Skull
AI safety and belief software program agency Skull presents the Skull Enterprise software program platform, geared toward serving to organizations map, monitor, and handle AI/ML environments towards threats with out interrupting how groups prepare, take a look at, and deploy their AI fashions. On June 15, the corporate launched its Skull AI Card, which permits organizations to assemble and share details about the trustworthiness and compliance of their AI fashions with each shoppers and regulators and acquire visibility into the safety of their distributors’ AI programs.
Cyclops
Cyclops, based mostly in Tel Aviv, produces a contextual cybersecurity search platform. Based in 2020 by cybersecurity veterans Eran Zilberman (CEO), Elay Gueta (CTO) and Biran Franco (CPO), Cyclops presents a search engine powered by generative AI to reply essential and well timed questions in regards to the state of a corporation’s safety posture and supply proactive protection towards cyber threats and deal with vulnerabilities.
Descope
Descope is an authentication and person administration platform for passwordless authentication. It presents instruments for builders to simply add authentication, person administration, and authorization capabilities to apps. The platform protects towards bot assaults on login pages, account takeover fraud, and session theft by figuring out dangerous person alerts to enact step-up authentication. The corporate was based in 2022.
DoControl
The DoControl platform offers automated, self-service instruments for knowledge entry monitoring, orchestration, and remediation of SaaS purposes. It has the power to establish delicate data and stop it from leaving a corporation’s cloud occasion. DoControl is an agentless, event-driven platform. The corporate was based in 2020.
Dope.safety
Billing itself as “the world’s solely fly-direct safe net gateway (SWG),” dope.safety performs safety instantly on the endpoint as a substitute of routing site visitors by way of stopover datacenters. The method “improves efficiency as much as 4X, ensures that decrypted knowledge by no means leaves the system, and improves reliability by eliminating exterior dependencies.
Hush
Hush presents AI-based digital privateness companies for people and households, but it surely additionally has an enterprise-grade product to guard workforce privateness. As soon as companies deploy the Hush service, their staff are capable of handle their very own Hush profiles. This permits them to watch for and report privateness points and remediate points that put their privateness in danger. Hush additionally makes a “privateness advocate” out there by telephone or on-line. The corporate was based in 2021.
Inside-Out Protection
Launched in 2023, Inside-Out Protection claims to be “the cybersecurity trade’s first platform to unravel privilege entry abuse.” The corporate’s providing offers entry intent, real-time detection, and in-line remediation by way of a SaaS platform. “The platform permits the dedication of the gaps between recognized and unknown abuse behaviors, thereby stopping privilege abuse in real-time, at scale,” the corporate says.
Interpres Safety
Rising from stealth mode in December 2022, Interpres Safety presents a platform that permits organizations to raised handle their “protection floor.” It’ll present what their present safety toolset can detect and defend towards. The platform additionally helps establish gaps and inefficiencies in cyber defenses, permitting safety groups to make use of a data-driven strategy to bettering safety posture.
Kintent
Kintent’s Belief Cloud platform is meant to assist corporations cross audits, handle danger, and full safety evaluations. It makes use of programmatic API-based management and danger verification, which might automate workflows and proof assortment. Belief Cloud can analyze a compliance program and map it to a number of requirements. It additionally has an AI-based function that helps fill out safety questionnaires. Kintent was based in 2020.
Kodem
Kodem claims to be the “world’s first dynamic software program composition platform.” The corporate’s providing makes use of utility runtime to highlight utility dangers, creating utility context based mostly on what is occurring throughout runtime, not simply in static code. In line with the corporate, “after researching the issue of noise, false positives, and inefficient remediation, we have now discovered that the one solution to get rid of false positives and successfully prioritize remediation is to look at purposes throughout runtime. By analyzing them as they’re working, it is potential to know precisely which elements are in use, how knowledge strikes between them, and what a part of the appliance is absolutely susceptible.”
Mobb
Automated vulnerability fixer Mobb makes use of AI-powered know-how to automate vulnerability remediations to considerably scale back safety backlogs and free builders to give attention to innovation. Mobb ingests SAST outcomes from numerous scanning instruments and mechanically fixes code, whereas protecting the builders knowledgeable in the course of the course of to instill belief and guarantee accuracy. Mobb ingests findings from a number of SAST options. The corporate says “its computerized code remediations are powered by AI, and knowledgeable by safety finest practices and enter from the builders who commit the fixes.”
Naxo Labs
Naxo Labs was based in 2022 by a gaggle of famous consultants and former FBI particular brokers to offer forensic and investigation companies. The corporate works on circumstances involving cybercrimes corresponding to insider threats or mental property theft and packages the info for referral to regulation enforcement or for litigation. Naxo can be able to performing blockchain and cryptocurrency evaluation in addition to knowledge restoration.
Nudge Safety
Nudge Safety presents an answer geared toward managing the safety of software program as a service (SaaS) for distributed workforces. Its platform permits for the invention of cloud SaaS belongings created with out the necessity for community adjustments, endpoint brokers, or browser extensions. The corporate claims it offers visibility into all the SaaS assault floor, together with managed and unmanaged accounts, OAuth connections, and assets. It additionally notifies when new SaaS accounts are created. Nudge was based in 2022.
Oligo Safety
Based in 2022, Oligo presents an open-source safety platform that detects and prevents assaults corresponding to Log4Shell by monitoring malicious exercise on the library degree. The corporate claims that its runtime monitoring of open-source libraries focuses solely on vulnerabilities which might be related. The platform works with most trendy improvement languages corresponding to Python, Go, Java, and Node and all cloud service suppliers corresponding to GCP, Azure and AWS.
Piiano
Piiano presents two merchandise: Piiano Scanner scans supply code for references to personally identifiable data (PII), and Piiano Vault secures delicate knowledge whereas permitting it for use. Scanner can scan any Java or Python GitHub tasks on a single click on and is meant to enhance collaboration between improvement and privateness groups. Vault’s API-based infrastructure permits secure storage of delicate knowledge and offers compliance with GDPR and CCPA. Piiano was based in 2021.
Privya
Based in 2021, Privya’s platform offers a cloud-native strategy to knowledge privateness by design. The corporate claims it is going to enable organizations to raised allow privateness and knowledge safety throughout the improvement lifecycle course of. The Privya platform is ready to uncover and establish private knowledge throughout a number of knowledge sources and map the information movement and enterprise logic. It additionally offers an automatic structure to raised meet compliance necessities.
Shield AI
Shield AI is a man-made intelligence and machine studying safety firm that assist organizations shield ML programs and AI purposes from distinctive safety vulnerabilities, knowledge breaches and rising threats. Its platform, AI Radar, “helps organizations construct safer AI by offering builders, ML engineers, and AppSec professionals a solution to see, know, and handle an ML atmosphere,” in line with the corporate. “AI Radar permits clients to shortly establish and remediate dangers, and preserve a robust safety posture for ML programs and AI purposes.”
Savvy
Savvy’s workforce safety automation platform addresses human error by giving SecOps visibility and safety automation playbooks for orchestrating SaaS incident response earlier than an unsecure motion takes place. The corporate claims its platform “offers real-time alerts and suggestive steering to enhance person decision-making. Savvy’s give attention to the ‘human’ assault floor and defending staff throughout browsers and work apps solves an enormous drawback all enterprises face and is barely getting worse.”
Sharepass
Based in 2020, Sharepass offers a method to share confidential data securely throughout platforms. The corporate claims its web-based product doesn’t go away a digital path when knowledge is shared. Sharepass first encrypts the data being shared and sends a hyperlink to the recipient. That hyperlink turns into inactive as soon as the recipient opens it. Senders can specify e mail addresses, set deadlines for the way lengthy the hyperlink is legitimate, or require a PIN code.Â
SnapAttack
SnapAttack offers a purple-teaming platform that the corporate claims to handle all the menace detection course of. The platform contains an Assault Sign Library that catalogs assault threats and simulations. Pink and blue groups can create their very own assault classes. SnapAttack permits purple groups to establish gaps towards the MITRE ATT@CK matrix and to create detection logic with a no-code detection builder. The corporate was based in 2021.
SquareX
SquareXÂ is growing a browser-based cybersecurity product to maintain shoppers secure on-line. The corporate’s product goals to handle threats corresponding to phishing, identification theft, session hijacking, and different browser-based assaults utilizing a browser extension that displays and protects customers whereas they go about their on-line actions. The corporate, based in 2023, plans to launch a beta model starting in Might.
Stack Identification
Identification and entry administration (IAM) governance firm Stack Identification targets the issue of shadow entry –unauthorized, unmonitored, and invisible cloud knowledge entry patterns created by the myriad of human and machine cloud identities accessing the cloud. “It is our imaginative and prescient and conviction that the way forward for cloud safety should be identity-first, access-centric and with a deep context of information, purposes, and software program,” in line with CEO and founder Venkat Raghavan. Stack employs its Breach Prediction Index algorithm to cut back the chance of cloud vulnerabilities and enhance IAM audits, compliance, and governance.
Trustmi
Enterprise funds safety firm Trustmi presents an end-to-end answer geared toward serving to companies shield their backside line by eliminating losses from cyberattacks, inside collusion, and human error. Based in Israel in 2021, Trustmi claims to assist scale back B2B fee fraud by way of “a holistic strategy to beat the fragmentation of fee processes by offering a versatile answer that seamlessly integrates into present organizational workflows.” The platform makes use of a novel belief community that unites crowd-sourced knowledge from 1000’s of distributors and companies to assist uncover vulnerabilities and detect suspicious alerts to maximise safety for enterprise funds.
Valence Safety
Valence Safety, based in 2021, presents a platform to remediate SaaS safety dangers round third-party integration, identification, misconfiguration, and knowledge sharing. The platform offers its personal cross-SaaS knowledge and permissions mannequin to assist preserve entry management. It additionally comes with a set of automated SaaS safety remediation workflows to attenuate the necessity for specialised data to set them up.
Vanta
Belief administration platform developer Vanta has launched its Vendor Danger Administration product, offering third-party vendor safety evaluations and due diligence. The providing is designed to cut back the time and price of reviewing, managing, and reporting on third-party vendor danger. The corporate launched in 2018.
Vaultree
Vaultree, based in 2020, has developed what it claims is the primary “totally useful” data-in-use encryption software program improvement equipment (SDK). The product is designed to get rid of the chance of information being leaked or stolen in plaintext type. In line with Vaultree, can course of, search, and compute knowledge at scale with out surrendering encryption keys or decrypting on the server aspect.
Veza
Veza offers an authorization platform for knowledge to be used in hybrid, multi-cloud environments. The corporate claims it permits organizations to raised perceive, handle, and management who can and will take actions on knowledge. It focuses on streamlining knowledge entry governance, implementing knowledge lake safety, managing cloud entitlements, and modernizing privileged entry. Veza was based in 2020.Â
Wing Safety
Wing’s platform is designed to detect and mechanically remediate SaaS utility threats. It constantly displays utilization for each person, app and file. The platform can shut down what it considers dangerous app-to-app connections, prohibit and govern knowledge shared with exterior customers over SaaS apps, and handle vulnerabilities round dangerous person habits. It could actually additionally handle tokens and permissions of SaaS purposes. Wing was based in 2020.