RSAC Sets Finalists for Innovation Sandbox
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
February 6, 2020
null
AppOmni
AppOmni is a service that continuously scans the SaaS platforms used by a company to provide management, security, and data access visibility. According to the company's literature, it uses proprietary technology to perform deep scans of APIs, security controls, and configuration settings to provide its collection of services to its users.
AppOmni will scan a wide variety of SaaS offerings for data types that include most forms of personally identifiable information. With the information gathered, AppOmni will provide services ranging from change management to compliance reporting and data inventory.
Founded in 2018, AppOmni most recently raised $10 million in Series A funding in a round led by venture capital firm ClearSky.
(Image: AppOmni)
BluBracket
The technology of BluBracket looks into application code to find issues that could turn into security problems. The two components of BluBracket's protection suite tackle different aspects of the code, protecting it from issues that could be introduced at different phases of development.
BluBracket:CodeInsights give team leaders visibility into the ownership of and access to all the various bits and pieces of code that go into making a modern application. BluBracket:CodeSecure searches code for "secrets," from passwords and tokens to unauthorized code that might have sneaked in during a session using Github, Stack Overflow, or another code repository.
BluBracket was founded in 2019 and has received seed funding, with SignalFire and Unusual Ventures the most recent investors.
(Image: BluBracket)
Elevate Security
Elevate Security concentrates its efforts, not on technology or external threats, but on an organization's employees and their behavior. Given that employees are widely seen as one of the most serious threat vectors for a company, Elevate Security's goals of identifying and changing risky behavior look to have a significant impact on overall risk.
There are four components to Elevate Security's approach to human factors: Reflex runs baseline assessments and assigns metrics to employee behavior; Vision allows security administrators to analyze the behaviors and the risks they present; Pulse provides training for employees to help them change their risky behavior; and Hacker's Mind presents gamified, intensive training for high-risk employees and groups.
Founded in 2017, Elevate Security's most recent round of funding was an $8 million Series A led by Defy Partners.
(Image: Elevate Security)
ForAllSecure
ForAllSecure addresses security through the related topic of code quality. ForAllSecure's product, Mayhem, uses "next-generation fuzzing" to continuously test code for defects as the code moves through the software product lifecycle. The technology was developed by the founders during their research at Carnegie Mellon University in the decade preceding the company's launch.
Mayhem is designed to be integrated into a DevOps or continuous deployment development process. By checking the software for issues on a constant basis, Mayhem can provide quality (and security) assurance without introducing delay in the rapid release schedule. Mayhem was entered in the 2016 DARPA Cyber Grand Challenge, where it took first place.
Founded in 2012, ForAllSecure most recently raised $14.7 million in Series A funding led by New Enterprise Associates in 2018.
(Image: ForAllSecure)
INKY Technology
Email is the home to phishing attacks, one of the most significant sources of credential and privileged information theft from organizations of all sizes. Inky uses artificial intelligence technology to recognize and block phishing messages before they reach employee in-boxes.
Inky is a cloud-based service that can protect Exchange, Office365, and G Suite email systems. According to the company, it will recognize and warn users about email-based threats ranging from simple spam to phishing attacks and ransomware payloads. The primary user-facing tool Inky uses is "The Banner," which shows up on every email message, with information ranging from simple "checked" to details on what sort of threat has been found and blocked.
Inky was founded in 2008 and has raised a total of $11.6 million in two Series A funding rounds led by Gula Tech Adventures and ClearSky.
(Image: Inky)
Obsidian Security
SaaS application architecture is the target of Obsidian Security with its web-based service that applies security to all SaaS applications. More than just securing the environment, Obsidian Security promises "frictionless" security, adding no response time to applications or additional steps for users.
Obsidian Cloud Detection and Response is based on identity-centric security coupled with machine intelligence to recognize threats and vulnerabilities. Obsidian's technology is deployed through API integrations, with no agents or applications to bring into an environment.
Founded in 2017, Obsidian Security has raised $29 million in funding, most recently a $20 million Series B round in 2019, led by Wing Venture Capital. Greylock and GV are also prominent investors in the company.
(Image: Obsidian Security)
SECURITI.ai
While privacy and security are two separate things, Securiti.ai occupies the space where the two intersect, identifying and securing private information within the enterprise. The company reports that this intersection and its activities are part of the PrivacyOps discipline of its customers.
Privaci.ai, the product suite of Securiti.ai, features a bot named "Auti" that searches for and reports on personal information based on criteria provided by the security staff. In addition, there are application features that deal with issues ranging from information and tracking consent to regulatory compliance templates for reporting.
Securiti.ai was founded in 2018. It has received a total of $81 million in funding, the latest being a $50 million Series B round led by General Catalyst.
(Image: SECURITI.ai)
Sqreen
Security is one thing. Managing that security is another.Sqreen provides application security with an emphasis on managing the security process and how it is applied. Sqreen uses a "micro agent" to automatically monitor sensitive app routines, block attacks, and report actionable information to a security dashboard.
One of the benefits Sqreen describes is the service's ability to be deployed by either a security or software development group without the hands-on involvement of the other. And according to the company, its solution protects applications against threats ranging from SQL injection and critical data exposure to misconfiguration errors.
Sqreen was founded in 2018. It has received three rounds of funding totaling $18.2 million to date, in two rounds of seed funding, and a $14 million Series A round led by Greylock Partners.
(Image: Sqreen)
Tala Security
Web servers present the vast majority of applications to users. Tala Security brings a security layer to web applications with protection intended to defend the server and application against all client-side threats.
According to Tala, its system protects against threat that span a range from Magecart to domain hijacking and session redirects. It does this using a combination of threat intelligence and AI to help direct the protection to the spots where it's most needed. The technology, the company says, extracts more than 50 behaviors from each page of the site, identifies all code, and applies a behavioral model to establish a baseline against which future code, actions, and performance will be judged.
Tala Security was founded in 2016. It has received $14.6 million in four rounds of funding, the most recent a $9 million Series A round led by TechOperators and Jackson Square Ventures.
(Image: Tala Security)
Vulcan Cyber
Knowing that vulnerabilities exist is only the beginning a solution. In large organizations, managing the remediation process can be an enormous, complicated, and expensive process. Vulcan Cyber provides a platform for managing and automating the remediation process to minimize the impact vulnerabilities have on enterprise security.
Vulcan Cyber has created existing integrations with a wide variety of both self-hosted and cloud-based applications, frameworks, and services. The platform uses application and security infrastructure APIs to integrate with both the products it is protecting and those it reports into. And as it performs data collection, it prioritizes issues so security teams can focus their attention on the most critical vulnerabilities. It does this as it automates the remediation process, allowing Vulcan to be part of DevSecOps and other rapid deployment environments.
Vulcan Cyber was founded in 2018. It has received $14 million in two rounds of funding, the most recent a $10 million Series A round led by TenEleven Ventures.
(Image: Vulcan Cyber)
Vulcan Cyber
Knowing that vulnerabilities exist is only the beginning a solution. In large organizations, managing the remediation process can be an enormous, complicated, and expensive process. Vulcan Cyber provides a platform for managing and automating the remediation process to minimize the impact vulnerabilities have on enterprise security.
Vulcan Cyber has created existing integrations with a wide variety of both self-hosted and cloud-based applications, frameworks, and services. The platform uses application and security infrastructure APIs to integrate with both the products it is protecting and those it reports into. And as it performs data collection, it prioritizes issues so security teams can focus their attention on the most critical vulnerabilities. It does this as it automates the remediation process, allowing Vulcan to be part of DevSecOps and other rapid deployment environments.
Vulcan Cyber was founded in 2018. It has received $14 million in two rounds of funding, the most recent a $10 million Series A round led by TenEleven Ventures.
(Image: Vulcan Cyber)
-
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024