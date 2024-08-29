Security Strategy, Plan, Budget

2024 SC Awards Finalists: Most Promising Early-Stage Start Up  

Some of the most high impact technologies emerge not from the mainstay security companies, but businesses many have never heard of – yet. 

Businesses recognized in this category are privately-held startups offering a strong, flagship product that is within two years of initial release. For now, they're focused on continued product development, customer growth, business development, and overall fiscal and workforce expansion; but they also serve as notable contributors within a community shaping future innovation. 

The Top 5 | Most Promising Early-Stage Start Up

2024 Most Promising Early-Stage Startup
Bedrock Security – Most Promising Early-Stage Start Up

Bedrock Security addresses the critical challenge of securing data growth associated with Cloud and GenAI, where traditional Data Loss Prevention (DLP) and Data Security Posture Management (DSPM) tools fall short. These tools often generate false positives, lack remediation capabilities, and are resource-intensive to deploy in large environments. With a Total Addressable Market (TAM) of $17.5B in data security, the need for innovative solutions is clear, especially as data breaches continue to rise despite industry consolidation.

Bedrock stands out as the only vendor using AI Reasoning (AIR) technology to eliminate false positives by learning what data is most important. Its Adaptive Sampling technology enables rapid scanning of massive environments in hours, not months, and IP fingerprinting tracks core intellectual property in near real-time. Bedrock’s serverless platform is 32 times faster and more cost-effective than competitors, offering the fastest time to value in the industry by onboarding customers with over 16+ petabytes of data in less than three days.

2024 Most Promising Early-Stage Startup
ContraForce – Most Promising Early-Stage Start Up

Security has become critical for small and medium-sized businesses (SMBs) and small and medium-sized enterprises (SMEs) where the average cost of a data breach for small businesses stands at $2.98 million. Yet, these organizations lack the expertise and staff to manage their own security well. Their alternative is to hire a managed security service provider (MSSP) or managed service provider (MSP) to oversee their security, yet security providers are challenged to provide SMBs with an affordable and efficient way to detect and respond to cyber threats.

ContraForce democratizes access to advanced security capabilities through its Security Service Delivery Platform (SSDP), launched in December 2023. As the first company focused solely on the SSDP market, ContraForce aims to automate the management of Microsoft Sentinel. Despite being just a 20-person startup, Microsoft awarded ContraForce the 2024 Security Excellence Award for Security ISV of the Year. The SSDP decouples detection and response services from the delivery platform, which lets service providers quickly deploy or enhance managed detection and response (MDR) services. ContraForce automates client onboarding, security content engineering, and incident response, making services more affordable and secure.

2024 Most Promising Early-Stage Startup
Entro Security – Most Promising Early-Stage Start Up

Entro meticulously tracks, classifies, and safeguards non-human identities from creation to deletion, offering organizations deep insights and tools for robust security. It offers a clear inventory of identities, illuminating a previously opaque aspect of infrastructure. Continuous monitoring allows for swift action against potential threats, preventing sensitive information leaks. Entro also introduces a paradigm shift in identity classification, enriching understanding by visualizing the usage of non-human identities and detailing which applications access specific secrets across cloud services.

Less than a year out of stealth, Entro has already secured dozens of customers, including SolarWinds, Elastic, Aqua, and Regatta, across various industries. This broad adoption highlights the widespread issue of non-human identity management, demonstrating the platform’s appeal and effectiveness in addressing this critical security challenge.

2024 Most Promising Early-Stage Startup
Permiso Security – Most Promising Early-Stage Start Up

Permiso Security stands out in the Identity Threat Detection and Response (ITDR) space by providing comprehensive, identity-first cloud security. Unlike many ITDR solutions that only monitor specific cloud service layers like IdP, IaaS, PaaS, or SaaS, Permiso offers enriched alerts across the entire cloud environment. This holistic approach enables faster detection (MTTD) and response (MTTR) to identity-based risks, such as account takeovers and insider threats, from a single pane of glass.

Permiso develops a universal identity graph that captures both human and non-human user activities, allowing for high-efficacy detections rather than generating countless context-less alerts. The platform monitors identity threats throughout the entire identity lifecycle, from creation and onboarding to off-boarding and de-provisioning. Leveraging over 1,000 static alerts combined with runtime machine learning-based behavioral detections, Permiso detects anomalies across cloud services, covering stages like initial access, privilege escalation, and data exfiltration.

In 2023, Permiso achieved 400% year-over-year revenue growth, with a 153% net revenue retention (NRR) rate, driven by key customers expanding their use of Permiso. The company maintained a 0% churn rate, solidifying its position as a trusted partner in cloud security.

2024 Most Promising Early-Stage Startup
runZero – Most Promising Early-Stage Start Up

Founded by HD Moore, creator of Metasploit, runZero addresses a critical challenge in cybersecurity: organizations frequently overlook unknown assets, leading to security breaches. Despite investments in mature security programs, businesses struggle with visibility across dynamic, ever-changing environments. Factors like OT/IT convergence, IoT growth, cloud migration, and remote work compound this issue, while traditional vulnerability management tools fail to keep pace with evolving threats.

runZero’s platform provides comprehensive visibility across IT, OT, IoT, cloud, on-premises, and remote environments, identifying even the riskiest unknown assets. Its active scanning technology offers unparalleled data depth, emulating attacker techniques to extract asset details. The platform integrates with leading cloud providers, EDRs, MDMs, and vulnerability scanners, allowing organizations to create a single source of truth for asset management.

In 2023, runZero launched an enterprise-class cyber asset attack surface management (CAASM) platform, combining active scanning, passive discovery, and API integrations for comprehensive asset inventory and exposure management. Trusted by over 500 customers, including Fortune 10 companies, runZero has become a go-to solution for enhancing security visibility and incident response, earning a world-class NPS score of 82.

