10 of the hottest new cyber security start-ups at RSA 2022

The 32nd edition of the annual security event RSA Conference (RSAC 2022) kicks off on June 6 in San Francisco, allowing a fresh breed of security vendors to showcase their capabilities.

Back to being an in-person event after going virtual last year because of the pandemic, RSAC 2022 has booked a formidable mix of security start-up debuts, featuring technology and approaches to security that include devsecops, identity and access management (IAM), threat management, and cloud security.

About 35 start-ups have kiosks at the Early Stage Expo, RSAC's innovation space dedicated to promoting up-and-comers in the security industry. Following are a few of the more interesting ones from the line-up, in alphabetical order:

Cado Security: Cloud incident response [Early Stage Expo 26]:

Founded in April 2020, Cado Security provides a cloud investigation platform designed to allow security teams to respond to threats in  cloud workloads quickly, with contextual analysis. 

By automating data capture and processing, the Cado Response platform offers forensic-level detail and context to simplify response. At RSAC, the London-based company will showcase how the platform expedites cloud incident response.

Cympire: Cyber training and assessment [Early Stage Expo 34]:

Israel-based Cympire, founded in 2018, offers a cyber-security training and assessment platform to help organisations build up their cyber-resilience. Its SaaS product, Cyweria, offers diverse training scenarios and also allows companies to customise their own, for both red and blue teams. The company says it has been built to simulate any network typology or IT system.

Fend: IoT security and intelligence [Early Stage Expo 8]:

Founded in 2017, Fend is a cyber security company focused on physical, hardware solutions for critical infrastructure protection. The Virginia-based company’s combination of hardware and cloud-based equipment monitoring and analytics provides security for IoT, industrial applications and embedded systems, including utilities, governments, and real estate.

Flow Security: Cloud data security [Early Stage Expo 29]:

Flow, founded in 2020, says that it provides companies with the means to secure their cloud data through the entire application environment, as well as external services. The Israel-based start-up does so by discovering data flows, classifying them according to their sensitivity, and performing continuous data risk assessment and remediation.

Fuzzbuzz: Devsecops provider [Early Stage Expo 10]:

Founded in 2018, Fuzzbuzz has developed an automated fuzzing tool that runs code through procedurally generated test cases to find bugs and vulnerabilities. The company says its fuzzing platform does not require any security knowledge to use, allowing developers to get started in under 30 minutes. Fuzzbuzz is headquartered in California.

GitGuardian: Devsecops platform [Early Stage Expo 25]:

Paris-based GitGuardian is a cyber-security start-up working to solve the issue of secrets sprawling through source code, a problem that leads to credentials ending up in compromised, or even public, places. The company, founded in 2017, says it solves this issue by automating secrets detection for application security and data loss prevention.

Infinipoint:  Device identity as a service [Early Stage Expo 28]:

Infinipoint's device- identity-as-a-service is a cloud-based security platform for machine identity management, designed to protect access to all applications, for any user and device, from anywhere. The Israel-based start-up says it provides single sign-on authorisation integrated with risk-based policies and one-click remediation for non-compliant and vulnerable devices. Infinipoint was founded in 2019.

SafeBase: Enterprise security and compliance [Early Stage Expo 21]:

SafeBase, founded in 2020, offers a Smart Trust Center designed to simplify security and compliance reviews. The California-based start-up aims to help companies share their security posture and automate access to sensitive compliance information. The company says its centre can speed up enterprise sales cycles by days and reduces questionnaire volume by more than 50 per cent.

ShardSecure: Cloud security [Early Stage Expo 22]:

New York-basedShardSecure is focused on helping customers maintain control of their data in the cloud, improve data availability and integrity in the face of attack and service disruptions, and meet compliance requirements while lowering administrative overhead. 

The company, founded in 2019, employs a technique it calls microsharding, which shreds data into microshards, mixing and distributing it in a way to prevent unauthorised users from having an intelligible data set.

ShiftRight: Security business intelligence [Early Stage Expo 16]:

California-based ShiftRight claims to bridge gaps among security engineering teams with a customer relationship management (CRM) platform that helps companies stay on top of security events by marshalling the appropriate resources from across the enterprise to complete security tasks and also track the performance of security investments. The start-up was founded in 2019.