As early-stage investors, the Plug and Play team looks at a lot of companies – each vertical looks at ~1,000 per year – and we wanted to share some of our favorite startups in the cybersecurity space.
ReSec is a pioneer in content disarm & reconstruction (CDR) technology, which neutralizes file-based malware by processing inbound content, analyzing its structure, and building a duplicate file based on the original format – isolating suspicious elements and guaranteeing users receive clean and trusted files. CDR has become increasingly popular due to the rise of advanced persistent threats (APTs), and because malware sandbox evasion techniques continue to improve.
Unlike other CDR vendors, ReSec’s technology can reconstruct exact replicas of files and replace improper or broken information, such as links that don’t direct to the right URL, with the correct ones, ensuring absolutely no impact to employees’ workflows or existing business processes.
Sepio Systems provides mitigation for malicious hardware attacks by discovering devices, alerting and blocking any usage breach or attack attempt, providing cloud-based threat intelligence and early warning, and allowing enterprises to implement granular security policies at the device level.
Only Sepio provides visibility deep into the physical layer to mitigate vulnerabilities and attacks that are undetected by any other solution.
ZecOps provides IT / Security Operations Center (SOC) capabilities to perform threat hunting and forensic analysis at scale, as well as to shorten the response time needed for handling incidents by automating root cause analysis and mitigation of advanced persistent threat for endpoints (e.g. ATMs, laptops, mobile devices).
ZecOps is the only company in the market that performs continuous automated forensics to discover and extract exploits and payloads that evade existing security measures, identifies ongoing attackers’ campaigns and compromised assets used for command and control, and reveals targeted attacks.
ArecaBay enables InfoSec and DevOps teams to discover, monitor, and secure APIs, especially private APIs, which are not exposed to the outside world and typically support line of business applications or 3rd party integrations. Rather than forcing private API calls through yet another inline gateway (be it on-premises or Cloud), ArecaBay is taking a network-oriented approach and superimposes a network engine layer of microsensors that provide deep API observability and security with no impact to application code or the runtime environment.
While a few companies in this space, namely Salt Security and Wallarm, protect APIs by identifying anomalies using machine learning, ArecaBay is differentiated by its network-based approach and by its ability to monitor end-to-end API flows at the finest granularity level.
CYR3CON offers an AI solution that collects and analyzes dark web data using machine learning in order to prioritize vulnerabilities and identify potential threats before they occur. While that’s a bold claim to make, CYR3CON has published its solution results in 3 peer-reviewed studies demonstrating that its solution offers a 20x improvement compared to NIST ratings, and CYR3CON successfully predicted the WannaCry ransomware attack about a month before it launched.
Unlike other vulnerability management solutions that offer another data feed for understaffed security teams to analyze, CYR3CON provides security teams a stack-ranked list of vulnerabilities ordered in terms of how likely the vulnerability is to be exploited.
If you’d like to connect with any of these companies to learn more, please contact Rohit at firstname.lastname@example.org.