First In invests in companies that address the major opportunities and challenges that commercial and government enterprise customers face due to massive growth in sheer amounts of data for the enterprise to collect, process, analyze, and make useful. We invest in companies at the forefront of modern security for the enterprise and for society.

First In

TechOperators is a venture capital firm that invests in growth stage software companies. It also provides constructive, strategic, operating, and networking support to its portfolio companies. The firm is specifically focused on opportunities to innovate and transform solutions for cyber security, enterprise productivity, cloud computing, and IT infrastructure. Based in Atlanta, Georgia, TechOperators was founded in 2008.

TechOperators

Area 51 (a51) delivers tailored mentorship and bespoke programming to early stage founders though WeWork's new dedicated startup program. Let us help you propel your product to new heights with support from our network of mentors, intros to VCs and new funding opportunities, and regular workshops and events designed exclusively for our a51 startup community.

Area 51: Paradise Ranch

We invest in early stage companies and help turn finance and operations into a strategic asset.  We are hands-on from day one and bring a breadth of experience in addition to our network to each of our portfolio companies.  We believe that success depends on the founders and the market, but that failure can come from the many pitfalls along the way - we exist to help companies avoid those pitfalls and realize their full potential.  Our investment focus is outstanding entrepreneurs with companies that leverage differentiated technology to disrupt big markets through innovative business models.  We typically invest between the pre-seed and Series A stage alongside a broad range of co-investors in the US, Israel and Europe, and aim to make very efficient investment decisions.

Verissimo Ventures

General Advance is a private investment firm that values strategic insights, independent research, and long-term relationships. The company invests in exceptional teams dedicated to developing game-changing technology to address complex and critical problems. One of the firm's distinguishing characteristics is its unconstrained time horizon and permanent capital base, which allows it to make investment decisions based on long-term goals rather than short-term gains. This approach has a significant impact on the firm's culture and decision-making processes, allowing them to focus on developing innovative, long-lasting solutions.

General Advance

ClearSky is a venture capital/growth equity group that invests in innovative companies, with a special focus on (i) technologies driving the energy transition, climate related technologies, and sustainability, (ii) the digital transformation of enterprise customers’ operations and communications, and (iii) disruptive solutions for cybersecurity, industrial security, and critical infrastructure security.

ClearSky

SixThirty is a global venture capital fund that operates a go-to-market program for B2B FinTech, InsurTech & Cybser Security startups.  SixThirty invests in and helps grow between 8 - 12 early-stage (generally Seed - Series A) companies each year, providing funding, mentorship, and connections. Learn more about the SixThirty investment process at https://sixthirty.co/apply/. SixThirty's mission is to find the most innovative ideas in enterprise financial technology, insurance technology, and cyber security across the globe, and work with like-minded corporate investors and partners to mentor and grow them into great businesses.

SixThirty

Atlassian Ventures invests in early-stage companies focused on building apps for cloud products.  Early-stage (targeting seed rounds) startups building apps for our cloud products. We hope to include both existing ecosystem developers and new teams in this category and are excited to give them an opportunity to grow. Larger, more established product partners scaling their businesses. These investments will be made in partnership with institutional investors, and will generally target series A onwards. Existing sales channel partners looking to step up their cloud services and create new products that support the future of teamwork.

Atlassian Ventures

Ballistic Ventures operates as a venture capital firm and offers the unparalleled benefit of an experienced, connected team that is focused on cybersecurity. They believe the essential step they can take today is to provide collective experience, network, and enthusiasm to the world's finest cybersecurity entrepreneurs.

Ballistic Ventures

Phylum

Phylum defends applications at the perimeter of the open-source ecosystem and the tools used to build software. Its automated analysis engine scans third-party code as soon as it’s published into the open-source ecosystem to vet software packages, identify risks, inform users and block attacks. Phylum’s database of open-source software supply chain risks is the most comprehensive and scalable offering available, and can be deployed throughout the development lifecycle depending on an organization’s infrastructure and appsec program maturity. The company is built by a team of career security researchers and developers with decades of experience in U.S. Intelligence Community and commercial sectors. Phylum won the Black Hat 2022 Innovation Spotlight Competition, was named to Inc. Magazine’s 2023 Best Workplaces and was named a Top Infosec Innovator by Cyber Defense Magazine.

Phylum is a software supply chain security company founded in 2020 by Aaron Bray, Louis Lang, and Peter Morgan. The company's platform aims to secure open-source software supply chains by automating the identification and analysis of risks across five domains: malicious code, software vulnerabilities, authorship risk, reputation, license misuse, and engineering risk. Phylum's approach involves ingesting and analyzing each package as it is published into a package registry, automating risk analysis and malware detection to identify malicious packages in an average of 11 minutes. The platform uses a combination of static application security testing (SAST), heuristics, and machine learning models to detect and report zero-day findings that may not be found on published, curated lists. Phylum's technology allows it to analyze more packages than other vendors and find the most threats to software supply chains. In December 2022, Phylum introduced Automated Vulnerability Reachability to its platform, which aims to reduce false positives in vulnerability detection by up to 90% by determining if vulnerable code is actually called within a project.

How to Modernize Your Software Supply Chain Security

Evolution of Software Supply Chain Security Report

The Software Supply Chain Security Company

An Introduction to Open-Source Software Supply Chain Risk

Phylum Raises $15 Million to Proactively Defend the Open-Source Supply Chain

Phylum strengthens mission to defend the software supply chains

Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Phylum Expands Its Software Supply Chain Security Capabilities, Introduces Automated Vulnerability Reachability

Why We Invested: Phylum

Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight

Threat Prevention Toolchain

Phylum Introduces New Software Package Firewall Capabilities

Phylum is a software supply chain security company founded in 2020 by Aaron Bray, Louis Lang, and Peter Morgan. The company's platform aims to secure open-source software supply chains by automating the identification and analysis of risks across five domains: malicious code, software vulnerabilities, authorship risk, reputation, license misuse, and engineering risk. Phylum's approach involves ingesting and analyzing each package as it is published into a package registry, automating risk analysis and malware detection to identify malicious packages in an average of 11 minutes. The platform uses a combination of static application security testing (SAST), heuristics, and machine learning models to detect and report zero-day findings that may not be found on published, curated lists. Phylum's technology allows it to analyze more packages than other vendors and find the most threats to software supply chains. In December 2022, Phylum introduced Automated Vulnerability Reachability to its platform, which aims to reduce false positives in vulnerability detection by up to 90% by determining if vulnerable code is actually called within a project.

Axonius is a cybersecurity asset management company founded in 2017 by Dean Sysman, Ofri Shur, and Avidor Bartov. The company offers a platform designed to help organizations identify and secure devices on their networks by leveraging existing security and management tools. Axonius' solution integrates with over 300 security and management solutions to provide customers with a comprehensive asset inventory, uncover security gaps, and automatically validate and enforce security policies. The platform covers hardware, software, SaaS applications, cloud services, and user identities.
Axonius' approach focuses on correlating asset data from a customer's existing infrastructure and controls rather than deploying new agents or sensors. This allows for quick deployment, often within minutes, and provides immediate value by creating an up-to-date inventory of assets. The platform helps organizations mitigate threats, navigate risks, decrease incident response time, and eliminate manual, repetitive tasks.
In 2023, Axonius crossed the USD 100 million mark in annual recurring revenue. The company's growth has been rapid, with Amit Karp of Bessemer Venture Partners noting that Axonius took less than 15 months to grow from USD 1 million ARR to USD 10 million ARR, making it one of the fastest-growing companies in BVP's history. As of March 2024, Axonius has raised nearly USD 600 million in funding and is valued at USD 2.6 billion.
Key customers and partnerships
Axonius has built a significant customer base that includes more than a dozen Fortune 500 and global organizations. Notable customers include Schneider Electric, News Corp, Anheuser-Busch InBev, The New York Times, and Cimpress. The company also supports four of the five major US Department of Defense service agencies.
In February 2020, Axonius appointed Mark Daggett as Vice President of Channels and Alliances to expand its partner program and meet increasing customer demand. The company has partnerships with various channel programs and professional services partners, including 443 Technologies, Alta Technologia, Artha Mitra Interdata, Ascent Global, ePlus, CloverIT, Ignition Technology, and Netpoleon. Axonius has also formed strategic alliances with major technology providers such as CISCO, Okta, AWS, and ServiceNow.
In March 2024, Axonius announced a partnership with Claroty to bring enterprise attack surface management to cyber-physical systems (CPS) environments. This collaboration aims to provide organizations with a unified view of assets across various environments, extending from cloud to on-premises infrastructure.

Axonius

JupiterOne is a cloud-native cyber asset attack surface management (CAASM) platform that helps organizations map, analyze, and secure complex cloud environments. Founded by Erkang Zheng, JupiterOne uses a graph-based approach to provide visibility and context across an organization's entire cyber asset universe. The platform connects to over 180 systems and data sources to collect, integrate, and model cyber asset data, including cloud resources, devices, identities, access rights, code repositories, and more. JupiterOne's technology allows teams to discover, monitor, understand, and act on changes in their digital environments.
The platform's core features include a custom query language (J1QL), pre-built queries, and natural language search capabilities that enable users to ask complex questions about their environment and get answers within seconds. JupiterOne offers over 500 out-of-the-box English-language questions and the ability to create custom queries. The company's graph-based data model exposes intricate relationships between cyber assets, providing contextual insights for security investigations and incident response.
JupiterOne addresses multiple use cases, including cloud security posture management, security operations and engineering, and governance and compliance. The platform helps organizations assess and monitor compliance with regulations like GDPR and identify vulnerabilities.
As of June 2022, JupiterOne had raised a total of USD 119 million in funding and achieved a valuation of over USD 1 billion.
Key customers and partnerships
JupiterOne's client base includes cloud-native enterprises such as Cisco, Databricks, Indeed, and Robinhood. The company has formed strategic partnerships with several major technology firms. In November 2021, JupiterOne and Cisco announced the launch of Secure Cloud Insights, an expanded cloud security and security operations partnership. This solution integrates JupiterOne's cyber asset context into Cisco technologies to provide enhanced cybersecurity capabilities for Cisco customers.
JupiterOne has also established partnerships with other cybersecurity companies. In April 2023, the company announced an integration with Splunk to provide better data visibility for Splunk users. Additionally, JupiterOne is part of the AWS Partner Network (APN) and was recognized as an AWS Rising Star Independent Software Vendor (ISV) Partner of Year 2022.

JupiterOne

Noetic Cyber is a cyber asset attack surface management (CAASM) company founded in 2019 by Paul Ayers, Allen Hadden, and Allen Rogers. The company provides a cloud-based continuous cyber asset management and controls platform that aims to give organizations better visibility into their digital infrastructure and help them identify and address security gaps. Noetic's platform uses API aggregation and correlation to gather data from various security and IT management tools, leveraging graph database technology to create a dynamic map of cyber connections between entities in both cloud and on-premises environments. This approach enables the discovery of cyber risks and non-compliant systems.
The Noetic platform employs automation and orchestration to deliver remediation capabilities and help cybersecurity teams anticipate and react to changing IT and security requirements. In September 2023, Noetic introduced significant enhancements to its platform, including Data Insights, Unified Model Explorer, and Machine Learning Classifiers. These features are designed to streamline the process of managing large volumes of security data from disparate systems and help users quickly uncover critical insights and coverage gaps.
Noetic Cyber's technology addresses common security asset management challenges, such as establishing relationships between different assets and business applications, managing assets across various tools and business units, and handling the volume and pace of change in IT environments. The company's goal is to improve security tool and control efficacy by breaking down existing data silos and enhancing the entire security ecosystem.

Noetic Cyber

Nagomi Security, founded in January 2023, is a company that specializes in proactive security and threat exposure management. The company offers a Proactive Defense Platform designed to help cybersecurity teams optimize the effectiveness of their existing security tools against real-world threats. Nagomi's platform provides end-to-end visibility of defense capabilities mapped against the MITRE ATT&CK framework, enabling organizations to prioritize risks based on their unique threat profiles and receive actionable remediation plans. The platform integrates with solutions from vendors such as CrowdStrike, Microsoft, SentinelOne, Okta, Qualys, Rapid7, and Google through read-only API connections. Nagomi's technology aims to address the issue that over 80% of breaches occur in organizations that already had tools in place to prevent them. The platform can identify misconfigurations, highlight critical gaps, and prescribe clear steps for improvement. As of September 2024, Nagomi reported that its customers had identified over 13 million misconfigurations out of more than 40 million total configurations, with over 3.6 million exposures fixed.
Key customers and partnerships
Nagomi Security has established partnerships with several prominent organizations in the cybersecurity industry. In September 2024, the company announced a partnership with CrowdStrike to integrate CrowdStrike's threat intelligence feeds with Nagomi's Proactive Defense Platform. This collaboration aims to enable organizations to convert threat insights into concrete, prescriptive actions. Nagomi's customer base includes notable organizations such as Applied Systems, HFW, and WELL Health Technologies. The company has also reported working with a Fortune 500 manufacturing company, which saw a 9% improvement in CrowdStrike utilization after implementing Nagomi's solution. Additionally, Nagomi has assisted various companies across industries, including healthcare, technology, law, insurance, and energy, in improving their security postures and addressing specific cybersecurity challenges.

Nagomi Security

DoControl is a SaaS Security Posture Management solution that provides automated data access controls for SaaS applications. Founded in 2020 and headquartered in New York, DoControl offers comprehensive visibility, threat detection, and remediation for SaaS data exposure and insider threats. The company's platform is designed to secure sensitive data and files within business-critical SaaS applications such as Google Drive, Slack, Microsoft SharePoint, Salesforce, and Box.
DoControl's solution combines CASB (Cloud Access Security Broker) and DLP (Data Loss Prevention) capabilities to ensure protection across major SaaS ecosystems. It harnesses user interactions and API access across SaaS applications and feeds them into powerful no-code workflows that automatically identify, respond to, and remediate threats stemming from SaaS data policy violations. The platform incorporates business and security context to ensure quick response to emerging threats and effective insider risk management.
The company's technology uses an event-based approach for near-real-time threat detection, replacing industry standards of days and weeks. Leveraging automated security workflows and end-user interactions, DoControl significantly reduces SaaS data exposure over time, ensuring robust security with minimal effort and no impact on productivity.
In March 2024, DoControl released a report which found that companies were generating approximately 286,000 new SaaS assets each week. The report also highlighted that one out of six employees shared company data with their personal email, emphasizing the need for comprehensive security strategies to mitigate insider threats and control data exposure.
Key customers and partnerships
DoControl has gained recognition for its innovative approach to SaaS security. In 2024, the company won two gold awards at the 20th Annual Globee Cybersecurity Awards in the categories of Insider Threat Management and Most Innovative Security Software of the Year. Additionally, DoControl received a silver award for its achievements in Data Loss Prevention.
Vox Media, a modern mass media company, is a notable customer of DoControl. The company uses DoControl to proactively detect and mitigate accidental data oversharing within their cloud collaboration environments. DoControl's advanced monitoring and alerting capabilities ensure sensitive information is not exposed to unauthorized individuals. When oversharing incidents are detected, DoControl automatically takes appropriate actions to restrict access or notify administrators for further review.
DoControl has also integrated its solution with Zoom to provide comprehensive SaaS data protection for the video conferencing platform. This integration allows users to gain visibility into specific details on account users and cloud recordings, enforce strong password protection for high-risk users, provide secure access to sensitive video recordings and text-based files, and establish robust data access control policies to protect sensitive data and files within Zoom.

DoControl

Platforms that help proactively reduce an organization's exposure to cyber attacks by locating and managing infrastructure, including SaaS, apps, and devices.

Solutions that leverage GenAI to present cybersecurity information in simple language or to generate remediation code.

Platforms that use AI and other methods to automate cybersecurity workflows, such as threat detection and remediation.

Platforms that manage or automate compliance with cybersecurity industry standards.

Solutions that help organizations test their security measures through simulated cyber attacks.

Platforms that help organizations ensure the security of open-source or third-party components used in software development.

Organizations that track and collate cyber threats, making them easier to detect and repel.

Most cybersecurity firms offer their services to enterprises on subscription bases.

AI and machine learning are heavily used in cybersecurity for automation and workflow streamlining.

Cybersecurity copilots or AI assistants leverage GenAI to display information in simple language or to generate remediation code.

Phylum

Sources

About EDGE

Contact Us

Resources

Area of Focus

Technology Research Made Effortless