Startups that offer tools to protect cloud environments — including cloud data security, identities, and AI systems — are among the companies that stood out during the year.
New players in cloud security and artificial intelligence
When organizations think about all the functions needed to keep their cloud environments secure today, it's about more than just addressing infrastructure and vulnerabilities. For starters, securing data and associated identities is now an essential part of any respectable cloud security strategy.
“When you look at cloud security, of course, you have the infrastructure and the vulnerabilities,” said Yotam Segev, co-founder and CEO of Cyera, a $3 billion data security startup. “But then, you have the data and access aspect – what data is there, where and who can access it. That's a big part of protecting these new ecosystems.”
(Related: Top 10 Cybersecurity Startups of 2024)
Cyera is among the rising companies working to help partners and customers protect their existing cloud environments — including not just AWS, Microsoft Azure, and Google Cloud, but also the cloud data platforms and SaaS applications that many organizations rely on heavily. .
Increasingly, protecting the cloud also requires securing AI – especially given the massive industry-wide push to adopt big language models and AI-powered applications. Experts warn that the increasing use of AI is dramatically expanding the cloud attack surface, with threat actors now targeting everything from stealing data via GenAI applications to poisoning underlying AI models.
For CRN's year-end coverage, we selected 10 cloud security and AI startups that we believe represent the combination of promising technology, market momentum, and engagement with solution providers that can make the companies permanent players in the space. We've selected startups founded since 2019 that have big announcements in 2024 — such as a significant product launch, channel partnership announcement, or funding round — that demonstrate their market traction.
Here are details on 10 of the hottest cloud security and AI startups of 2024.
Asterix Security
Establishment date: 2021
CEO: Alun Jackson
Astrix Security provides greater control over non-human identities across SaaS, IaaS, and PaaS with functionality including real-time detection and situation management. Other key capabilities include ITDR (Identity Threat Detection and Response) for non-human identities, with the ability to detect anomalies that could indicate malicious use of identities, the company said. In September, Astrix announced the launch of a partnership with Herndon, Va.-based GuidePoint Security, No. 39 on the 2024 CRN 500 solutions provider.
Walk
Establishment date: 2021
CEO: Yotam Segev
Cyera provides an agentless data security platform – which works across environments including cloud, SaaS and on-premises – and offers both data security posture management (DSPM) and data loss prevention (DLP). Combining the capabilities provides a unified view of data and access risks, according to the company. The startup expanded beyond its primary focus on DSPM to add DLP capabilities with the $162 million acquisition of Trail Security in October. Cyera's key partners include GuidePoint Security, World Wide Technology and Trace3.
In November, New York-based Cyera announced a $300 million Series D funding round, which followed a previous fundraising of the same amount in April. The latest round doubled the company's value to $3 billion.
Dope.security
Establishment date: 2021
CEO: Kunal Agarwal
Dope.security offers a simplified way to secure your web gateway, powered by a patented “fly-direct” architecture that avoids the need to reroute web traffic through downtime data centers. In April, the startup introduced its new CASB Neural offering, which the company called the “first” AI-based CASB (Cloud Access Security Broker) tool for deep learning, using large language modeling (LLM) technology to prevent data loss. Then in October, Dope.security enhanced CASB Neural with capabilities to identify and manage public file sharing.
Mitiga
Establishment date: 2019
CEO: Tal Moses
Mitiga – a finalist in the Innovation Sandbox at this year's RSA Conference – provides capabilities for “advanced” visibility, threat detection, investigation and response in cloud and SaaS deployments. In September, the startup debuted its managed cloud detection and response service, which provides 24/7 monitoring of cloud and SaaS threats as well as rapid mitigation of attempted attacks.
permission
Establishment date: 2020
Co-CEOs: Jason Martin (left), Paul Nguyen
Permiso offers what it calls a “unified” identity security platform — which works across both cloud and on-premises environments — and combines security posture management, threat detection, and response for identities. In April, Permiso announced raising an $18.5 million Series A funding round led by Altimeter Capital to double down on integrations and product improvements. The company followed up with a number of product announcements this fall including the launch of the Global Identity Graph in September and the debut of a series of open source tools in October and November, including DetentionDodger, a tool for detecting leaked credentials in the cloud.
Artificial intelligence protection
Establishment date: 2022
CEO: Ian Swanson
Protect AI focuses on AI-SPM (AI Security Posture Management) which aims to provide greater visibility, management and security to AI/ML environments, as well as providing remediation and governance capabilities. In July, the startup announced the acquisition of SydeLabs, which brought simulation capabilities to automate attacks against GenAI systems. Then in August, Protect AI closed $60 million in Series B funding led by Evolution Equity Partners, bringing the company to $108.5 million in total funding raised to date.
Centra
Establishment date: 2021
CEO: Yoav Regev
Centra offers a Data Security Posture Management (DSPM) platform that aims to provide enhanced visibility into sensitive cloud data, along with greater automation of risk assessment and data-related access analysis. In May, the startup unveiled a new offering, Sentra DataTreks, which provides alerts about sensitive data movement as well as guidance and recommendations. Sentra also unveiled local support in May.
Sweet security
Establishment date: 2022
CEO: Dror Kashti
In December, Sweet Security debuted what it described as a “unified” cloud-native detection and response platform, which can detect and respond to threats across applications, cloud environments and cloud workloads. GenAI-powered capabilities on the platform include vulnerability management, cloud visibility, and runtime cloud security posture management (CSPM). Sweet Security announced in March that it had raised $33 million in Series A funding led by Evolution Equity Partners.
Security upwind
Establishment date: 2022
Executive Director: Amiram Shashar
Upwind provides a comprehensive runtime cloud security platform that includes cloud workload protection, cloud detection and response, as well as CSPM (Cloud Security Posture Management), CIEM (Cloud Identity Entitlement Management), and other capabilities. The Upwind platform leverages the company's “lightweight” eBPF (Extended Berkeley Beam Filter) sensor technology to identify anomalous behavior and provide automated protection, the startup said. In March, Upwind revealed that its offering is available as an add-on for Amazon Elastic Kubernetes Service (Amazon EKS). In December, Upwind announced $100 million in new funding led by Craft Ventures.
WatchAI
Establishment date: 2023
CEO: Rick Caccia
WitnessAI announced the commercial launch of its Secure AI Enablement Platform in October, which provides security and governance guardrails — such as unified policy control and shadow IT visibility — for third-party GenAI applications. The platform also provides controls for first-party applications supported by Large Language Models (LLMs), such as preventing immediate injection. The launch of the platform follows the announcement in May of WitnessAI's $27.5 million Series A funding round, led by GV and Ballistic Ventures. In December, the startup revealed that retired US Army General Paul M. Nakasone, who was also former commander of US Cyber Command and director of the National Security Agency, had joined its board of directors.
