These five best-of-the-best security startups will change how you work in 2022-and beyond

Jake Flomenberg, Partner, Wing Venture Capital

Jake Flomenberg, Partner, Wing Venture Capital

Last year was a record-breaking year for VC funding in cybersecurity; at nearly $30 billion, 2021 more than doubled funding compared to 2020, and beat out the two previous years– combined.

Before the recent geopolitical tumult, the war in Ukraine, and, as of writing in early Q2, expected interest rate hikes, I’d have confidently bet that 2022 funding figures would handily beat 2021. Regardless, the sector continues to grow–it will be interesting to see what impact the current political environment has on Russian cybercrime and ransomware payments.

At Wing Venture Capital, where I’m a partner, I focus on seed and early stage startups in the security space, along with AI/ML, data, PLG, and next generation infrastructure. Every year, we release, in partnership with Nasdaq, a list of the most promising enterprise tech startups, organized by stage, in the world.

It’s called the Enterprise Tech 30, or ET30 for short, and it recognizes the best of the best: the companies with the most potential to meaningfully impact how enterprises work.

To do it, we survey nearly 100 leading venture capitalists, 30 corporate development teams, and keep the voting fair: they aren’t allowed to stack the votes in favor of their portfolio companies, and the final tally takes other, objective data gathered by our research team into consideration.

It came as no surprise that security-focused startups had a strong presence across every section of the list, from the earliest stage newbies to the $1 billion+ veterans on the list.

They had the strongest presence, though, in the early- and mid-stage categories; it makes sense, given how quickly the sector is growing. Of those 20 companies, 25 percent were in the security space.

LET’S LOOK AT EACH, FROM SMALLEST TO BIGGEST.

Tailscale (Founded 2019; 31 employees; tailscale.com)

What they do: Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.

Why you should care: Unlike traditional VPNs that tunnel network traffic through a central gateway server, Tailscale creates a peer-to-peer mesh network called a tailnet. This approach avoids centralization where possible and reduces single points of failure, resulting in higher throughput and lower latency, and a more reliable, stable environment.

STYTCH (FOUNDED: 2020; 43 EMPLOYEES; STYTCH.COM)

What they do: Stytch is building a developer platform with the tools and infrastructure to enable companies to incorporate password less authentication options into apps and websites.

Why you should care: Their APIs and SDKs can improve user onboarding and retention by removing passwords from their applications and replacing them with more secure and low-friction authentication options including email magic links, one-click user invitations, biometrics, and SMS and WhatsApp passcodes.

PANTHER LABS (FOUNDED: 2018; 85 EMPLOYEES; RUNPANTHER.IO)

What they do: Panther is a cloud-native security analytics platform that combines detections-as-code with automation workflows to detect, investigate, and analyze data across environments at cloud-scale.

Why you should care: Panther was built by security engineers, for security engineers, to alleviate the challenges and frustrations they experienced hunting for a SIEM that could deal with ever-growing volumes of security data, securing public cloud environments, and detecting increasingly sophisticated attacks. They’re serverless, open-source, cloud-first, and developer-friendly.

DRATA (FOUNDED: 2020; 120 EMPLOYEES; DRATA.COM)

What they do: Drata is a security and compliance automation platform that lets companies streamline SOC 2, ISO 27001, HIPAA, PCI DSS, and/or GDPR compliance through continuous, automated control monitoring and evidence collection.

Why you should care: Do you love preparing for annual security audits? No? Well, Drata automates it, resulting in a strong security posture, lower costs, and, yes: less time spent prepping for annual audits.

ABNORMAL SECURITY (FOUNDED: 2018; 216 EMPLOYEES; ABNORMALSECURITY.COM)

What they do: Abnormal Security provides a cloud-native email security platform that leverages AI-based behavioral data science to stop socially-engineered and never-seen-before email attacks that evade traditional Secure Email Gateways (SEGs).

Why you should care: Detecting email attacks is getting increasingly tricky, and the tools and methods most legacy email security providers use just aren’t good enough. Abnormal Security uses AI to ensure your email security is at the top of its game, ready for whatever bad actors come up with.

"The Modern Data Stack Is Evolving, Particularly In Terms Of Observability And Collaboration. As It Does, More Security Challenges And Opportunities Will Emerge, Reminding Us Of What, Exactly, We’re Often In The Business Of Protecting: The Data!"

The sixth security startup on the list, in the giga-stage category (aka those that have raised $1+ billion) was Snyk, a 1k+ person, developer-first company that lets developers secure all components of modern cloud native applications.

Their inclusion, as well as several others on the list, spoke to another major trend in the ET30: developers rule.

Nearly 40 percent of the companies on the list were in the ‘developer platforms and tools’ category, bolstering the now-evident claim that companies empowering developers will shape our collective future.

OTHER TRENDS?

The modern data stack is evolving, particularly in terms of observability and collaboration. As it does, more security challenges and opportunities will emerge, reminding us of what, exactly, we’re often in the business of protecting: the data!

Low-code automation is growing, and with it, questions as to how we will secure it. As more business-critical processes are built or supported by low-code, we will be tasked with new, pressing challenges around monitoring and securing these systems.

Read more about it all at EnterpriseTech30.com, or get in touch with me directly at Jake@Wing. vc.

Weekly Brief

Read Also

Data: an Invaluable Asset

Data: an Invaluable Asset

Nathaniel Karp, Chief Economist, BBVA Compass
Navigating the Changing Cybersecurity Landscape

Navigating the Changing Cybersecurity Landscape

Mark Leary, VP & CISO, Regeneron Pharmaceuticals
The Changing Facets in Enterprise Security Space

The Changing Facets in Enterprise Security Space

Greg Barnes, Global CISO at Amgen
Open Sources, Open Doors or How to Innovate in a Competitive Cloud Market

Open Sources, Open Doors or How to Innovate in a Competitive Cloud...

Garrick Stavrovich, the Lead Product Manager for Nasdaq’s Global Information Services
How AI will play a crucial role in the defense against cyber attacks

How AI will play a crucial role in the defense against cyber attacks

Scott Southall, Regional Head of Innovation, Asia Pacific, Citi
Building NextGen Enterprise Risk Management Capabilities

Building NextGen Enterprise Risk Management Capabilities

Chee Kong Wong, EY Oceania and EY Asia-Pacific Governance Risk and Compliance (GRC) Technology Leader