It serves mid-market to enterprise organizations across all industries, with a particular focus on MSPs serving their customers. Over 50,000 businesses worldwide have adopted ThreatLocker to shrink their attack surface and reduce security incidents.

Apiiro is an Application Security Posture Management (ASPM) platform that unifies application risk visibility, prioritization, and remediation across the entire software development lifecycle using proprietary Risk Graph technology and Deep Code Analysis. It provides contextual security insights starting from the design phase through production, integrating software supply chain security with native CI/CD pipeline and source control visibility. Built by former Microsoft and IDF cybersecurity experts, Apiiro serves enterprise organizations seeking a developer-centric approach to application security that minimizes backlogs and triage time.

Nord Security is an integrated cybersecurity platform providing VPN, password management, encrypted cloud storage, identity theft protection, and threat exposure management for both consumers and businesses. Founded in Lithuania in 2012 as NordVPN and formalized as an umbrella company in 2017, Nord Security operates a suite of interconnected security products including NordVPN, NordPass, NordLocker, NordLayer, NordProtect, NordStellar, and Saily. The company addresses fragmented digital security needs by offering enterprise-grade solutions that share consistent security standards across consumer and B2B segments. With $200M in funding and a $3B valuation as of September 2023, Nord Security serves millions globally through both freemium and premium tiers.

Horizon3.ai provides NodeZero, an autonomous penetration testing platform that continuously simulates real-world attacks without agents or human intervention. The SaaS solution safely executes attack chains across AWS, Azure, and Kubernetes infrastructure to show exactly how attackers compromise systems and what data they access. Organizations use it to verify security fixes in production and stay ahead of evolving threats at scale.