Security Startups funded by Y Combinator (YC) 2024

December 2024

Browse 80 of the top Security startups funded by Y Combinator.

We also have a Startup Directory where you can search through over 5,000 companies.

  • Sqreen
    Sqreen (w2018)Acquired • 120 employees • San Francisco, CA, USA
    Sqreen is the application security platform for the modern enterprise. More than 800 organizations trust Sqreen to protect, observe and test their applications, APIs and microservices. As opposed to pattern-based approaches, Sqreen analyses in-app execution in real time to deliver more robust security without compromising performance.
    devsecops
    b2b
    security
  • Canix
    Canix (s2019)Active • 22 employees • San Francisco, CA, USA
    Canix is building the first generation of modern software for the burgeoning cannabis industry. We help our customers overcome daunting compliance regulation, sell more product, and optimize their day to day operations—from cultivation, to processing, to distribution. Recent winner of TechCrunch Disrupt 2020, find out more at TechCrunch and canix.com.
    saas
    cannabis
  • ContraForce
    ContraForce (s2021)Active • 15 employees • McKinney, TX, USA
    ContraForce has developed a first of its kind hyperautomated security platform that enables automated security engineering, AI-operator workflows, and incident response velocity at scale.
    saas
    security
    ai
  • Feroot Security
    Feroot Security (w2021)Active • 24 employees • Toronto, ON, Canada
    Feroot (YC W21) is the leading compliance and security platform for b2b websites that helps you easily achieve and maintain compliance with PCI DSS 4.0.1, CCPA, CIPA, HIPAA and 50+ data privacy regulations.
    compliance
    security
    privacy
  • Overwatch
    Overwatch (s2022)Active • 5 employees • New York, NY, USA
    Overwatch Data offers real-time, actionable intelligence tailored for your fraud, security, and strategic insights teams. Our platform provides a comprehensive and contextualized view of opportunities and risks, drawing on the surface, social, and deep web, thereby enabling faster, data-driven decision-making.
    saas
    supply-chain
    cybersecurity
    ai
  • PromptArmor
    PromptArmor (w2024)Active • 2 employees
    artificial-intelligence
    generative-ai
    security
    cybersecurity
  • Upfort
    Upfort (s2017)Active • 38 employees • San Francisco, CA, USA
    Upfort is a leading platform for cyber security and insurance that provides holistic protection from evolving cyber threats. Founded in 2017 to expand global access to cyber resilience, Upfort makes cyber risk easy to manage and simple to insure. Upfort delivers turnkey security proven to proactively mitigate risk and comprehensive cyber insurance from leading insurers. With proprietary data and intelligent automation, Upfort’s AI anticipates risk and streamlines mitigation for hassle-free underwriting. Insurers, brokers, and risk advisors partner with Upfort to offer clients resilience and peace of mind against cyber threats.
    next-gen-network-security
    security
    insurance
    cyber-insurance
  • Telivy
    Telivy (s2021)Active • 6 employees • San Francisco, CA, USA
    Telivy helps small and medium businesses purchase the best cyber insurance coverage. Our proprietary ML-based risk platform assesses insurability gaps, offers remediation plans and brokers insurance quotes from A+ rated carriers.
    security
    cybersecurity
  • Wolfia
    Wolfia (s2022)Active • 2 employees • San Francisco, CA, USA
    Wolfia helps accelerates security reviews for AI-first companies, helping them close deals faster. We use AI to help answer security questionnaires, and provide an trust center to share your AI policies and security posture.
    generative-ai
    compliance
    security
  • Bunkyr
    Bunkyr (w2022)Active • 3 employees • Denver, CO, USA
    Bunkyr enables companies to protect their users’ data with a simple, hardware-secured API. When a user forgets their password, applications using Bunkyr can provide them a familiar, robust recovery method to restore access to encrypted data. Zero-Knowledge architectures and end-to-end encryption are the only true safeguards against data breaches, but come with large user-experience burdens and engineering overhead. Bunkyr eliminates these obstacles in a way that is friendly to both developers and users, cost-effective, and extremely fast. Users won’t even know Bunkyr exists, while their data stays protected against both breaches and lost passwords.
    developer-tools
    saas
    crypto-web3
    b2b
    security
  • Vanta
    Vanta (w2018)Active • 550 employees • San Francisco, CA, USA
    ABOUT VANTA Vanta (YC W18) is the leading automated compliance and trust management platform designed to simplify and centralize compliance and security workflows for organizations of all sizes. WHY YC STARTUPS NEED VANTA As a YC company, proving your security compliance is crucial for selling to security-conscious buyers and entering new markets. We would know, we’ve been there—and we’ve helped over 8,000 customers do just that! Vanta's out-of-the-box solution, combined with expert service partners, helps you quickly and painlessly achieve and maintain compliance with top compliance frameworks—allowing you to focus on building great products. Learn more at https://vanta.com. YC-ONLY OFFER 25% Off Offer for YC Companies and Access to Partner Network: YC companies receive a 25% discount on the Vanta platform. Leverage Vanta’s automation alongside our trusted partner network to customize your compliance program. Quick Start for start-ups: Get SOC 2 ready in as little as 4 weeks with help from a trusted service partner. Guided by a virtual CISO and a dedicated compliance team, you'll be onboarded and fully supported in getting audit-ready quickly and easily—perfect for fast-moving founders. WHY VANTA? Built for startups: Vanta knows startups. We went through YC in 2018 and have since helped thousands of startups, including YC companies Supabase (YC S20), Bend (YC S22), and Newfront (YC W18) achieve and maintain compliance quickly. Startups like Charityvest (YC S20), BreachRX, and Flo Health have gone from zero to SOC 2 Type I or ISO 27001 certification in 10 days or less with Vanta. Future-proof, feature-rich, automated platform: Vanta’s modular platform evolves with your needs, including: * 30 frameworks spanning security, privacy, industry, geographic, and custom frameworks * 350+ integrations that automate evidence collection for these frameworks * 1,000 automated, hourly tests to ensure real, continuous security—not just at audit time, but all the time * Pre-built policy templates, lightweight agent for security checks, background checks, cyber insurance, cookie consent management, auditor portal, user access reviews, security awareness training, risk assessments, vendor security reviews, managing vulnerabilities, and more Tailored support for early-stage companies: Vanta offers internal, no-cost Customer Success and GRC (compliance) experts, robust technical support, detailed documentation, and a 24/7 chatbot for frequently asked questions. (Optional) Purchase Vanta with auditors experienced in your framework and the Vanta platform, or choose from a range of MSP/consulting partners for additional services like penetration tests and virtual CISO support (some at no cost). We don’t force vendor lock-in. Transparent pricing and promises: Vanta strives to do what it says on the tin: we believe in setting and meeting customer expectations. We offer flexible contracts, fair and transparent pricing, and publish our support metrics. We prefer to focus on helping customers succeed and let them explain why they chose us over others—check out our G2 reviews and customer case studies! Proven market leader and well-funded: Vanta was founded in 2018 and has raised $350M with over 500 employees. We’ve guided over 8,000 customers through their first or multiple audit cycles for various frameworks. These customer learnings and our funding help drive a fast pace of product development to delight customers and ensure Vanta will be there for you in the future. Interested in seeing why Upflow (YC W20), Tailor (YC S22), and hundreds of other YC companies trust Vanta to expedite their compliance? Email yc@vanta.com to learn more!
    b2b
    compliance
    security
  • Sift
    Sift (s2011)Active • San Francisco, CA, USA
    Sift is the leader in Digital Trust & Safety, empowering digital disruptors to Fortune 500 companies to unlock new revenue without risk. Sift dynamically prevents fraud and abuse through industry-leading technology and expertise, an unrivaled global data network of 70 billion events per month, and a commitment to long-term customer partnerships. Global brands such as DoorDash, Twitter, and Wayfair rely on Sift to gain a competitive advantage in their markets.
    fintech
    machine-learning
    saas
    b2b
  • ZeroPath
    ZeroPath (s2024)Active • 4 employees • San Francisco, CA, USA
    ZeroPath is a developer tool that autonomously detects, verifies, and submits fixes for vulnerabilities in your code. Engineers can use ZeroPath to find security problems that they might only otherwise catch in pentests or from bug bounty researchers.
    developer-tools
    b2b
    security
    cybersecurity
    ai
  • Adri AI
    Adri AI (w2023)Active • 2 employees • San Francisco, CA, USA
    Adri is built for enterprises that are buying AI. Our patented software monitors the AI vendor's infrastructure and detects any intentional or accidental misuse of your proprietary data. We help you buy AI that you can trust.
    artificial-intelligence
    compliance
    security
    sales
  • Cloudanix
    Cloudanix (s2021)Active • 8 employees • Sunnyvale, CA, USA
    We help DevOps teams to improve the security of their Cloud infrastructure. Our solution value increases for companies using multi-cloud (like GCP, Azure, AWS) or have multi-accounts (like Dev, Test, Prod)
    cloud-workload-protection
    devsecops
    identity
    security
  • LunaSec
    LunaSec (s2019)Active • 4 employees • Seattle, WA, USA
    LunaTrace isn't just another security scanner that blasts you with vulnerabilities. LunaSec has developed a hosted Open Source dependency security tool that is smarter, faster, and quieter than any other. It's backed by a team of security experts who monitor the latest attacks, write remediation guides, and help you patch in hours instead of weeks. In under 2 minutes, for free, you can generate your own vulnerability report to gain insight into the security + compliance of your software by clicking here: https://lunatrace.lunasec.io/ Email us at: contact@lunasec.io Our GitHub: https://github.com/lunasec-io/lunasec
    developer-tools
    devsecops
    security-orchestration-automation-and-response-(soar)
    security
    open-source
  • Malloc
    Malloc (s2021)Active • 7 employees • Nicosia, Cyprus
    Malloc aims to help people companies and organisations protect their apps, their devices and their data. The Malloc app available in AppStore and PlayStore helps you stay safe and private online by blocking spyware and online threats. Malloc App Security is an SDK library that other app owners can use to protect their app from hacking attempts.
    machine-learning
    saas
    consumer
    security
  • Vansec
    Vansec (s2021)Active • 2 employees • New York, NY, USA
    Spear phishing simulation & security awareness training powered by AI.
    saas
    b2b
    compliance
    security
  • Traces
    Traces (s2019)Active • 10 employees • Mountain View, CA, USA
    We analyze thousands of video streams to find and track people without facial recognition. Our tech is available as an API and has multiple use cases. Unique people counting, forensic people search, falsa alarm filtering and many more.
    artificial-intelligence
    deep-learning
    computer-vision
  • SafeBase
    SafeBase (s2020)Active • 60 employees • San Francisco, CA, USA
    Trust Center Platform SafeBase Trust Center enables Security teams to proactively share and automate access to security, compliance, and privacy information/ complete security questionnaires.
    saas
    productivity
    cybersecurity
  • Corgea
    Corgea (s2023)Active • 4 employees • San Francisco, CA, USA
    Corgea helps companies find and fix vulnerable code quicker, and save 80% of the engineering cost & time in fixing these issues. It does this by using AI to scan and write code fixes and issues pull-requests for your engineers to approve.
    artificial-intelligence
    developer-tools
    saas
    security
    cybersecurity
  • Strac
    Strac (w2022)Active • 8 employees • Bellevue, WA, USA
    Strac is an agentless Data Discovery (aka DSPM - Data Security Posture Management) & DLP (Data Leak Prevention) that automatically discovers, classifies and remediates sensitive data (alert, label, redact, mask, block, delete). Strac protects SaaS, Cloud, Gen AI and Endpoints like O365, Slack, GDrive, AWS, Salesforce, ChatGPT, Jira, Mac, Zendesk, and 40+ integrations. Strac protects enterprise companies like UiPath, ThredUP, Nylas, Crypto (dot) com!
    artificial-intelligence
    generative-ai
    saas
    security
    enterprise
  • Termius
    Termius (w2019)Active • 32 employees
    Termius is an SSH client that works on desktop and mobile. It syncs and shares data via a secure vault in the cloud, like a password manager. With Termius, engineering and DevOps teams can share the list of servers that can be organized in groups and tagged for faster search. Termius also has built-in Terminal and Snippet Sharing. Terminal Sharing enables getting instant help from colleagues via providing a unique link instantly, and snippets are frequently-used shell commands that allow teammates to learn from each other easily.
    developer-tools
    devsecops
    iot-security
  • Anjuna
    Anjuna (w2018)Active • 55 employees • Palo Alto, CA, USA
    Anjuna makes hardware-grade application and data protection simple, fast and enterprise-ready. Anjuna software enables IT to “lift and shift” applications and data into the hardware-encrypted confines of a secure enclave, protecting them from malicious software, insiders, and bad actors. Available from every major chip, cloud, and system vendor, secure enclaves are the data security gold standard. Unlike point memory-only enclave solutions that require expensive and complicated software rewrites, Anjuna enables enterprises to achieve managed enterprise-class enclave protection that span memory, storage, networks, and clouds in minutes--without recoding. Anjuna is based in Palo Alto, California.
    cloud-workload-protection
    security
  • Matano
    Matano (w2023)Active • 2 employees • Seattle, WA, USA
    Matano is a modern SIEM, built for cloud-first security teams. It replaces traditional SIEM databases like Splunk or Elastic with a cybersecurity platform built on top of a cost-effective Security Data Lake.
    devsecops
    analytics
    open-source
    cybersecurity
  • Gecko Security
    Gecko Security (f2024)Active • 2 employees • San Francisco, CA, USA
    We built Gecko for teams that want to build secure code quickly without wasting time on security tools that don’t deliver results, or relying on one-time human pentests that quickly become outdated. Gecko uses AI to understand how your application should work, simulates relevant attacks to find critical vulnerabilities, and then verifies these vulnerabilities by exploiting them. It also helps you understand the risk of these vulnerabilities and applies a working fix to keep your code secure.
    artificial-intelligence
    saas
    b2b
    security
    cybersecurity
  • Shiboleth
    Shiboleth (w2024)Active • 2 employees • New York, NY, USA
    Shiboleth automates consumer lending compliance for financial institutions using AI. Banks like Cross River Bank use us to save months of manual work by automating audits and drafting reports for the governments. LLMs allow whole categories of manual compliance processes to be automated in ways that weren’t possible until recently. We are excited to automate back-office operations and enhance consumer protection in one of the most litigious industries.
    fintech
    generative-ai
    b2b
    compliance
    lending
  • Clearly AI
    Clearly AI (s2024)Active • 2 employees • Seattle, WA, USA
    Clearly AI automates security and privacy reviews with AI. We performed hundreds of reviews at Amazon and Moveworks and now we're building the product we wish we had. We launched in August 2024 and secured two paid pilots within a week, including a major electric automaker. Our users complete reviews in minutes instead of days. Emily and Joe are technical co-founders and senior engineers. We met in 2019 while working on an Alexa security review.
    artificial-intelligence
    security
    privacy
  • Metlo
    Metlo (s2021)Active • 4 employees • San Francisco, CA, USA
    - Create an Inventory of all your API Endpoints. - Proactively test your APIs before they go into production. - Detect API attacks in real time.
    saas
    b2b
    security
    open-source
    api
  • Palitronica Inc
    Palitronica Inc (w2022)Active • 6 employees • Kitchener, ON, Canada
    Palitronica builds and deploys cutting-edge solutions to defend critical physical infrastructure and its supply chain. By using side-channel information from endpoints, Palitronica provides a safe attack detection capability retrofittable to critical systems.
    hard-tech
    hardware
    security
  • Munily
    Munily (w2022)Active • 30 employees • Panama City, Panama
    There are three key roles among a community: The security Guard The resident The administrator When a visitor tries to access a designated community, the security guard must require an ID previously to allow entry. He proceeds to communicate with a specific resident through a intercom which is almost always broken or under repair, delaying the visitor’s entry to the compound WE come in, by interconnecting the security guard with the resident and the administrators through an app and a tablet we provide to make all the process of access pretty smooth and easy. When a visitor comes in, the security guard must only: Take a picture of its ID, using the tablet, Select the apartment, so the resident receives a pop up notification through which they can deny or approve the access. Last but not least, An even easier way has been developed by Munily which utilizes QR codes generated through Whatsapp. Which visitors just show and security guards scan to allow entry.
    proptech
  • Reality Defender
    Reality Defender (w2022)Active • 35 employees • New York, NY, USA
    Reality Defender’s deepfake detection platform empowers enterprises to flag fraudulent users and content (audio calls, videos, images, documents). Our API and web app provides real-time risk scoring, reporting, alerts, and forensics review. Our team spent 20+ years at Google, Goldman Sachs, and the Intelligence Community at the intersection of data science and cybersecurity. Customer Use Cases: • Voice Voice Fraud (Ie. Realtime detection of AI generated voices for banks and call centers) • Onboarding KYC (Ie. Anti-fraud to identify fraudulent users and materials) • Content Moderation (Ie. Social media, e-commerce, marketplaces, dating, streaming) • Disinformation Detection (Ie. News, defense, government) Website: www.realitydefender.com Contact: ask@realitydefender.com YC AMA: https://news.ycombinator.com/item?id=30766050
    saas
    deepfake-detection
    security
    privacy
    ai
  • Riot
    Riot (w2020)Active • 50 employees • Paris, France
    Riot is a SaaS platform to easily set up a cybersecurity awareness program for teams. We're making tools to protect your employees, and therefore protecting your company.
    saas
    security
  • Escape
    Escape (w2023)Active • 14 employees • Paris, France
    Secure your APIs effortlessly with Escape—view exposed API endpoints and sensitive data in minutes, continuously test as APIs evolve, prioritize business-critical vulnerabilities, and fix them efficiently with actionable remediation code snippets. No traffic monitoring, agents or complex integrations required.
    developer-tools
    security
    api
    graphql
  • EdgeBit
    EdgeBit (w2023)Active • 5 employees
    Dependencies for software products are exploding in number and with that comes a sprawling supply chain. A supply chain isn't just a build-time check, it's highly dynamic. EdgeBit watches in real time – we cross-reference your build pipelines and server fleet with multiple data sources to communicate your live inventory and actual risk. Security teams aren’t experts at their company’s apps, so they are forced to distract the most skilled engineers with a firehose of vulnerabilities to investigate. We founded EdgeBit because we believe that we can solve this problem — to empower security teams to prioritize investigation of true risks without wasting engineers time.
    devsecops
    b2b
    security
  • Tarsal
    Tarsal (s2021)Active • 10 employees • New York, NY, USA
    Tarsal is a data pipeline custom built for security teams. As security data grows 25% year over year, security teams desperately need access to best-in-class data infrastructure. Tarsal bridges the gap between the modern data stack and security teams, pioneering the modern security data stack.
    b2b
    cybersecurity
    big-data
    data-engineering
  • Oneleet
    Oneleet (s2022)Active • 50 employees
    Oneleet helps companies become secure and compliant through an all-in-one solution that combines automated tools and human expertise. Oneleet has built the second generation of security compliance automation software, providing tools that go beyond what is classically provided for just compliance alone. Tools like a code security scanner, attack-surface management, access reviews and trust portal are all built in. As the most popular, highest rated and most frequently used platform in the YC community, Oneleet has quickly established itself as the preferred and superior alternative to other incumbents. The founder behind Oneleet has spent the past 10+ years helping companies become more secure by performing penetration tests.
    saas
    b2b
    compliance
    security
    ai
  • Intrinsic
    Intrinsic (w2023)Active • 8 employees • San Francisco, CA, USA
    Build safer platforms with Intrinsic. Get access to the best safety technologies from one unified API. Enable your Trust & Safety team to tell cohesive stories from policy to product, to enforcement. Michael and Karine first met two years ago at Apple’s Fraud Engineering, Algorithmic Risk team, which evolved to become Apple’s Trust & Safety function. We are both engineers and helped solve online abuse problems, including spam, botting, account security, and developer fraud for Apple’s customer base of over a billion users.
    artificial-intelligence
    compliance
    cybersecurity
    enterprise-software
    trust-&-safety
  • Notabene
    Notabene (s2020)Active • 33 employees • New York, NY, USA
    Notabene helps businesses perform crypto transactions in a regulatory compliant way. Think of us as the SWIFT network for Crypto. New global regulations for crypto transactions are here and will be enforced over the next year. Businesses now have to follow strict rules similar to banks, or shut down. We provide a SaaS platform that allows businesses to perform due-diligence on their counter-parties and manage the risk of incoming and outgoing transactions.
    fintech
    crypto-web3
    regtech
  • Delve
    Delve (w2024)Active • 7 employees • San Francisco, CA, USA
    Delve is the easiest way to get HIPAA & SOC 2 compliant. We use AI to catch issues you can't and fix them before you can. Built for founders that move fast. Let's chat: https://cal.com/team/getdelve/demo
    artificial-intelligence
    saas
    b2b
    compliance
    cybersecurity
  • Castle
    Castle (w2016)Active • 20 employees • San Francisco, CA, USA
    Instantly stop automated and human-originated account takeovers, fake accounts, and any behavior that violates your platform policies.
    developer-tools
    saas
    security
    fraud-detection
  • Swif.ai
    Swif.ai (s2020)Active • 10 employees • 880 W Maude Ave, Sunnyvale, CA 94085, USA
    Secure and manage all your devices with Swif. Automate compliance, streamline onboarding and discover Shadow IT—all in one platform. --- Challenges Addressed * Fragmented device management across multiple operating systems and locations. * Time-consuming manual compliance checks and reporting for various regulatory standards. * Inefficient onboarding and offboarding processes for remote and global teams. * Lack of visibility into shadow IT and unauthorized SaaS application usage. Customer Benefits * Unified visibility and control over all organizational devices, regardless of operating system or location. * Significant time savings through automated compliance readiness checks and real-time reporting. * Enhanced security posture with the ability to instantly lock or wipe compromised devices remotely. * Reduced IT overhead by consolidating device management, access control, and compliance tools into a single platform.
    saas
    b2b
    compliance
    security
    enterprise
  • Cyble
    Cyble (w2021)Active • 260 employees • Atlanta, GA, USA
    Cyble provides the fastest and most comprehensive coverage across adversaries, infrastructure, exposure, weaknesses, and targets. Cyble empowers governments and enterprises to safeguard their citizens and infrastructure by providing critical intelligence in a timely manner and enabling rapid detection, prioritization, and remediation of security threats through its advanced capabilities for data analysis, expert insights, and automated processes Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com. 
    artificial-intelligence
    saas
    security
  • Repacket
    Repacket (w2023)Active • 4 employees
    90% of security breaches are caused by a simple employee mistake. Your employee clicks a bad link, and gives up their password. They download a virus and run it. They leak your source code and PHI to ChatGPT. Repacket allows your employees to enjoy the internet without risk - instantly blocking threats like data leaks and phishing using content inspection and AI. This gives your employees the ability to make that mistake without impacting your company. Founded by cybersecurity leaders from SpaceX, AWS, and Google - we're building security tools that solve the biggest problems, without headaches for your employees.
  • Salt Security
    Salt Security (w2016)Active • 200 employees • Palo Alto, CA, USA
    Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices. Deployed quickly and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives. Salt pioneered API security and is the industry leader for API security with a proven record of success. You can watch a 90-second overview video of the Salt Security API Protection Platform here: https://youtu.be/Z5nzavnBJj4
    cybersecurity
  • Firezone
    Firezone (w2022)Active • 6 employees • Mountain View, CA, USA
    Firezone connects your workforce to the computing resources they need, wherever they are, securely. Unlike traditional VPNs, Firezone uses a least-privileged approach to access control known as Zero Trust Access. Connect your identity provider and define granular policies in minutes, then rejoice in the IT support requests you won't receive due to our lightweight, WireGuard-powered clients which work great on all platforms.
    devsecops
    next-gen-network-security
    b2b
    security
    open-source
  • SuperTokens
    SuperTokens (s2020)Active • 10 employees • San Francisco, CA, USA
    SuperTokens is building open source authentication (as an alternative to Auth0, Firebase and AWS Cognito). Add secure, hassle free authentication to your app in 1 day. We enable startups to launch quicker and focus on their core product offering 1. We're easier to implement as we take a modular approach - making it possible to pick only the features you need for your use case. This means you need not worry about complications associated with other features (eg: SSO and OAuth if you don’t need it) and this in turn makes it easier to implement and manage SuperTokens. 2. Developer's can own and manage their user's data. 3. SuperTokens can be run on your premise for free and also has a generous hosted tier for those who dont want to manage it themselves. SuperTokens is being used by hundreds of developers across the globe.
    developer-tools
    saas
    b2b
    open-source
  • Rownd
    Rownd (w2022)Active • 7 employees • Raleigh, NC, USA
    Rownd helps companies register and retain more users through frictionless sign-in across all of their websites or apps, with a single simple code snippet. We let our customers change how and where authentication happens, killing the static login page forever. Increase your conversions by 50% within weeks!
    developer-tools
    saas
    security
  • D-ID
    D-ID (s2017)Active • 27 employees • Tel Aviv-Yafo, Israel
    D-ID enables creators and developers to generate realistic high-quality AI personas easily and ethically through the use of our platform and APIs, based on deep-learning and AI-powered technology - Enabling Creative Reality™. D-ID is a Tel Aviv-based Creative Reality™ startup specializing in patented video reenactment technology using AI and deep learning. Established in 2017, D-ID created the first facial image de-identification solution to protect images and videos from facial recognition software. D-ID's products range from animating still photos to facilitating high-quality video productions and creating viral user experiences.
    artificial-intelligence
    deep-learning
    generative-ai
    entertainment
  • Ambient.ai
    Ambient.ai (w2017)Active • 95 employees • San Jose, CA, USA
    Ambient.ai is a computer vision intelligence company transforming enterprise security operations to prevent security incidents before they happen. The Ambient.ai platform applies AI and computer vision intelligence to existing sensor and camera infrastructure to deliver continuous physical security monitoring and automate the immediate dispatch of human resources. Ambient.ai is the first platform that goes beyond basic motion detection and image recognition to achieve near-human perception with automated situational context. With physical security incidents on the rise and physical security organizations left under-resourced, Ambient.ai’s computer intelligence platform comes at a time of critical need, which is why the company has raised over $50 million from venture capital investors led by a16z. Today, large enterprises, schools and organizations – including many of the largest US tech companies and other Fortune 500 companies – use Ambient.ai to secure property, people, and assets from the most harrowing physical security threats. The company was founded in 2017 by experts in artificial intelligence from Stanford who previously built iconic products at Apple, Google, Microsoft and Dropbox. We are backed by Andreessen Horowitz (a16z), SV Angel, Y Combinator, and visionary angels like Jyoti Bansal, Mark Leslie and Elad Gil.
    computer-vision
    security
    ai
  • TRM Labs
    TRM Labs (s2019)Active • 250 employees • San Francisco, CA, USA
    TRM is on a mission to build a safer financial system for billions of people. We deliver a blockchain intelligence data platform to financial institutions, crypto companies, and governments to fight cryptocurrency fraud and financial crime. We consider our business — and our profit — as a way to move towards our mission sustainably and at scale. Join our mission ➔ www.trmlabs.com/careers
    fintech
    machine-learning
    crypto-web3
    data-engineering
  • Skypher
    Skypher (w2020)Active • 6 employees • San Francisco, CA, USA
    Skypher makes security reviews easy for software companies.
    compliance
    cybersecurity
  • Tracecat
    Tracecat (w2024)Active • 2 employees • San Francisco, CA, USA
    Tracecat is the open source Tines / Splunk SOAR alternative. Security engineers use our platform to build AI-assisted workflows that automate investigations and incident response. We're building the easiest way for security teams to fight burnout and reduce mean time to respond.
    artificial-intelligence
    workflow-automation
    open-source
    cybersecurity
  • QueryPie
    QueryPie (w2020)Active • 97 employees • San Mateo, CA, USA
    QueryPie solves two important customer problems. The first is being able to respond to ITGC audits to ensure financial transparency, The second is to keep customer privacy data and sensitive information from internal employees and external attackers,also provide insights into what data to use for AI. This is made possible by centralizing access control and auditing of IT assets such as databases, servers, and containers across both on-premises and cloud environments in One-place QueryPie. QueryPie covered various privacy law and compliances such as ITGC for Sox, PCI-DSS, ISO27001, HIPAA, CCPA, GDPR, ISMS
    artificial-intelligence
    b2b
    compliance
    security
    cybersecurity
  • Infisical
    Infisical (w2023)Active • 15 employees • San Francisco, CA, USA
    Infisical is an open-source platform to manage secrets and configs across your team and infrastructure. Infisical stores your secrets and injects them back into your development workflow, CI/CD pipelines, and cloud infrastructure. It comes with secrets versioning, point-in-time recovery, audit logging, automatic secret rotation capabilities, and more.
    developer-tools
    saas
    b2b
    security
    open-source
  • Agency
    Agency (w2022)Active • New York, NY, USA
    Agency specializes in multi-party security and compliance scenarios; we are the Palantir of compliance. We serve the most innovative companies and their teams working on critical challenges and transformative technologies by helping them achieve standards like SOC2, ISO 27001, CMMC, NIST, HIPAA, and GDPR that meet the highest levels of scrutiny from third parties. Our patented platform, Verse, integrates with GRC software like Vanta, cloud infrastructure, and your endpoints to securely handle complex multi-layered configurations, such as remote contractor use, BYODs, and federated client-hosted application deployments. Our managed security and compliance team helps high-growth software companies meet rigorous standards as quickly as possible by doing it for them. Our ETDR program enables organizations to prevent threats directly targeting their employees' personal devices, data, and online accounts while respecting their privacy. We provide customized solutions to prevent insider threats, data loss prevention, and threat intelligence while safeguarding personal privacy.
    saas
    b2b
    compliance
    security
    enterprise
  • Remy
    Remy (s2023)Active • 4 employees • San Francisco, CA, USA
    Use Remy to discover upcoming engineering work, perform automatic triage and speed up your design reviews.
    artificial-intelligence
    generative-ai
    b2b
    productivity
    security
  • Cinder
    Cinder (w2022)Active • 20 employees • Washington, DC, USA
    Cinder was founded to help organizations foster safer online spaces for everyone. Our platform empowers companies from start-ups to enterprises with end-to-end capabilities to mitigate harm, investigate abuse, and produce trustworthy and reliable AI outcomes. Building your world-class company means keeping your users and community safe—Cinder unlocks faster growth by making safety easy. We work with customers in every industry from frontier AI labs to e-commerce and social media.
    saas
    b2b
    compliance
    trust-&-safety
    ai
  • OpsBerry AI
    OpsBerry AI (s2023)Active • 2 employees
    OpsBerry AI defends against human and non-human identity breaches using AI to continuously discover, prioritize, and remediate vulnerabilities in your identity sprawl. Our AI-powered identity security posture management platform, trained with popular cyber security and compliance frameworks, provides comprehensive visibility and contextualization across your user accounts, service accounts, API keys, OAuth apps, and more, keeping your organization safe from identity-driven attacks.
  • Asterisk
    Asterisk (s2024)Active • 3 employees
    Asterisk (asterisk.so) is an AI Hacker for Codebases - it automatically finds, verifies, and patches security vulnerabilities in codebases, just like a human security engineer would. Asterisk can find business logic errors with context-aware scanning and automate the full auditing cycle to generate reports with near-zero false positives. Asterisk has autonomously discovered vulnerabilities in Google, Hoppscotch, and others.
    artificial-intelligence
    saas
    b2b
    security
    ai
  • Quantstamp
    Quantstamp (w2018)Active • 80 employees • Toronto, ON, Canada
    Quantstamp has protected billions in digital assets from hackers on our mission to secure web3. As a global team of security professionals, we have honed our technology and expertise through hundreds of audits and gained the trust of our clients to keep their innovative products safe. In addition to providing an array of security services, we facilitate the growth and longevity of the web3 space through strategic investments and acting as a trusted advisor to help projects scale. Quantstamp is honored to have worked with some of the top projects in the industry including Aave, Compound, Maker, OpenSea, Polygon and many more. As the leading blockchain security company in this emerging industry, we are always looking for team members that love taking initiative and solving challenging problems. Join the team and help us secure the future of web3.
    crypto-web3
    security
  • AmberBox Gunshot Detection
    AmberBox Gunshot Detection (w2016)Active • San Francisco, CA, USA
    AmberBox is the most advanced indoor gunshot detection and response system used in the US today. AmberBox automates emergency processes to significantly reduce response time and remove human error. AmberBox detectors utilise a patented gunshot detection algorithm to respond immediately following a firearm discharge. With tri-factor authentication (percussion, audio and infrared), detectors are able to instantly determine a firearm signature with a near-zero false alarm rate. Upon activation, detectors alert first responders through our reporting network, and can integrate with other security systems, such as cameras, access control systems and mass notification to initiate.
    security
  • Apozy
    Apozy (w2017)Active • 9 employees • San Francisco, CA, USA
    Apozy is a browser defense platform powered by "Native Browser Isolation" technology. It neutralizes phishing, malware, and impersonation attacks in real-time by sandboxing dangerous websites at the time of click. This creates a safe "read-only" environment for browsing, even if the original website is malicious. Businesses use Apozy Airlock to protect their employees from online threats and prevent data breaches.
    security
  • Optery
    Optery (w2022)Active • 20 employees • Walnut Creek, CA, USA
    Optery is automated opt out software, and we serve individuals, families and businesses. With Optery, you can remove yourself from hundreds of data brokers that are posting and selling your home address, phone number, email and other private information on the internet. Optery was awarded"Editors' Choice" by PCMag as the most outstanding product in its category in 2022, 2023, and 2024, was a winner in Fast Company's Next Big Things in Tech for Security and Privacy in 2023, and has received numerous Cybersecurity Excellence awards. Optery prevents phishing and social engineering, identity theft and fraud, online stalking and harassment, doxxing, and prevents people's private information from showing up in Google search results. Anyone can create a free account to receive a personalized Exposure Report with live screenshots summarizing where your information is being posted and sold online. Optery then provides free tools for self-service removals, or you can upgrade to a paid plan, and Optery will remove the profiles for you. Optery for Business serves enterprises removing personal information from the internet for their employees and executives, and offers an API enabling application developers to embed data broker scanning and removal technology into their applications.
    saas
    consumer
    security
    privacy
    enterprise-software
  • Clickfacts (s2005)Acquired • 11 employees • San Francisco, CA, USA
    ClickFacts is a Malware Software Solutions company for buyers and sellers of online media. Its automated plug and play malware discovery solution tests online ads (SWFs & 3rd Party Ad Tags) and web pages within websites to ensure they do not distribute malware onto users’ computers (which can lead to identity theft). Its moderation software solution monitors websites to ensure the ads running on them are free of inappropriate content (e.g., nudity, racism), and its Ad Buddy product provides to advertisers real-time continuous monitoring and a complete history of where their ads have run. ClickFacts Inc. was founded in 2005 by Mikhail Ledvich, Mikhail Gurevich, and Greg Gurevich in Boston Mass, with initial funding by YCombinator. It is now based in San Francisco, California.
  • Sphere Secure Workspace (s2015)Acquired • 2 employees • London, UK
    Sphere Secure Workspace For a product demonstration, or for any other enquiries please contact at info@sphere.works
  • CyberFend (w2015)Acquired • 2 employees • Santa Clara, CA, USA
    Cyberfend offers a robust security solution to protect your web and mobile applications from sophisticated attacks and fraudulent activity. Cyberfend's solution detects account take-over, payment fraud and the use of stolen credentials. All of these problems are relevant to every consumer facing web and mobile product/service. Cyberfend’s solution uses a new security paradigm – human cognitive science coupled with advanced machine learning. The result is a robust detection system with near zero false positives and false negatives. Today Cyberfend protects nearly a billion login and payment transactions every month for many large e-commerce, web and payment customers. Cyberfend's product is at the intersection of almost every single cutting edge technology today : a) Our core product employs heavy machine learning b) On the backed, our product is cloud based and deals with enormous scale (customers are directing significant portions of their traffic to us) c) On the front end we need to deal with both web and mobile (IOS, SDK) challenges.Please visit us at: www.cyberfend.com. Cyberfend is backed by Y Combinator, SV Angel and A Capital. Cyberfend was acquired by Akamai Technologies in December 2016.
    cybersecurity
    fraud-prevention
  • Hunter2 (w2018)Acquired0 • Boston, MA, USA
    Hunter2 teaches modern appsec to engineering teams through interactive labs. Developers get hands-on practice exploiting and patching real web apps written in their tech stack.
    developer-tools
    education
    cybersecurity
  • Appcanary
    Appcanary (s2015)Acquired • 2 employees • Toronto, ON, Canada
    Never run vulnerable software again. We monitor your servers, and notify you when you need to update. Try us for free: https://appcanary.com
    security
    monitoring
  • JumpWire
    JumpWire (w2022)Acquired • 2 employees • New York, NY, USA
    JumpWire is a data protection platform that adds advanced data security controls between APIs, applications and databases. JumpWire automatically identifies sensitive properties inside large data sets and gives developers full control over which people and applications can access or update records containing sensitive info. Examples uses include restricting who can read customer PII to members of the customer service team, giving on-call engineers elevated access to production, or splitting user records between regions for GDPR purposes. JumpWire’s approach to securing data in-place minimizes the risk of data leaks exposing sensitive information or mishandling by other applications and vendors. The exact security scheme applied to data is defined by policies that align with an organization’s existing InfoSec program. JumpWire helps companies who maintain information security with compliance programs such as SOC or HIPAA. They are processing sensitive data, often from their own customers, and exceed security best practices as a competitive advantage. JumpWire provides defense at depth to data and sits alongside access controls and Layer 4 encryption to provide a comprehensive data security solution. JumpWire is unique from solutions such as data vaults by installing inside our customers’ own infrastructure and clouds. It is interoperable with existing applications and databases, which eliminates the need for large data migrations or code refactoring. Lower-level approaches to data security, such as encryption at rest, are too blunt and lack the ability to differentiate between properties in the data itself. Its scope is limited to physical storage, and security is lost as soon as an application or query loads the data.
    security
    data-labeling
    databases
  • Vectrix
    Vectrix (s2020)Acquired • 7 employees • San Francisco, CA, USA
    As organizations around the world continue to rapidly adopt SaaS applications as the way they run their businesses, many are left without a way to manage the security of those same applications. Corporate IT and security teams are left asking questions like: - How will I know if someone shares a sensitive Google Doc publicly? - What if one of our employees doesn't have two-factor authentication enabled in Zoom? - Will I know when a new user is added to Slack? - What happens if our Salesforce minimum password setting isn't strong enough? With Vectrix's easy-to-use SaaS security scanning, organizations everywhere can quickly identify security issues and risks like these across their entire suite of SaaS apps, including Google Workspace, Microsoft 365, Slack, Zoom, GitHub, and more. When new issues arise, IT and security teams can be alerted in real-time so that further action can be taken right away. Founded by former security professionals from Autodesk, Vimeo, and PlanGrid, Vectrix is committed to providing teams of all sizes an efficient and reliable way to stay secure in the public cloud. Get started at https://www.vectrix.io
    saas
    security
  • Keyri
    Keyri (s2021)Acquired • 5 employees • San Francisco, CA, USA
    Keyri helps companies implement simple, secure anti-fraud and authentication solutions to delight users and keep bad actors off their platform. Keyri's mobile application and browser fingerprinting suite ties user identities to trusted devices, preventing fraudulent activity such as account opening, account takeovers, bot attacks, and referral/promo abuse. Keyri is able to establish an immutable device fingerprint for every device, alerting companies of any suspicious devices during sign up, log in, or subsequent authentication events. Keyri also offers a passwordless authentication suite that leverages Passkeys, WebAuthn, and QR codes to enable biometric authentication on all platforms and devices, providing a seamless user experience, strengthening multi-factor account security, and reducing reliance on other tedious and unsecure authentication methods.
    saas
    b2b
    security
  • Foxpass
    Foxpass (s2015)Acquired • 10 employees • San Francisco, CA, USA
    Foxpass increases your organization's server and network security by ensuring employee accounts have access only to what they need. Our cloud-hosted LDAP and RADIUS systems help you bring best-practices to your infrastructure. And they're backed by your existing Google Apps accounts.
    devsecops
  • Templarbit
    Templarbit (s2017)Acquired • 11 employees • San Francisco, CA, USA
    Developer-oriented security platform, helping small and large companies protect their software from malicious activityDeveloper-oriented security platform, helping small and large companies protect their software from malicious activity
    security
  • Stacksi
    Stacksi (w2021)Acquired • 4 employees • Los Angeles, CA, USA
    Stacksi helps companies automate the process of answering enterprise security questionnaires so they can close deals faster and save their best engineers’ time for more strategic projects. Salespeople, CTOs, and CEOs of fast-growing enterprise startups can upload security questionnaires into our system. If the company already has written security policies, they can upload those documents, too. From there, Stacksi parses their documents, identifies gaps in their security policies vs. standards, and helps them establish a successful security program. Ultimately, we will help them 1) automate completion of security questionnaires, 2) quickly get through enterprise security audits and 3) improve their security posture.
    compliance
    cybersecurity
  • Smyte (w2015)Acquired • 11 employees • San Francisco, CA, USA
    Smyte stops spam, scams, harassment and credit card fraud for marketplaces and social networks. We automatically classify your website and mobile app's event data and stop bad actors at scale.
    security
    fraud-detection
  • Cymmetria (s2015)Acquired • 11 employees • Tel Aviv-Yafo, Israel
    Cymmetria is a cybersecurity company at the forefront of deception technology, and offers the only commercially available deception technology that has caught 5 nation-state APTs. Cymmetria’s deception products, MazeRunner and ActiveSOC, give organizations the ability to hunt attackers, detect lateral movement inside the perimeter, automate incident response, and mitigate attacks. The company also offers deception as a service, enabling organizations to customize deception technologies for their business environment. Founded in 2014 by security expert Gadi Evron, Cymmetria is changing the asymmetry of cybersecurity, giving defenders the upper hand. For more information, visit www.cymmetria.com.
    cybersecurity