Cyberstarts is the only fund in the world that is financed by entrepreneurs from its domain of focus. It is built, run, and financed by people. Cyberstarts is focused on identifying the most difficult cybersecurity challenges and solving them while giving back to a younger generation of entrepreneurs.

Cyberstarts

Lightspeed Venture Partners is a venture capital firm that engages in consumer, enterprise, technology, and cleantech markets. It focuses on seed, early-stage, later-stage, expansion-stage, start-ups, growth companies, and incubation, and specializes in debt financing for start-ups and growth companies. Lightspeed Venture Partners invests in various sectors that include enterprise, consumer, big data, bitcoin, enterprise technology, cleantech, mobile, internet, financial technology, cloud solutions, e-commerce, storage, media, networking, energy, and software, software-as-a-service, information technology, biotechnology, and social. It mainly invests in countries such as the United States, Europe, Israel, China, and India.

Lightspeed Venture Partners

Canaan is an early stage venture capital firm that invests in entrepreneurs with visionary ideas. With $5B under management, a diversified fund and over 190 exits to date, Canaan has invested in some of the world's leading technology and healthcare companies over the past 30 years. Canaan’s focus areas include fintech, enterprise/cloud, marketplaces, frontier tech, biopharma, digital health, and medtech.

Canaan Partners

Cerca Partners is a leading co-investment VC fund with a sustainable advantage of unique insights and access to the best startup investment opportunities in Israel. Powered by a community and network of global tech entrepreneurs and top-tier Venture Capital funds, the fund provides both the expertise and the finesse required in an innovative and fast paced international market. Cerca's strong network and community comprises Israel’s most successful tech entrepreneurs as well as tech and business executives in a variety of verticals. Their accumulated experience helps us make smart investment decisions and provides our entrepreneurs with invaluable guidance and mentorship.

Cerca Partners

Savvy

Savvy is a software development company that engages in cybersecurity.

Savvy is a cybersecurity company that provides a SaaS security platform designed to address the challenges associated with the rapid adoption of SaaS applications in enterprises. The company's core offering is a Workforce Security Automation platform that aims to eliminate workforce-initiated security incidents involving SaaS applications. Savvy's technology works by implementing just-in-time security guardrails directly into the user workspace, functioning as a pop-up security copilot. This system provides real-time alerts and suggestive guidance to improve user decision-making when interacting with SaaS applications.

About Savvy: Our Story, Mission, & Team

Saas Security: Identity-First Security for SaaS

Savvy, a platform to secure SaaS apps, launches out of stealth with $30M

First Security Offering to Combat Toxic Combinations Driving SaaS Risk

Savvy Raises $30M in Funding

Threat Prevention Toolchain

Savvy is a cybersecurity company that provides a SaaS security platform designed to address the challenges associated with the rapid adoption of SaaS applications in enterprises. The company's core offering is a Workforce Security Automation platform that aims to eliminate workforce-initiated security incidents involving SaaS applications. Savvy's technology works by implementing just-in-time security guardrails directly into the user workspace, functioning as a pop-up security copilot. This system provides real-time alerts and suggestive guidance to improve user decision-making when interacting with SaaS applications.
The platform is installed as a browser extension, allowing it to monitor and alert users about potentially insecure actions on desktop or laptop computers. For example, it can warn users before they submit sensitive data to applications like ChatGPT. On the back end, security teams can create workflows with automation playbooks that trigger when users take certain actions. Savvy's platform also offers visibility into applications not connected to single sign-on (SSO) and cases where users sign in directly with reused, shared, or compromised corporate credentials, which are often undetectable by traditional network security controls.
In January 2024, Savvy announced its Identity-First Security offering, which uncovers risks created by a combination of identity access management (IAM) permissions, user behavior, and business context. This solution aims to discover and remediate the most significant identity risks in real-time, addressing issues such as rogue administrators, compromised accounts, shadow identities, lack of multi-factor authentication, shared accounts, incomplete offboarding, and risky credentials.

Axonius is a cybersecurity asset management company founded in 2017 by Dean Sysman, Ofri Shur, and Avidor Bartov. The company offers a platform designed to help organizations identify and secure devices on their networks by leveraging existing security and management tools. Axonius' solution integrates with over 300 security and management solutions to provide customers with a comprehensive asset inventory, uncover security gaps, and automatically validate and enforce security policies. The platform covers hardware, software, SaaS applications, cloud services, and user identities.
Axonius' approach focuses on correlating asset data from a customer's existing infrastructure and controls rather than deploying new agents or sensors. This allows for quick deployment, often within minutes, and provides immediate value by creating an up-to-date inventory of assets. The platform helps organizations mitigate threats, navigate risks, decrease incident response time, and eliminate manual, repetitive tasks.
In 2023, Axonius crossed the USD 100 million mark in annual recurring revenue. The company's growth has been rapid, with Amit Karp of Bessemer Venture Partners noting that Axonius took less than 15 months to grow from USD 1 million ARR to USD 10 million ARR, making it one of the fastest-growing companies in BVP's history. As of March 2024, Axonius has raised nearly USD 600 million in funding and is valued at USD 2.6 billion.
Key customers and partnerships
Axonius has built a significant customer base that includes more than a dozen Fortune 500 and global organizations. Notable customers include Schneider Electric, News Corp, Anheuser-Busch InBev, The New York Times, and Cimpress. The company also supports four of the five major US Department of Defense service agencies.
In February 2020, Axonius appointed Mark Daggett as Vice President of Channels and Alliances to expand its partner program and meet increasing customer demand. The company has partnerships with various channel programs and professional services partners, including 443 Technologies, Alta Technologia, Artha Mitra Interdata, Ascent Global, ePlus, CloverIT, Ignition Technology, and Netpoleon. Axonius has also formed strategic alliances with major technology providers such as CISCO, Okta, AWS, and ServiceNow.
In March 2024, Axonius announced a partnership with Claroty to bring enterprise attack surface management to cyber-physical systems (CPS) environments. This collaboration aims to provide organizations with a unified view of assets across various environments, extending from cloud to on-premises infrastructure.

Axonius

JupiterOne is a cloud-native cyber asset attack surface management (CAASM) platform that helps organizations map, analyze, and secure complex cloud environments. Founded by Erkang Zheng, JupiterOne uses a graph-based approach to provide visibility and context across an organization's entire cyber asset universe. The platform connects to over 180 systems and data sources to collect, integrate, and model cyber asset data, including cloud resources, devices, identities, access rights, code repositories, and more. JupiterOne's technology allows teams to discover, monitor, understand, and act on changes in their digital environments.
The platform's core features include a custom query language (J1QL), pre-built queries, and natural language search capabilities that enable users to ask complex questions about their environment and get answers within seconds. JupiterOne offers over 500 out-of-the-box English-language questions and the ability to create custom queries. The company's graph-based data model exposes intricate relationships between cyber assets, providing contextual insights for security investigations and incident response.
JupiterOne addresses multiple use cases, including cloud security posture management, security operations and engineering, and governance and compliance. The platform helps organizations assess and monitor compliance with regulations like GDPR and identify vulnerabilities.
As of June 2022, JupiterOne had raised a total of USD 119 million in funding and achieved a valuation of over USD 1 billion.
Key customers and partnerships
JupiterOne's client base includes cloud-native enterprises such as Cisco, Databricks, Indeed, and Robinhood. The company has formed strategic partnerships with several major technology firms. In November 2021, JupiterOne and Cisco announced the launch of Secure Cloud Insights, an expanded cloud security and security operations partnership. This solution integrates JupiterOne's cyber asset context into Cisco technologies to provide enhanced cybersecurity capabilities for Cisco customers.
JupiterOne has also established partnerships with other cybersecurity companies. In April 2023, the company announced an integration with Splunk to provide better data visibility for Splunk users. Additionally, JupiterOne is part of the AWS Partner Network (APN) and was recognized as an AWS Rising Star Independent Software Vendor (ISV) Partner of Year 2022.

JupiterOne

Noetic Cyber is a cyber asset attack surface management (CAASM) company founded in 2019 by Paul Ayers, Allen Hadden, and Allen Rogers. The company provides a cloud-based continuous cyber asset management and controls platform that aims to give organizations better visibility into their digital infrastructure and help them identify and address security gaps. Noetic's platform uses API aggregation and correlation to gather data from various security and IT management tools, leveraging graph database technology to create a dynamic map of cyber connections between entities in both cloud and on-premises environments. This approach enables the discovery of cyber risks and non-compliant systems.
The Noetic platform employs automation and orchestration to deliver remediation capabilities and help cybersecurity teams anticipate and react to changing IT and security requirements. In September 2023, Noetic introduced significant enhancements to its platform, including Data Insights, Unified Model Explorer, and Machine Learning Classifiers. These features are designed to streamline the process of managing large volumes of security data from disparate systems and help users quickly uncover critical insights and coverage gaps.
Noetic Cyber's technology addresses common security asset management challenges, such as establishing relationships between different assets and business applications, managing assets across various tools and business units, and handling the volume and pace of change in IT environments. The company's goal is to improve security tool and control efficacy by breaking down existing data silos and enhancing the entire security ecosystem.

Noetic Cyber

Nagomi Security, founded in January 2023, is a company that specializes in proactive security and threat exposure management. The company offers a Proactive Defense Platform designed to help cybersecurity teams optimize the effectiveness of their existing security tools against real-world threats. Nagomi's platform provides end-to-end visibility of defense capabilities mapped against the MITRE ATT&CK framework, enabling organizations to prioritize risks based on their unique threat profiles and receive actionable remediation plans. The platform integrates with solutions from vendors such as CrowdStrike, Microsoft, SentinelOne, Okta, Qualys, Rapid7, and Google through read-only API connections. Nagomi's technology aims to address the issue that over 80% of breaches occur in organizations that already had tools in place to prevent them. The platform can identify misconfigurations, highlight critical gaps, and prescribe clear steps for improvement. As of September 2024, Nagomi reported that its customers had identified over 13 million misconfigurations out of more than 40 million total configurations, with over 3.6 million exposures fixed.
Key customers and partnerships
Nagomi Security has established partnerships with several prominent organizations in the cybersecurity industry. In September 2024, the company announced a partnership with CrowdStrike to integrate CrowdStrike's threat intelligence feeds with Nagomi's Proactive Defense Platform. This collaboration aims to enable organizations to convert threat insights into concrete, prescriptive actions. Nagomi's customer base includes notable organizations such as Applied Systems, HFW, and WELL Health Technologies. The company has also reported working with a Fortune 500 manufacturing company, which saw a 9% improvement in CrowdStrike utilization after implementing Nagomi's solution. Additionally, Nagomi has assisted various companies across industries, including healthcare, technology, law, insurance, and energy, in improving their security postures and addressing specific cybersecurity challenges.

Nagomi Security

DoControl is a SaaS Security Posture Management solution that provides automated data access controls for SaaS applications. Founded in 2020 and headquartered in New York, DoControl offers comprehensive visibility, threat detection, and remediation for SaaS data exposure and insider threats. The company's platform is designed to secure sensitive data and files within business-critical SaaS applications such as Google Drive, Slack, Microsoft SharePoint, Salesforce, and Box.
DoControl's solution combines CASB (Cloud Access Security Broker) and DLP (Data Loss Prevention) capabilities to ensure protection across major SaaS ecosystems. It harnesses user interactions and API access across SaaS applications and feeds them into powerful no-code workflows that automatically identify, respond to, and remediate threats stemming from SaaS data policy violations. The platform incorporates business and security context to ensure quick response to emerging threats and effective insider risk management.
The company's technology uses an event-based approach for near-real-time threat detection, replacing industry standards of days and weeks. Leveraging automated security workflows and end-user interactions, DoControl significantly reduces SaaS data exposure over time, ensuring robust security with minimal effort and no impact on productivity.
In March 2024, DoControl released a report which found that companies were generating approximately 286,000 new SaaS assets each week. The report also highlighted that one out of six employees shared company data with their personal email, emphasizing the need for comprehensive security strategies to mitigate insider threats and control data exposure.
Key customers and partnerships
DoControl has gained recognition for its innovative approach to SaaS security. In 2024, the company won two gold awards at the 20th Annual Globee Cybersecurity Awards in the categories of Insider Threat Management and Most Innovative Security Software of the Year. Additionally, DoControl received a silver award for its achievements in Data Loss Prevention.
Vox Media, a modern mass media company, is a notable customer of DoControl. The company uses DoControl to proactively detect and mitigate accidental data oversharing within their cloud collaboration environments. DoControl's advanced monitoring and alerting capabilities ensure sensitive information is not exposed to unauthorized individuals. When oversharing incidents are detected, DoControl automatically takes appropriate actions to restrict access or notify administrators for further review.
DoControl has also integrated its solution with Zoom to provide comprehensive SaaS data protection for the video conferencing platform. This integration allows users to gain visibility into specific details on account users and cloud recordings, enforce strong password protection for high-risk users, provide secure access to sensitive video recordings and text-based files, and establish robust data access control policies to protect sensitive data and files within Zoom.

DoControl

Platforms that help proactively reduce an organization's exposure to cyber attacks by locating and managing infrastructure, including SaaS, apps, and devices.

Solutions that leverage GenAI to present cybersecurity information in simple language or to generate remediation code.

Platforms that use AI and other methods to automate cybersecurity workflows, such as threat detection and remediation.

Platforms that manage or automate compliance with cybersecurity industry standards.

Solutions that help organizations test their security measures through simulated cyber attacks.

Platforms that help organizations ensure the security of open-source or third-party components used in software development.

Organizations that track and collate cyber threats, making them easier to detect and repel.

Most cybersecurity firms offer their services to enterprises on subscription bases.

AI and machine learning are heavily used in cybersecurity for automation and workflow streamlining.

Cybersecurity copilots or AI assistants leverage GenAI to display information in simple language or to generate remediation code.

Savvy

Sources

About EDGE

Contact Us

Resources

Area of Focus

Technology Research Made Effortless