Six cyber security companies to watch in 2022

This article originally appeared in issue 29 of IT Pro 20/20, available here. To sign up to receive each new issue in your inbox, click here

Post a call asking for industry experts – and their press teams – to share the innovative security tools they’re working on and you’ll get, shall we say, a varied response. Among them were a global certificate authority claiming to have fixed the “major obstacle to secure email” and a Californian enterprise announcing a platform expansion to protect data at the end-point device level. We even heard from a small business that’s developed a product with the same initials as Dance, Dance Revolution.

Cyber security is saturated with increasingly desperate threats coupled with big names promising increasingly ingenious antidotes. However, whether it’s by harnessing artificial intelligence (AI) or bolstering cloud computing protections, much of this might be important incremental steps in cyber security, but far from revolutionary.

With the threat escalating, we throw the spotlight onto six of the most exciting companies in this space with innovations that could shape the cyber security landscape in future.

Concourse Labs

The idea behind Concourse Labs’ principal product is that, in their words, it “encompasses the creation, enforcement, remediation, and life cycle of security, as code”. It’s based on the idea that security should be integral to software development, and treated like other forms of code.

With backing from large-scale venture capitalists like 83North, and part of the Amazon Web Services (AWS) marketplace, Concourse’s cloud-native application protection platform (CNAPP) lets chief information security officers (CISOs) visualise cloud risk.

The firm markets its platform as a way to “enforce security guardrails” amidst the onslaught of cyber threats facing runtime environments. This CNAPP platform offers protection across the full application lifecycle, security for apps, protection across diverse cloud environments, and rich security-as-code architecture.

Like many companies in this bracket, Concourse takes the, “let’s solve a foundational industry issue at the deepest level” approach. Part of what they hope to do is simplify security for both developers and security professionals, asking clients to ditch the command line interface (CLI) in favour of a graphical user interface (GUI).

Lightspin

Few tools are as ubiquitous on the technology landscape as code repository Github. That’s why Israeli firm Lightspin, founded in 2020 and recipient of a $20 million funding round last year, and their integration with Github to scan infrastructure as code (IaC) files, appears promising.

Lightspin’s tool lets developers scan IaC files and find security flaws and infrastructure misconfigurations before these are deployed to production. The scanning component claims to give DevSecOps teams confidence in ensuring code is robust from the start of the development cycle, with its so-called prioritisation engine revealing attack pathways from build to runtime.

Like many of the tools on this list, Lightspin’s goal is to find and fix issues before they start – what it calls a “shift-left” approach to security. It wants to get rid of the clutter that comes with security alerts, which is perhaps what put them on Forbes’ 2021 Top 20 Startups to Watch list.

Cyberhaven

When I heard about a cyber security product called DDR, I couldn’t help but think of the staff at California-based Cyberhaven dancing around their offices at a frantic pace while simultaneously trying to protect personal data. Yes, I know it’s silly to compare an offering intended to provide a transformative approach to protecting intellectual property (IP) and user data, with a video game first released more than 20 years ago – and yet, here we are.

What DDR actually stands for is Data Detection and Response, and Cyberhaven promises a platform that can allow a company – to give one example – to know when one of their employees is copying proprietary data onto a spreadsheet and uploading it to their personal machine. They call data loss prevention (DLP) tools like signatures and network perimeters “obsolete”. Indeed, Cyberhaven has published four separate white papers with more information on the concepts powering DDR, three of which tackle holes they believe are part and parcel with data loss prevention systems. The company prefers, instead, to organise on first principles that include gathering all the event data possible, building context for those events, and then moving onto policy implementation.

XM Cyber

Acquired less than eight months ago by Schwarz Group, Israel-based XM Cyber offers a platform called Attack Path Management (APM). Used by large-scale companies like Swisscom, the Hamburg Port Authority, and Lidl, the still-independent outfit focuses on predicting and managing risks before they happen.

The platform lets organisations visualise pathways to their critical assets, and shines the light on hidden links between misconfigurations, flaws and overly permissive identities that might compromise assets. The most interesting part of APM is the functionality to visualise and simulate how an attacker might move through the business.

XM Cyber also claims the software as a service (SaaS) based platform is compatible with a range of hybrid cloud environments as well as third-party services. These include cloud infrastructure platforms like AWS, Microsoft Azure, Google Cloud and HashiCorp, as well as end-point security, ticketing, vulnerability management and SIEM platforms. A wealth of internal research, alongside a product that provides attack scenarios, risk reporting, and vulnerability prioritisation are all part of the reason XM Cyber’s sale fetched a cool $700 million.

Neosec

Here’s a question: what do the phrases ‘vulnerable’, ‘misconfigured’, and ‘logic abuse’ all have in common within a cyber security environment? According to 2020 startup Neosec, all three are issues facing application programming interfaces (APIs).

With $20.7 million in early funding secured in autumn 2021, Neosec says it’s reinventing API Security by providing a platform that integrates with a wide range of products, including AWS, Microsoft Internet Information Services (IIS), and Google Cloud.

Neosec’s data analytics platform analyses an entire API dataset over 30 days, baselines behaviour, and understands usage over time. The platform then builds dynamic profiles for every entity in the API estate. The Neosec team says it applies extended detection and response (XDR) principles to API security to detect abuse and any potential security lapses.

Neosec offers a partnership model, which it says unifies security professionals and developers around the goal of delivering new features while heightening cyber security protections and protecting against flaws and behavioural abuse.

AwareGO and mitigating the human risk

With many cyber security companies offering ‘automated this’ and ‘person-less that’, the Icelandic AwareGO takes a different approach. They call people “the greatest asset in cyber security”, and in line with this theme, the company launched a human risk assessment platform for small and medium-sized businesses (SMBs) in May.

From the company that’s also released cyber security awareness training tools, this platform allows clients to continuously track the risks associated with people across a broad range of threats. Human Risk Assessment measures and tracks employees’ cyber security knowledge and behaviour, generating a resilience score taking into account dangers like phishing, flexible working, passwords and physical security, among others.

As opposed to many other products in this space that purely identify and address issues without considering the human element, AwareGo includes small training videos that aim to boost employees’ baseline understanding of cyber security. Workers can also be tested in realistic and personalised scenarios. High-profile clients include Deloitte, Trend Micro and McLaren.