18 Hot Cybersecurity Startups for 2021

The cybersecurity market is already worth more than $100 billion – and is predicted to exceed $300 billion by 2024. Not surprisingly, security is one of the hottest areas for IT innovation and funding, which has given rise to a massive ecosystem of startups. Most will fail. A few will be acquired, and one or two will emerge as new leaders in the years to come. But which ones will succeed and which will fail? eSecurity Planet picked 18 promising candidates out of more than a hundred candidates. They address all aspects of cybersecurity, including threat intelligenceIoTblockchainAI and machine learning.

See our picks for top cybersecurity companies.

Top cybersecurity startups

Argus Cyber Security – Automotive security

Founded in 2013
Based in Tel Aviv-Yafo, Israel

Based in Israel, Argus develops automotive security to prevent hacking of vehicular systems. It is now owned by Continental AG, which purchased it for $430 million in 2017. The founders built the company around helping vehicle manufacturers and suppliers deal with security issues. Argus also has offices in Michigan, Silicon Valley, Stuttgart and Tokyo. With the entire car industry going digital, security is now top of mind among manufacturers. Thus Argus has emerged at the right time. It recently signed a strategic cooperation agreement with Deutsche Telekom to partner in automotive systems. The company is also finding traction for its software in the protection of in-flight entertainment and connectivity (IFEC) systems for the airline industry.

Balbix – Risk assessment

Founded in 2015
Based in San Jose, California

Balbix has made our last three top startup lists. As 88% of breaches are due to poor cyber hygiene, Balbix enables customers to transform their security posture and reduce breach risk by 95% or more. Its predictive breach risk platform uses predictive analytics and artificial intelligence to provide a continual assessment of risk and resilience visualized on a searchable and clickable heat map. On an ongoing basis, the platform calculates the breach risk of each device, user and app in the enterprise, the likelihood of a breach across hundreds of attack vectors, and the potential business impact of every asset connected to the network. The company has been wisely beefing up its leadership positions and forming partnerships with the likes of ElevenPaths, part of Telefónica Cybersecurity Unit, to use its AI capabilities to proactively reduce breach risk based on automatic asset and vulnerability discovery, continuous risk assessment and prioritized mitigation actions. As a result, the company has snagged several awards in the last few months as a hot security startup.

Bugcrowd – Crowd-sourced penetration and vulnerability testing

Founded in 2011

Based in San Francisco

Backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners, Bugcrowd applies crowdsourcing to software security. It has gathered over 15,000 freelance programmers and IT experts to offer pen testing and vulnerability testing, as well as glitch sourcing. This keeps costs down and provides a vibrant development pipeline. The company recently released Attack Surface Management (ASM), an assessment of an organization’s security posture aimed at providing visibility and intelligence on the actual attack surface guided by contextual intelligence.

Checkr – Background checks

Founded in 2014

Based in San Francisco

Checkr has seen great uptake of a service that provides automated background checks to help companies hire the right people. It automates the gathering of data about prospective employee address history, employment history verification, reference checking, education verification, credit check and a social media check. It is rapidly growing, has secured almost $150 million in funding, and has a client base that includes Uber, Lyft and GrubHub. It’s also attracting new VC money – another $160 million in September.

CloudKnox – Identity privilege protection

Founded in 2015

Based in Sunnyvale, California

CloudKnox has secured over $10 million in funding for a platform that manages the identity privilege lifecycle across private or public clouds. This includes human and non-human identity privileges. It offers protection from compromised credentials, accidents and malicious insiders. Investors include ClearSky Security, Dell Capital and Foundation Capital. The company recently announced integration with AWS IAM Access Analyzer and has achieved Advanced Technology Partner status with AWS.

CTM360 – Protection and take down beyond the firewall

Founded in 2016

Based in Bahrain

CTM360 offers a cyber threat platform for threats and potential threats outside the firewall. In addition to detecting threats, it takes down comprised or fake email addresses, phishing URLs, impersonated profiles and more on a monthly subscription basis. This makes it attractive to large organizations, as others tend to charge for each individual response. CTM360 is a member of FIRST and the Global Cyber Alliance. Forrester gives it high marks for data risk protection. It a self-funded cybersecurity firm that has achieved profitability as well as annual recurring revenue of more than $3 million. It serves more than 90 entities across 20 countries, mostly banks as well as oil and gas companies. Its track record now has it on the radar of investors.

Cybereason – Threat detection and response

Founded in 2012

Based in Boston

Cybereason offers EDR, AV, and managed detection and response services. It has an automated hunting engine that looks for unusual behavioral patterns, blocks known bad attacks and aggregates good and bad behavioral data to simplify investigation. Its behavioral approach just earned it another $200 million in funding from Softbank, bringing its investment total to almost $400 million. This money has been used to expand its core platform into a full endpoint protection portfolio. Additionally, the company has expanded its partnership network into regional markets such as France and Brazil, as well as vertical such as healthcare. Cybereason also made eSecurity Planet‘s list of top EDR solutions.

Darktrace – Threat detection

Founded in 2013

Based in Cambridge, UK

Darktrace‘s Cyber AI platform detects and fights cyberthreats in real time. It combines the talents of IT specialists from the University of Cambridge with intelligence experts from MI5. Unsupervised machine learning, AI and self-learning technology are used to uncover previously unseen patterns in information. By detecting subtle deviations from an organization’s regular patterns, it is quick to find impending attacks. It has raised $230 million through seven rounds of funding. Darktrace also made eSecurity Planet‘s list of top IDPS solutions. Meanwhile, the company continues to pick up industry awards and has launched in the AWS Marketplace.

Illumio – Micro-segmentation

Founded in 2013

Based in Sunnyvale, California

Illumio has developed adaptive micro-segmentation technology that prevents the spread of breaches inside any data center and cloud. It ensures the correct provisioning of security policies by understanding and adapting to changes in infrastructure or applications. It has raised $332.5 million in funding from an impressive roster of investors: J.P. Morgan Asset Management, Andreessen Horowitz, General Catalyst, Formation 8, BlackRock Funds, Accel Partners, and Data Collective, as well as individual investors such as Microsoft Chairman John W. Thompson, Salesforce CEO Marc Benioff, and Yahoo Co-founder Jerry Yang. The company recently picked up more industry awards, added container support, and was recognized as a Leader in the Zero Trust eXtended (ZXT) Ecosystem Providers Report.

Obsidian Security – SaaS protection

Founded in 2017

Based in Newport Beach, California

Obsidian has gathered up some of the founders from cybersecurity standouts Cylance and Carbon Black to form a company that lives at the intersection of cybersecurity, artificial intelligence and hybrid cloud. It enables users to protect SaaS and cloud services from account takeover, insider threat and identity sprawl with continuous monitoring and analytics. G Suite, Office 365, Salesforce, Dropbox, Okta, AWS, Azure, Slack, and other services can be better secured on Obsidian. It has raised $30 million in funding from the likes of GV, Greylock Partners and Wing.

PerimeterX – Bot mitigation

Founded in 2014

Based in San Mateo, California

PerimeterX is tightly focused on bot mitigation and management for web and mobile applications and APIs. This helps users defend against account abuse, carding, checkout abuse, marketing fraud and web scraping. In addition, it offers user data protection on critical web properties to provide protection against PII harvesting, watering hole attack and digital skimming. The company recently announced the availability of PerimeterX Bot Defender on the Google Cloud Platform Marketplace (GCP Marketplace). This provides customers with the ability to protect web and mobile applications and APIs from automated attacks. The company also released Code Defender, a client-side application security solution that protects websites from digital skimming, formjacking and personally identifiable information (PII) harvesting attacks. It continues to attract funding, raising $91.5 million overall from Deutsche Telekom Capital Partners (DTCP), Salesforce Ventures, Scale Venture Partners, Adam Street Partners, Canaan Partners, Vertex Ventures and Data Collective (DCVC).

SentinelOne – Autonomous endpoint protection

Founded in 2013

Based in Mountain View, California

SentinelOne protects against executables, memory only malware, exploits in documents, spearphishing emails, macros, drive-by downloads and other browser exploits, scripts such as Powershell, and credential encroachments. It harnesses behavioral-based detection, mitigation and forensics to attempt to stop threats in real time. It is the top rated endpoint protection platform on Gartner Peer Insights, has launched a research division and is now available on the AWS Marketplace. To date, it has raised $230 million in funding.

Sift – Fraud detection

Founded in 2011

Based in San Francisco, California

Formerly known as Sift Science, Sift automatically sifts through orders using a rules and data engine to compare transactions against known patterns to detect false accounts or fraudulent payments. It protects over 34,000 sites and apps for customers such as Airbnb, Twitter and American Apparel. It has raised $106 million in funding from Insight Partners, USV, Spark Capital and Stripes Group.

Synack – Vulnerability intelligence

Founded in 2013

Based in Redwood City, California

Synack provides vulnerability intelligence to discover exploitable vulnerabilities that are turned over to its own hackers to do penetration testing and create vulnerability reports for clients. Another crowdsourced cyber startup, it has secured $60 million in funding with its approach to finding holes in the network perimeter as well as inside. The company has also forged partnerships with Hewlett Packard Enterprise, Intel and others. It is also leveraging its data to release reports that measure resistance of different industries to attacks based on penetration test performance data.

Sysdig – Container security

Founded in 2013

Based in San Francisco

Sysdig Secure is built on the Falco open-source container security project. It incorporates support for Kubernetes, Docker, Mesos, Amazon Web Services (AWS) and Elastic Compute Cloud (EC2).  It provides vulnerability management, compliance checks and analytics. The company recently made its Cloud-Native Security Hub broadly available, a repository for discovering and sharing Kubernetes security best practices and configurations. Those behind the open source Kubernetes runtime security project Falco founded Sysdig. The company has raised $121.5 million to date. Sysdig also made eSecurity Planet‘s list of top container security products.

Tanium – endpoint protection

Founded in 2007

Based in Emeryville, California

Tanium is an endpoint security company that aggregates infrastructure and offers a suite of detection and response tools for threat detection, investigation and remediation. Top banks, retailers, Fortune 100 and government agencies use it, including Target, Barclays, and the U.S. Air Force. The company continues to add to its product line. Recent features added include Role-Based Access Control (RBAC), better management of cloud endpoints, visibility into unmanaged VMs in cloud environments, enriched asset inventory and reporting about cloud infrastructure, and visibility into what virtual containers are running. It has raised an impressive $780 million in funding over 10 rounds. Tanium made eSecurity Planet‘s list of top EDR solutions.

Zeguro – SMB cyber safety and insurance

Founded in 2016

Based in San Francisco

Zeguro targets its end-to-end cyber safety platform at small to mid-sized businesses (SMBs). It provides a suite of tools for risk mitigation and compliance, as well as insurance premiums. The basic logic is that if you use its tools to prevent cyberattacks, insurance costs are lowered. The company just launched a new set of monitoring features for its platform to address the latest PCI-DSS requirements. It has also formed a partnership with manual pen testing firm Cobalt to deliver pen testing to its customers. It has raised $5 million in funding to date.

ZeroFox – Social media and digital protection

Founded in 2013

Based in Baltimore, Maryland

ZeroFox remediates threats on social networks, dark web and external channels. It also protects brands from fraud, account hacking and reputational harm, and looks out for attacks on executives, locations and physical assets. ZeroFox enters this market with what it calls cybersecurity’s first social media risk management platform. Its global data collection engine is supported by artificial intelligence-based analysis and automated remediation. Recent upgrades to its product line include an election protection offering and expanded AI capabilities. It has raised $80 million in four rounds of funding.

Drew Robb
Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including ServerWatch and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top Endpoint Detection and Response (EDR) Solutions

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application...

Best SIEM Tools & Software for 2021

Security Information and Event Management (SIEM, pronounced "sim") is a key enterprise security technology, with the ability...

Related articles