These five best-of-the-best security startups will change how you work in 2022-and beyond

Jake Flomenberg, Partner, Wing Venture Capital

Jake Flomenberg, Partner, Wing Venture Capital

Last year was a record-breaking year for VC funding in cybersecurity; at nearly $30 billion, 2021 more than doubled funding compared to 2020, and beat out the two previous years– combined.

Before the recent geopolitical tumult, the war in Ukraine, and, as of writing in early Q2, expected interest rate hikes, I’d have confidently bet that 2022 funding figures would handily beat 2021. Regardless, the sector continues to grow–it will be interesting to see what impact the current political environment has on Russian cybercrime and ransomware payments.

At Wing Venture Capital, where I’m a partner, I focus on seed and early stage startups in the security space, along with AI/ML, data, PLG, and next generation infrastructure. Every year, we release, in partnership with Nasdaq, a list of the most promising enterprise tech startups, organized by stage, in the world.

It’s called the Enterprise Tech 30, or ET30 for short, and it recognizes the best of the best: the companies with the most potential to meaningfully impact how enterprises work.

To do it, we survey nearly 100 leading venture capitalists, 30 corporate development teams, and keep the voting fair: they aren’t allowed to stack the votes in favor of their portfolio companies, and the final tally takes other, objective data gathered by our research team into consideration.

It came as no surprise that security-focused startups had a strong presence across every section of the list, from the earliest stage newbies to the $1 billion+ veterans on the list.

They had the strongest presence, though, in the early- and mid-stage categories; it makes sense, given how quickly the sector is growing. Of those 20 companies, 25 percent were in the security space.


Tailscale (Founded 2019; 31 employees;

What they do: Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.

Why you should care: Unlike traditional VPNs that tunnel network traffic through a central gateway server, Tailscale creates a peer-to-peer mesh network called a tailnet. This approach avoids centralization where possible and reduces single points of failure, resulting in higher throughput and lower latency, and a more reliable, stable environment.


What they do: Stytch is building a developer platform with the tools and infrastructure to enable companies to incorporate password less authentication options into apps and websites.

Why you should care: Their APIs and SDKs can improve user onboarding and retention by removing passwords from their applications and replacing them with more secure and low-friction authentication options including email magic links, one-click user invitations, biometrics, and SMS and WhatsApp passcodes.


What they do: Panther is a cloud-native security analytics platform that combines detections-as-code with automation workflows to detect, investigate, and analyze data across environments at cloud-scale.

Why you should care: Panther was built by security engineers, for security engineers, to alleviate the challenges and frustrations they experienced hunting for a SIEM that could deal with ever-growing volumes of security data, securing public cloud environments, and detecting increasingly sophisticated attacks. They’re serverless, open-source, cloud-first, and developer-friendly.


What they do: Drata is a security and compliance automation platform that lets companies streamline SOC 2, ISO 27001, HIPAA, PCI DSS, and/or GDPR compliance through continuous, automated control monitoring and evidence collection.

Why you should care: Do you love preparing for annual security audits? No? Well, Drata automates it, resulting in a strong security posture, lower costs, and, yes: less time spent prepping for annual audits.


What they do: Abnormal Security provides a cloud-native email security platform that leverages AI-based behavioral data science to stop socially-engineered and never-seen-before email attacks that evade traditional Secure Email Gateways (SEGs).

Why you should care: Detecting email attacks is getting increasingly tricky, and the tools and methods most legacy email security providers use just aren’t good enough. Abnormal Security uses AI to ensure your email security is at the top of its game, ready for whatever bad actors come up with.

"The Modern Data Stack Is Evolving, Particularly In Terms Of Observability And Collaboration. As It Does, More Security Challenges And Opportunities Will Emerge, Reminding Us Of What, Exactly, We’re Often In The Business Of Protecting: The Data!"

The sixth security startup on the list, in the giga-stage category (aka those that have raised $1+ billion) was Snyk, a 1k+ person, developer-first company that lets developers secure all components of modern cloud native applications.

Their inclusion, as well as several others on the list, spoke to another major trend in the ET30: developers rule.

Nearly 40 percent of the companies on the list were in the ‘developer platforms and tools’ category, bolstering the now-evident claim that companies empowering developers will shape our collective future.


The modern data stack is evolving, particularly in terms of observability and collaboration. As it does, more security challenges and opportunities will emerge, reminding us of what, exactly, we’re often in the business of protecting: the data!

Low-code automation is growing, and with it, questions as to how we will secure it. As more business-critical processes are built or supported by low-code, we will be tasked with new, pressing challenges around monitoring and securing these systems.

Read more about it all at, or get in touch with me directly at Jake@Wing. vc.

Weekly Brief

Read Also

Fighting Fraud is a Combination of Effective Preventive Systems, Use of Skillful Staff and Employee Awareness

Fighting Fraud is a Combination of Effective Preventive Systems,...

Kim Siren, Head of Fraud Management at OP Financial Group
Intentionality Is The Key To Increasing Diversity In Information Technology

Intentionality Is The Key To Increasing Diversity In Information...

Rosemarie Lee, Vice President and Chief Information Security Officer at BlueCross BlueShield of Tennessee