MassMutual Ventures

VIA Science, Inc. is a technology company that develops an artificial intelligence (AI) application tailored for the energy sector. Founded in 2016 and headquartered in Somerville, Massachusetts, with an additional office in Montreal, Canada, VIA provides a blockchain-based application called Trusted Analytics Chain. This platform aggregates company-wide data, allowing organizations to analyze information across multiple locations securely. VIA focuses on addressing asset management and operational challenges in collaboration with key stakeholders in the energy industry, including governments and large utilities. Its innovative solutions leverage AI and causal analytics to prioritize risks to critical infrastructure, facilitating encrypted analysis of sensitive data and enhancing initiatives such as predictive maintenance and contingency planning.

AI fighting AI. CISOs face an impossible risk landscape today. 80% of cybersecurity breaches start because of employee error. The problem is exacerbating with generative AI, as a single hacker can specifically target thousands of employees in the same amount of time that they used to specifically target tens of employees with social engineering. CISOs lack tools to deal with employee risk and are held accountable when a breach inevitably happens. By leveraging AI at each step, Dune Security empowers organizations to quantify individual risk through analyzing user behavior, context, learning patterns, and third party data. This allows the automation of tailored cybersecurity measures to each individual, transforming vulnerabilities into strengths. Dune is the central engine of all employee risk data, which is a solution that is not just timely for organizations but necessary in navigating the present cybersecurity landscape. This gives the CISO the capability to understand who are the high risk employees, to what extent, and why - as well as automatically remediate and restrict access to keep their organization safe. Today, Dune Security uniquely replaces legacy and ineffective security awareness training by pinpointing the crucial 8% of employees responsible for 80% of the risk, ensuring all employees receive personalized, machine learning-driven training tailored to their risk profile. CISOs also have easy access to quantifiable data via robust reporting and API-out capability, enabling them to both report to compliance auditors, regulators, and insurance underwriters, as well as restrict access to high-risk employees through other security systems.

Scrut Automation is a compliance automation company based in Bangalore, Karnataka, established in 2021. The company provides an information security compliance platform that streamlines labor-intensive compliance tasks by integrating with cloud and software-as-a-service tools. By automatically collecting numerous evidence artifacts, Scrut Automation significantly reduces the time required for compliance processes, which would typically take weeks. The platform combines advanced technology with human expertise to address complex compliance scenarios and facilitates seamless interaction with external resources, such as auditors and penetration testers. This approach allows businesses to automate collaboration, controls, and monitoring related to compliance, ultimately enhancing their operational efficiency and enabling them to close more enterprise deals.

Scrut Automation is a compliance automation company based in Bangalore, Karnataka, established in 2021. The company provides an information security compliance platform that streamlines labor-intensive compliance tasks by integrating with cloud and software-as-a-service tools. By automatically collecting numerous evidence artifacts, Scrut Automation significantly reduces the time required for compliance processes, which would typically take weeks. The platform combines advanced technology with human expertise to address complex compliance scenarios and facilitates seamless interaction with external resources, such as auditors and penetration testers. This approach allows businesses to automate collaboration, controls, and monitoring related to compliance, ultimately enhancing their operational efficiency and enabling them to close more enterprise deals.

Mine is a technology company focused on empowering individuals to take control of their personal data online. The platform allows users to quickly identify companies that hold their sensitive information, including personal, financial, and health data. By integrating with users' email, Mine scans interactions to determine potential data holdings and facilitates a simple process for users to request data deletion from those companies. This capability supports users' rights to privacy and helps minimize their online exposure, reducing potential risks associated with data breaches and misuse. Ultimately, Mine promotes the concept of data ownership as a fundamental human right, ensuring that individuals can manage their personal information effectively.

Prove is a technology company that specializes in smartphone-based identity verification solutions, focusing on mobile authentication to protect against identity theft and social engineering attacks. Its offerings include phone-centric and API marketplace solutions that streamline the customer acquisition process, enhance engagement, and improve both security and consumer privacy. By leveraging instant mobile authentication, Prove helps its clients reduce friction in user interactions while simultaneously minimizing the risk of fraud. The company serves a diverse range of industries, including financial services, healthcare, insurance, technology, and retail. Founded in 2008 and headquartered in New York, Prove also has additional locations in Denver and London, demonstrating its international presence in the identity verification market.

HarfangLab specializes in developing advanced software aimed at enhancing the detection and neutralization of cyberattacks on corporate endpoints. Their cloud-based platform integrates with third-party cybersecurity solutions to provide comprehensive visibility across systems. The software facilitates real-time threat identification, investigation, and elimination, significantly improving the efficiency of threat management. HarfangLab's team comprises specialists with extensive experience in both defensive and offensive cyber operations, having previously worked with the French National Agency for the Security of Information Systems, the French Ministry of Defense, and leading cybersecurity firms. This expertise positions HarfangLab as a key player in delivering robust cybersecurity solutions for organizations seeking to protect their digital assets.

Zluri is a SaaS management platform designed for modern enterprises. It assists IT teams in discovering, managing, securing, and ensuring compliance across various SaaS applications. By providing tools to reduce risks, eliminate waste, and automate IT tasks, Zluri helps organizations maximize the value and productivity of their subscription-based software ecosystem, thereby giving IT teams control over their SaaS landscape.

Phosphorus Cybersecurity is an IoT security management and breach prevention platform for the xTended Internet of Things. Designed to secure the rapidly growing and often unmonitored world of Things across the enterprise xIoT landscape, our Unified xIoT Security Management Platform delivers attack surface management across every industry vertical, providing intelligent active discovery and risk assessment, hardening and remediation, and detection and response. It brings enterprise xIoT security to every cyber-physical system in your enterprise environment. With unrivaled IoT Intelligent Active Discovery and risk assessment, Phosphorus automates the remediation of the most significant IoT, OT, IoMT, and IIoT device vulnerabilities – including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.

Zluri is a SaaS management platform designed for modern enterprises. It assists IT teams in discovering, managing, securing, and ensuring compliance across various SaaS applications. By providing tools to reduce risks, eliminate waste, and automate IT tasks, Zluri helps organizations maximize the value and productivity of their subscription-based software ecosystem, thereby giving IT teams control over their SaaS landscape.

CloudSEK is a cybersecurity company that specializes in providing predictive solutions to help businesses safeguard against digital threats. The company's platform integrates cyber crime monitoring, brand monitoring, attack surface monitoring, and supply chain intelligence into a single unified dashboard. This allows clients to visualize and triage digital risks effectively. Utilizing artificial intelligence, CloudSEK's tools assist in identifying, assessing, and mitigating various threats, including phishing attacks, data breaches, and supply chain vulnerabilities. Additionally, the platform offers workflows and integrations to support the management and remediation of identified threats, enabling organizations to maintain a robust security posture in real time and prevent significant financial losses.

SecZetta, Inc. specializes in identity lifecycle management and identity and access management software and services. Founded in 2006 and headquartered in Newport, Rhode Island, with an additional office in Bellingham, Massachusetts, the company offers a range of solutions designed to manage non-employees and their access to organizational resources. Key products include NE Profile, which helps identify third-party relationships and associated risks; NE Access, which manages third-party identities; and ID Proxy, which analyzes and processes employee data. SecZetta also provides consulting services focusing on governance, risk management frameworks, and security audits, alongside implementation and managed services for identity and access management. The company serves various sectors, including retail, healthcare, finance, and education, aiming to enhance security and streamline the onboarding process for non-employees.

Mine is a technology company focused on empowering individuals to take control of their personal data online. The platform allows users to quickly identify companies that hold their sensitive information, including personal, financial, and health data. By integrating with users' email, Mine scans interactions to determine potential data holdings and facilitates a simple process for users to request data deletion from those companies. This capability supports users' rights to privacy and helps minimize their online exposure, reducing potential risks associated with data breaches and misuse. Ultimately, Mine promotes the concept of data ownership as a fundamental human right, ensuring that individuals can manage their personal information effectively.

Prove is a technology company that specializes in smartphone-based identity verification solutions, focusing on mobile authentication to protect against identity theft and social engineering attacks. Its offerings include phone-centric and API marketplace solutions that streamline the customer acquisition process, enhance engagement, and improve both security and consumer privacy. By leveraging instant mobile authentication, Prove helps its clients reduce friction in user interactions while simultaneously minimizing the risk of fraud. The company serves a diverse range of industries, including financial services, healthcare, insurance, technology, and retail. Founded in 2008 and headquartered in New York, Prove also has additional locations in Denver and London, demonstrating its international presence in the identity verification market.

RiskIQ, Inc. is a cybersecurity company that specializes in developing cloud-based Software-as-a-Service solutions aimed at helping organizations detect and respond to various online security threats, including phishing, fraud, and malware. Its flagship product, RiskIQ Illuminate, allows organizations to map and monitor their digital attack surface, facilitating the understanding and mitigation of vulnerabilities. Additional offerings include RiskIQ PassiveTotal, which connects internal data to external threat indicators, and RiskIQ Digital Footprint, designed to visualize and protect the attack surface. The company also provides RiskIQ Executive Guardian, which tracks potential threats to company executives, and RiskIQ SIS, a data set that identifies cyber threats. RiskIQ’s products support a range of applications, including compliance, incident response, and brand protection, serving diverse industries such as finance, healthcare, and technology. Founded in 2003 and headquartered in San Francisco, California, RiskIQ also has offices in Lenexa, Kansas, and London, United Kingdom.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Digital Guardian is a data security solutions provider founded in 2003 and headquartered in Waltham, Massachusetts. The company specializes in protecting data from both insider and outsider threats through its comprehensive Data Protection Platform. This platform operates across corporate networks, traditional endpoints, and cloud applications, utilizing big data security analytics to detect and block threats to sensitive information. Digital Guardian offers solutions for data loss prevention, regulated data management, and various other data protection needs, including application control, device control, encryption, email control, malware protection, and more. The company serves multiple sectors such as energy, financial services, government, manufacturing, healthcare, life sciences, and technology. Its solutions can be deployed on-premises, as a managed service, or in a hybrid model. Digital Guardian also provides professional services for threat protection implementation and training.

Prove is a technology company that specializes in smartphone-based identity verification solutions, focusing on mobile authentication to protect against identity theft and social engineering attacks. Its offerings include phone-centric and API marketplace solutions that streamline the customer acquisition process, enhance engagement, and improve both security and consumer privacy. By leveraging instant mobile authentication, Prove helps its clients reduce friction in user interactions while simultaneously minimizing the risk of fraud. The company serves a diverse range of industries, including financial services, healthcare, insurance, technology, and retail. Founded in 2008 and headquartered in New York, Prove also has additional locations in Denver and London, demonstrating its international presence in the identity verification market.

RiskLens, Inc. is a provider of cyber risk management software based in Spokane, Washington. Founded in 2011, the company offers a suite of applications designed to help organizations quantify and manage their cyber risk from a business perspective. Its key products include Cyber Risk Maturity, which assesses an organization's risk management capabilities and compliance; Cyber Risk Triage, a tool for rapid risk assessment; Cyber Risk Third-Party, which evaluates the risk management practices of external partners; and Cyber Risk Quantification, a decision-support application that calculates financial exposure to cybersecurity events. Additionally, RiskLens provides professional services, training, and certification to support its clients. The company's solutions are aimed at various sectors, including financial services, government, healthcare, education, and technology, empowering executives and risk officers to make informed cybersecurity investment decisions and manage their cyber risk effectively.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Solebit is a cybersecurity company that specializes in the identification and prevention of zero-day malware and unknown threats. Its flagship product, SoleGATE, is a cutting-edge software platform that utilizes a patented, real-time engine known as DvC™ (data vs. code). This innovative approach enables Solebit to detect and neutralize malicious code without relying on traditional methods such as sandboxing, signatures, or behavioral analysis, which are often slow and ineffective. Instead, DvC identifies threats by analyzing data files for any suspicious executable code, effectively blocking a wide range of malicious content, including encrypted and polymorphic payloads. Founded in 2014 by cybersecurity experts from elite technology units of the Israel Defense Forces, Solebit serves a diverse clientele, including leading financial organizations, technology firms, defense contractors, security vendors, and cloud service providers. By offering a proactive solution that operates on various platforms—whether on-premise or in the cloud—Solebit empowers organizations to safeguard their networks against potential threats before they can cause harm.

Prove is a technology company that specializes in smartphone-based identity verification solutions, focusing on mobile authentication to protect against identity theft and social engineering attacks. Its offerings include phone-centric and API marketplace solutions that streamline the customer acquisition process, enhance engagement, and improve both security and consumer privacy. By leveraging instant mobile authentication, Prove helps its clients reduce friction in user interactions while simultaneously minimizing the risk of fraud. The company serves a diverse range of industries, including financial services, healthcare, insurance, technology, and retail. Founded in 2008 and headquartered in New York, Prove also has additional locations in Denver and London, demonstrating its international presence in the identity verification market.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

RiskIQ, Inc. is a cybersecurity company that specializes in developing cloud-based Software-as-a-Service solutions aimed at helping organizations detect and respond to various online security threats, including phishing, fraud, and malware. Its flagship product, RiskIQ Illuminate, allows organizations to map and monitor their digital attack surface, facilitating the understanding and mitigation of vulnerabilities. Additional offerings include RiskIQ PassiveTotal, which connects internal data to external threat indicators, and RiskIQ Digital Footprint, designed to visualize and protect the attack surface. The company also provides RiskIQ Executive Guardian, which tracks potential threats to company executives, and RiskIQ SIS, a data set that identifies cyber threats. RiskIQ’s products support a range of applications, including compliance, incident response, and brand protection, serving diverse industries such as finance, healthcare, and technology. Founded in 2003 and headquartered in San Francisco, California, RiskIQ also has offices in Lenexa, Kansas, and London, United Kingdom.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Pwnie Express is a company specializing in IoT security, focused on closing the security gaps created by the deployment of Internet of Things devices in enterprises. Founded by industry veterans in 2009, it offers a platform that provides comprehensive threat detection for all wired and wireless devices within and around the workplace. The company is unique in its ability to identify rogue, misconfigured, and unauthorized devices across various spectrums, thereby helping businesses prevent potential IoT threats that could disrupt operations. Pwnie Express emphasizes the importance of security assessment and simplifies the process of identifying vulnerabilities through its automated solutions and award-winning sensors, enabling security teams to obtain timely and effective insights into their networks.

Digital Guardian is a data security solutions provider founded in 2003 and headquartered in Waltham, Massachusetts. The company specializes in protecting data from both insider and outsider threats through its comprehensive Data Protection Platform. This platform operates across corporate networks, traditional endpoints, and cloud applications, utilizing big data security analytics to detect and block threats to sensitive information. Digital Guardian offers solutions for data loss prevention, regulated data management, and various other data protection needs, including application control, device control, encryption, email control, malware protection, and more. The company serves multiple sectors such as energy, financial services, government, manufacturing, healthcare, life sciences, and technology. Its solutions can be deployed on-premises, as a managed service, or in a hybrid model. Digital Guardian also provides professional services for threat protection implementation and training.

Recorded Future, Inc. is a threat intelligence company that provides real-time solutions to enhance cybersecurity for organizations. Founded in 2009 and headquartered in Somerville, Massachusetts, with additional offices in McLean, Virginia, and Gothenburg, Sweden, the company leverages patented machine learning technology to analyze data from the open web, dark web, and technical sources. This enables organizations to gain comprehensive insights into potential threats and vulnerabilities, facilitating swift and informed decision-making. Its offerings include tools for threat intelligence teams and security operation center (SOC) teams, as well as specialized services like dark web monitoring, executive cyber protection, and custom intelligence assessments. Additionally, Recorded Future provides integration services that streamline workflows and enhance operational capabilities through real-time alerts and monitoring dashboards. The company’s platform empowers users to respond to security threats more effectively, thereby reducing risks associated with cyberattacks.

CloudSEK is a cybersecurity company that specializes in providing predictive solutions to help businesses safeguard against digital threats. The company's platform integrates cyber crime monitoring, brand monitoring, attack surface monitoring, and supply chain intelligence into a single unified dashboard. This allows clients to visualize and triage digital risks effectively. Utilizing artificial intelligence, CloudSEK's tools assist in identifying, assessing, and mitigating various threats, including phishing attacks, data breaches, and supply chain vulnerabilities. Additionally, the platform offers workflows and integrations to support the management and remediation of identified threats, enabling organizations to maintain a robust security posture in real time and prevent significant financial losses.