Technology is constantly changing, and while that might be a good thing as a whole, it does present new challenges. Many of those challenges are security-related, especially when it comes to the cloud. In fact, with many companies relying on cloud storage and solutions, the demand for cloud security is rising.
Fortunately, those demands are being chased by an eager market, with many investors and companies appearing. That includes many aspects of the cloud, from platforms to detect problems during development to those targeted at detecting vulnerabilities in public workloads. Keep reading to learn about some of the biggest startups in the game.
Lacework is a cloud security company with a platform meant for scalability and automation. Their Polygraph data platform secures cloud workloads with automated threat defense. It also has active threat detection and can help reduce daily security threats to a minimum. The platform takes care of every aspect of security, including:
- Cloud Security Posture and Compliance
- Vulnerability Management
- Threat Detection
Not only is the platform effective, but it works across multiple cloud environments, such as Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. But where the company really stands out is its growth.
Founded in 2015, the company has already made a name for itself. In 2021, it received roughly $1.3 billion in investments, bringing its total to $1.9 billion over seven funding rounds. While cloud security saw heavy investments overall, Lacework blew its competitors out of the water. Even if it is not the newest startup, it is a behemoth.
Orca Security drives one point home: it offers powerful cloud security and compliance that is simple to its core. Not only does it set up easily, but it works with multiple cloud environments to suit most companies’ needs. Additionally, Orca Security utilizes agentless technology, eliminating gaps and performance hits.
Although there are a lot of rising stars in cloud security, Orca is one of the best. It covers all cloud assets and takes care of everything under one platform. Some of the benefits offered by Orca include:
- Effective Alert Prioritization
- Context-Aware Risk Detection
- Vulnerability Management
- Automatic Asset Detection
Orca Security can help with many security concerns, and their capabilities only grow because of their strong research team. That is one of the reasons that Orca has grown so rapidly since its start in 2019. Moreover, the company has managed to secure $632 million in funding over five rounds in that short time, with no signs of slowing down.
Mitiga is a bit different from many cloud security startups because it focuses on a specific solution. Namely, it focuses on incident readiness and response. Moreover, the company offers its solution to both cloud and hybrid environments, which require a new approach when it comes to security logs.
Because logs are generated differently with a cloud setup, it requires a dedicated approach for handling security incidents. While other security platforms do provide incident response, it is only one of many features they offer. Since it is expected to become more important as more businesses move to the cloud, Mitiga stands out.
Founded in 2019, Mitiga has seen some early success. The company has received around $32 million over four rounds of funding, with the most recent occurring in December 2021. Mitiga is definitely one to watch, especially with more and more companies utilizing the cloud.
Cado Security is another company focused on incident response in the cloud space. The company’s goal is to deliver in-depth information on incidents without the need for significant effort. In fact, the Cado Response platform automates steps of the process to make it easier to understand and respond to threats. Using the platform, teams can:
- Perform cloud investigations across complex and multi-cloud environments
- Capture evidence and investigate container environments
- Incorporate forensic-level detail into threat hunting
The platform also comes with features that match Cado’s pursuit of simplicity. For starters, it works with a broad range of cloud providers. It also supports parallel processing and collaborative investigations. In addition, the analytics help users make sense of data, saving time and resources for teams using the platform.
Founded in 2020, Cado Security started with around $1.5 million in seed funding. However, in 2021, the company received an investment of $10 million during its Series A funding round. While it is still in the early stages of development, Cado Security is sure to rise, especially with the appeal of detailed security without the complexity.
In a few short years, Wiz has already established itself as an authority in cloud security. It is no surprise, considering the founders include people from backgrounds like Microsoft’s Cloud Security Group. But their expertise and growth are not the only impressive things about Wiz. The technology stands out, too.
Wiz scales to any environment and connects in minutes, collecting information from every layer of the stack. It then delivers unified coverage across the entire cloud environment, focusing on the risks that really matter. In fact, it checks against multiple sources to ensure you get the best information, including:
- National Vulnerability Database
- Vender OVAL Repositories
- Other Vulnerability Databases
Since its founding in 2020, Wiz has quickly made a name for itself. Not only has it found some key vulnerabilities in major databases and platforms, but it is trusted by companies like Slack and Blackstone. The company has received $600 million in funding over four rounds in the last two years, with the latest being in October of 2021.
Beyond Identity is a bit different from most of the other companies on the list in that it does not protect the cloud. Instead, Beyond Identity provides a security solution from the cloud. The cloud-native solution offers a way to eliminate the need for passwords through the use of Beyond Identity’s platform. The intelligent authentication cloud:
- Positively identifies users and their devices
- Continually authenticates by analyzing risk signals for each transaction
- Enforces risk-based policies and step-up authentication
- Is integrated with identity, cybersecurity, and compliance tooling
- Has high availability and mass scalability
It does a lot to provide enhanced security without the need for passwords. Moreover, Beyond Identity’s platform is great for workforce and customer use cases. Not only that, but it improves user experience, which is always a benefit to any company.
Beyond Identity is not focused on providing security for the cloud. However, it is utilizing it in a unique way and offering something really interesting for cybersecurity as a whole. Perhaps that is the reason the company has received over $200 million in funding since it appeared in 2020.
JupiterOne utilizes a cloud-native cyber asset management platform to improve a company’s security. It works by helping businesses manage their cloud-based infrastructure. Using the platform essentially gives companies a better understanding of the environments involved and the potential risks.
With more information on what risks they need to take care of first, companies can more easily prioritize what to tackle first. The information also ensures that proper protection can be put in place. Moreover, it all comes continuously with JupiterOne’s automated platform, which adds context to every asset at every step of the way.
Founded in 2018, JupiterOne operates out of Morrisville, North Carolina. The company has only undergone two rounds of financing, with the latest occurring in May of 2021. However, despite limited funding rounds, the company received a total of $49 million in investments. It is expected for JupiterOne to keep growing alongside cloud services.
Snyk is another cloud-native application that can add some much-needed security for developers. The application takes a developer-first approach, which begins working before applications move from code to the cloud. While Snyk might not directly protect cloud environments, it makes sure the things put there are secure.
Snyk is easy to work with, finding and automatically fixing vulnerabilities. Moreover, it offers solutions for vulnerabilities in code, open-source dependencies, containers, and infrastructure as code. Snyk’s platform is also capable of finding and fixing issues within minutes while also offering the following features:
- Easy integration with existing IDEs, repos, and workflows
- Continuous monitoring during development
- Quick fixing with a single click
- Multi-language support
Snyk appeared in 2015, and since then, it has made a name for itself among developers and security teams. It is also unique in the sense that it targets things starting at development. That might just be the reason that the company has managed to receive $1.4 billion in funding over 11 rounds, with the most recent being in September of 2021.
Dasera’s goal is to provide security to cloud stores from the moment they are created until they are deleted. It does this by combining collaboration and automation, which leads to comprehensive lifecycle coverage. Dasera’s platform does a lot of things that make it easy to remain secure, including:
- Discovering and classifying sensitive data quickly
- Detecting new data stores from the moment they are created
- Mitigating over-permissioned data access risks
- Investigating data usage
Dasera works hard to protect data, no matter where it resides. And since the platform analyzes every interaction across all data stores, it picks up on things early. All in all, this cloud security startup makes it easy for security and compliance teams to solve complex problems.
Founded in 2019, Dasera is still a young company. It has received $9 million in funding since its start, with the latest round announced in April 2021. While it has yet to raise significant capital, it is definitely one to watch in the coming year.
Laminar focuses on protecting users from data leakage, and it does so for everything built and run in the cloud. Moreover, the public cloud data protection offered is incredibly useful and visible. Laminar even claims to be the first and only platform to provide full data observability across a public cloud.
In addition to offering superior visibility, the platform is agentless, allowing users to connect in minutes. It even runs asynchronously, eliminating potential performance hits. But Laminar really stands out in how it utilizes its automated continuous monitoring:
- Discovers all sensitive datastores in a public cloud
- Automatically classifies sensitive data
- Provides constant visibility, policy enforcement, and alerts
- Detects links across multi-cloud infrastructures
- Maps and monitors all outbound data channels
Laminar is an ambitious company that has only recently emerged into the public eye. However, it has already received $37 million in funding between two rounds. While it has yet to see explosive growth, the latest round of funding came in November 2021 and included a massive $32 million in funding, so that might change.
Lightspin utilizes a contextual cloud security platform that offers maximum security for minimum effort. Essentially, it is a multi-layered solution that works to provide prioritization and remediation of potential attack paths. It even does so with a variety of environments, such as AWS and Azure. What you can expect from Lightspin:
- An agentless and unified SaaS cloud-native application
- Priority on critical alerts to allow greater focus on what matters
- Instant remediation of security issues
- Full observability across the hybrid cloud environment
Lightspin is not the only startup on this list that focuses on dealing with issues in an effortless manner. However, it does utilize a very smooth platform and takes an impressive approach to deal with security concerns in cloud environments.
Founded in 2020, Lightspin is a cloud security startup out of Tel Aviv, Israel. The company is still in the early stages, only having received two rounds of funding. The latest round, its Series A funding, brought in $16 million. In addition, the lead investor was Dell Technologies Capital, showing their interest in the company.
Another cloud security startup out of Tel Aviv is Oxeye. However, it is another example of security meant for the development stage. It works by exposing vulnerable flows in cloud-native application code. Overall, Oxeye can ensure there are no risks while accelerating development cycles, reducing friction, and eliminating vulnerabilities.
Oxeye provides context-based vulnerability assessments, delivering reliable results with rich data. The application also helps developers by providing clear remediation guidance to solve detected vulnerabilities. Additionally, it integrates seamlessly and offers automation for easy use.
Although Oxeye is one of many cloud security startups to appear in recent years, it is doing well. That is especially true when one considers that it was only founded in 2021. Towards the end of 2021, Oxeye received $5.3 million in seed funding, so keeping an eye on it is a good idea in the year to come.
Cloud security is a rapidly growing market. The main reason for this is the adoption of cloud technology as a whole. Because more companies are transitioning, the need for advanced security is growing. New and old companies alike are developing solutions to keep up with those demands.
Out of all the cloud security companies around, the startups above are some of the most exciting. Many of them are very young but show a great deal of promise. Additionally, it is still unknown how the requirements for cloud security will change in the coming years, leaving a lot of room for new players.