The cybersecurity landscape is rapidly changing as organizations continue to adopt cloud services, DevSecOps, containers and push for new paradigms such as “zero trust.” In this article we look at some of the hottest cybersecurity startups to watch heading into 2022, and discuss their respective focus areas and capabilities.
JupiterOne is a very promising cybersecurity startup in an emerging Gartner category dubbed “Cyber Asset Attack Surface Management (CAASM)” among others. Aside from the CAASM use case, JupiterOne also provides capabilities in the Cloud Security Posture Management (CSPM), governance and compliance, and vulnerability management areas.
JupiterOne’s CEO Erkang Zheng’s tag line is “we set out to build a universe that provides security as a fundamental right for all”—which is very ambitious. The company has a strong leadership team including cybersecurity thought leader Sounil Yu as CISO. JupiterOne has raised $30 million in Series B funding, with investments and advisors ranging from Bain Capital and Rain Capital to security and tech leaders from Uber, Netflix, Fireye and more.
Another promising cybersecurity startup playing in a similar space is Axonius, with a mantra of “asset management solved for security.” Part of its promise is 345 pre-built integrations providing massive coverage in a quickly growing cloud-native ecosystem. The company also seeks to provide visibility into your asset inventory, attack surface, and compliance posture.
Axonius is listed as having $270 million in funding, with clients such as the New York Times and Landmark Health. It also received the Most Innovative Startup award at the 2019 RSAC Innovation Sandbox.
With the cloud-native ecosystem finding developers increasingly owning more of the tech stack, Snyk positioned itself as the leader in developer security. The company believes in developer-empowered security. Snyk provides myriad capabilities ranging from Snyk Code, open source, containers, infrastructure-as-code (IaC) and more.
Snyk has an $8.5 billion valuation. It has double downed on the cloud and has worked to integrate its products with AWS, one of the world’s leading cloud service providers.
Another player to watch is SaaS security management provider Grip Security, which recently raised $19 million in Series A funding. The rapid proliferation of the cloud continues, most notably when it comes to SaaS applications. Organizations increasingly need a way to discover, manage, and secure their SaaS footprint, and solutions like Grip play a big role in that space.
With the increased growth of cybersecurity tooling, there is a need to centralize all of the information coming from scans, tests and audits. Nucleus aims to fill this niche with its approach of centralized information, customized prioritization, and automated remediation. Nucleus boasts a broad set of integrations, including threat intelligence, penetration testing, applications, networking and more, to provide visibility across the security toolboxes in large enterprises.
Lightspin aims to continuously visualize, detect, and block attacks in both cloud and Kubernetes environments, which are growing in popularity. Lightspin provides an agentless approach to security and is cloud agnostic, providing key coverage in an increasingly multi-cloud world. Lightspin has raised $16 million in funding, and its leadership team includes strong cloud security expertise, such as their CISO Jonathan Rau.
7. Orca Security
Rounding out the companies to watch is Orca Security, which focuses on detecting and prioritizing cloud security risks quickly, and without the need to deploy agents on your systems. Much like Lightspin, Orca aims to cover multi-cloud and Kubernetes-based deployments. Orca is currently sitting on a $1.8 billion valuation after wrapping up $550 million in Series C funding.