Insight Partners

Cynomi is a London-based company founded in 2021 that specializes in providing scalable virtual Chief Information Security Officer (vCISO) services through its AI-powered platform. The platform enables managed security service providers (MSSPs) and consulting firms to deliver comprehensive vCISO services without the need to expand their current resources. Cynomi's multi-tenant architecture automates the generation of essential vCISO deliverables, including risk and compliance assessments, customized security policies, actionable remediation plans, and task management tools. It conducts a thorough analysis of a company's cybersecurity posture, producing detailed and prioritized remediation strategies that are continuously updated. This approach facilitates optimal security and regulatory compliance for organizations, ensuring they remain protected in an evolving cyber landscape.

Zest AI, Inc. is a technology company based in Burbank, California, that specializes in artificial intelligence solutions for credit underwriting. Founded in 2009 and formerly known as ZestFinance, the company has developed a platform that utilizes advanced machine learning techniques to enhance credit decision-making processes. Zest AI's Model Management System allows lenders to analyze extensive credit data, increasing approval rates while mitigating the risks associated with credit decisions. The platform also emphasizes transparency and compliance, enabling lenders to understand and explain their data modeling results effectively. Through its innovative technology, Zest AI aims to make credit more accessible and fair, helping lenders improve their decision-making and ultimately provide better loan options to a wider array of consumers. The company has a strategic partnership with Microsoft, which supports its mission to expand the availability of credit.

Detectify is a Stockholm-based software company that offers a Software-as-a-Service website security scanner and a surface monitoring and application scanning platform. The service analyzes the security status of websites and provides reports on identified vulnerabilities. It combines automated testing with crowdsourced input from a global community of ethical hackers to perform continuous payload-based tests across exposed assets, delivering evolving coverage as the attack surface changes. The platform helps businesses identify critical security weaknesses before they are exploited, supporting proactive risk management.

Abnormal Security Corporation is a San Francisco-based company that specializes in cloud-based email security solutions for Microsoft Office 365 and G Suite. Founded in 2018, the company provides a comprehensive platform designed to protect enterprises from targeted email attacks. Utilizing a data science approach, Abnormal Security offers features such as inbound email protection, detection of email account compromises, and response capabilities. Its technology includes Abnormal Behavior Technology, which models identities of both employees and external senders, profiles relationships, and analyzes email content to prevent threats like credential phishing, internal phishing, employee impersonation, and invoice fraud. The company primarily serves industries including financial services, healthcare, and oil, gas, and utilities, aiming to mitigate risks related to account takeovers and financial losses.

Silk Security is a developer of a security platform focused on managing and remediating security findings for businesses. The platform facilitates a collaborative approach for operations and security stakeholders, allowing them to align the risks associated with security findings and remediation efforts. By incorporating AI technology, it automates the prioritization and contextualization of data from various detection systems, enhancing the enterprise's security posture. Silk Security's solution centralizes visibility and auditability regarding the status of resolutions, enabling organizations to adopt a strategic and sustainable approach to address risks related to code, infrastructure, and applications.

Sylvera is a carbon data provider based in London, United Kingdom, established in 2020. The company specializes in developing machine learning-based tools to monitor the performance of carbon offset projects. These tools enable remote tracking of project performance at intervals of up to a week, facilitating the integration of carbon data into both internal and external reporting frameworks. By offering enhanced transparency around carbon offsets, Sylvera aims to assist businesses and governments in reducing reputational risks associated with carbon emissions, ultimately promoting real-world climate action.

Veriti is a developer of a unified security posture management platform that proactively monitors and remediates exposures across the entire security stack, from OS level upward, without disrupting business operations. The platform integrates with all security layers and continuously evaluates risk posture by analyzing configurations, logs, sensor telemetry, and threat intelligence, providing actionable remediation paths for security gaps and high‑risk vulnerabilities.

Zest AI, Inc. is a technology company based in Burbank, California, that specializes in artificial intelligence solutions for credit underwriting. Founded in 2009 and formerly known as ZestFinance, the company has developed a platform that utilizes advanced machine learning techniques to enhance credit decision-making processes. Zest AI's Model Management System allows lenders to analyze extensive credit data, increasing approval rates while mitigating the risks associated with credit decisions. The platform also emphasizes transparency and compliance, enabling lenders to understand and explain their data modeling results effectively. Through its innovative technology, Zest AI aims to make credit more accessible and fair, helping lenders improve their decision-making and ultimately provide better loan options to a wider array of consumers. The company has a strategic partnership with Microsoft, which supports its mission to expand the availability of credit.

Detectify is a Stockholm-based software company that offers a Software-as-a-Service website security scanner and a surface monitoring and application scanning platform. The service analyzes the security status of websites and provides reports on identified vulnerabilities. It combines automated testing with crowdsourced input from a global community of ethical hackers to perform continuous payload-based tests across exposed assets, delivering evolving coverage as the attack surface changes. The platform helps businesses identify critical security weaknesses before they are exploited, supporting proactive risk management.

Cyclops Security provides an AI-powered cybersecurity platform that strengthens an organization's defenses by collecting metadata from the security stack and applying business-contextual AI analytics to reveal how vulnerable assets impact the business. The platform builds a security-data fabric from diverse tools, enables security practitioners to gain contextual visibility on every entity, and prioritizes vulnerabilities to guide immediate remediation. By correlating data from multiple solutions and translating findings into actionable risk insights, Cyclops helps SecOps reduce mean time to detect and mean time to repair and focus on the highest-risk issues that matter most to the business.

Founded in 2020, SaaS Alerts is a cloud security company based in Wilmington, North Carolina. It specializes in protecting and monetizing customer Software as a Service (SaaS) applications for Managed Service Providers (MSPs). The company's software provides real-time security notifications, abnormal user behavior detection, and SaaS security assessments to help MSPs enhance their security management.

Fairmarkit is a Boston‑based company that offers a SaaS platform for tail spend management. The platform is ERP‑agnostic and automates procurement for small to medium purchases by using machine learning to analyze unstructured spend data. It provides automated request‑for‑quotation workflows, vendor recommendations, price benchmarking, trend analysis, and risk identification. By delivering these capabilities in a single, cloud‑based solution, Fairmarkit helps procurement and supply‑chain teams reduce manual effort, increase competitive bidding, and realize savings across their tail spend.

JIT is a company that provides security software aimed at empowering developers to take control of the security aspects of their applications. Its innovative platform facilitates the adoption of a minimal viable security approach, helping development organizations adopt a just-in-time mindset. By focusing on the essential security measures necessary for web and cloud applications, JIT enables developers to manage risk and compliance efficiently as they progress with their projects. This allows developers to maintain their pace while ensuring that security is integrated into the development process from the outset.

Middesk, Inc., founded in 2018 and based in San Francisco, California, is an identity platform that specializes in automating business verification and enhancing decision-making processes for organizations. The company's platform offers comprehensive data on various businesses, allowing service providers to monitor changes in their customer base and gain a clearer understanding of client needs. By centralizing the credentialing process, Middesk enables companies to effectively manage risk and compliance with minimal friction, thus streamlining onboarding and increasing operational efficiency. Through its services, Middesk supports businesses in establishing, operating, and maintaining compliance with contractual and regulatory requirements.

Semperis develops an identity‑focused cybersecurity platform that protects the integrity and availability of enterprise directory services. Its suite enables organizations to automatically restore an entire Active Directory forest, recover thousands of objects or individual attributes, and revert to a previous state after accidental or malicious changes. The platform also offers real‑time attribute search, comparison, and restoration, hybrid threat detection, incident response, disaster recovery, and tools for Active Directory migration and consolidation. Additional capabilities include security posture assessment and attack path discovery within an identity resilience framework. Founded in 2013–2014, the company is headquartered in Hoboken, New Jersey, with offices in New York and Ramat Gan, and serves Fortune 500, financial, healthcare, and government customers worldwide.

Abnormal Security Corporation is a San Francisco-based company that specializes in cloud-based email security solutions for Microsoft Office 365 and G Suite. Founded in 2018, the company provides a comprehensive platform designed to protect enterprises from targeted email attacks. Utilizing a data science approach, Abnormal Security offers features such as inbound email protection, detection of email account compromises, and response capabilities. Its technology includes Abnormal Behavior Technology, which models identities of both employees and external senders, profiles relationships, and analyzes email content to prevent threats like credential phishing, internal phishing, employee impersonation, and invoice fraud. The company primarily serves industries including financial services, healthcare, and oil, gas, and utilities, aiming to mitigate risks related to account takeovers and financial losses.

DoControl offers an automated platform for managing SaaS applications' data access. It monitors, orchestrates, and remediates security risks and prevents data exfiltration, reducing manual workloads for security teams.

Burns & Levinson was a full-service law firm founded in 1960 and based in Boston, Massachusetts, offering comprehensive legal services to regional, national, and international clients. The firm provided expertise across corporate and finance, venture capital and private equity, labor and employment, tax, bankruptcy, lending and leasing, real estate, intellectual property, environmental matters, design and construction, government investigations, and business litigation, with additional focus on sectors such as automotive, cannabis, media, energy, clean-tech, industrials, life sciences, and sports. In November 2024, Burns & Levinson ceased practicing law.

Sylvera is a carbon data provider based in London, United Kingdom, established in 2020. The company specializes in developing machine learning-based tools to monitor the performance of carbon offset projects. These tools enable remote tracking of project performance at intervals of up to a week, facilitating the integration of carbon data into both internal and external reporting frameworks. By offering enhanced transparency around carbon offsets, Sylvera aims to assist businesses and governments in reducing reputational risks associated with carbon emissions, ultimately promoting real-world climate action.

Pentera is a leading provider of Automated Security Validation solutions. It empowers organizations to test the integrity of their cybersecurity layers across the entire attack surface continuously. By simulating real-world attacks, Pentera identifies genuine security vulnerabilities and guides remediation efforts.

Cycode Ltd is a company based in Tel Aviv, Israel, that specializes in enterprise security through its innovative source code control, detection, and response platform. This platform employs a Source Path Intelligence engine to provide organizations with comprehensive visibility into their source code. It automatically detects and responds to anomalies related to access, movement, and usage of the code, thereby enhancing security. By utilizing Cycode's solution, organizations can significantly reduce the risk of source code loss while maintaining developer productivity and access. The platform is designed to ensure compliance and integrity in production systems, safeguarding against threats such as theft, leakage, and tampering of source code.

Laminar is a company that specializes in data leakage protection for cloud environments. Its Cloud Data Security Platform offers continuous discovery and classification of data, providing full visibility into data flows. This solution enables organizations to secure and control their data, improving their risk posture while allowing for real-time leak detection and remediation without disrupting data operations. Laminar's technology supports agentless and asynchronous monitoring of various data sources and egress channels, ensuring authorized data movements and alerting users to potential issues. Founded in 2020 by a team of experienced cybersecurity professionals, Laminar aims to help businesses adapt to cloud-native environments by enhancing data governance and privacy monitoring, ultimately allowing them to reduce their attack surface and regain control over their data.

Adaptive Shield develops a security posture management platform that empowers businesses to oversee their cloud services securely. Its automated solution offers continuous visibility and control over critical applications, along with a built-in knowledge base for implementing best practices.

DeepFactor is a cloud native application security platform that focuses on helping developers identify and address security vulnerabilities, supply chain risks, and compliance issues throughout the development process. The platform offers a comprehensive suite of tools, including artifact scanning and runtime visibility, which allows it to monitor applications without requiring any code changes. DeepFactor's technology integrates seamlessly with cloud native architectures to provide real-time telemetry and identify potential security risks. By delivering prioritized, contextual insights into security, performance, and application behavior, DeepFactor simplifies the operations of engineering teams. Its features support pre-production monitoring and runtime analysis, facilitating the integration of application security into the continuous integration and deployment pipeline, thereby promoting the adoption of DevSecOps practices within modern enterprises.

Brinqa is a developer of an attack surface intelligence platform that addresses the entire cyber risk lifecycle. It enables organizations to understand their attack surface, prioritize vulnerabilities, automate remediation processes, and maintain continuous monitoring of cyber hygiene across all security programs. By connecting relevant security and business data, Brinqa establishes a common data ontology that enhances decision-making in cybersecurity and informs risk management strategies. This unified platform allows clients to standardize data management and analysis, deliver actionable insights, and hold risk owners accountable for resolving critical issues. Through its comprehensive approach, Brinqa empowers organizations to effectively manage and track vulnerabilities, facilitating a more proactive and informed cybersecurity posture.

Cycode Ltd is a company based in Tel Aviv, Israel, that specializes in enterprise security through its innovative source code control, detection, and response platform. This platform employs a Source Path Intelligence engine to provide organizations with comprehensive visibility into their source code. It automatically detects and responds to anomalies related to access, movement, and usage of the code, thereby enhancing security. By utilizing Cycode's solution, organizations can significantly reduce the risk of source code loss while maintaining developer productivity and access. The platform is designed to ensure compliance and integrity in production systems, safeguarding against threats such as theft, leakage, and tampering of source code.

Armis offers an asset intelligence platform, designed to address the new threat landscape that connected devices create. It provides a cyber exposure management and security platform that protects the attack surface and manages the organization’s cyber risk exposure in real-time.

Groundspeed Analytics develops software that automates data processing in commercial insurance. Its platform uses machine learning to analyze documents like submissions, loss runs, and policy documents, empowering users to improve financial performance by identifying profitable risks.

Fairmarkit is a Boston‑based company that offers a SaaS platform for tail spend management. The platform is ERP‑agnostic and automates procurement for small to medium purchases by using machine learning to analyze unstructured spend data. It provides automated request‑for‑quotation workflows, vendor recommendations, price benchmarking, trend analysis, and risk identification. By delivering these capabilities in a single, cloud‑based solution, Fairmarkit helps procurement and supply‑chain teams reduce manual effort, increase competitive bidding, and realize savings across their tail spend.

Zest AI, Inc. is a technology company based in Burbank, California, that specializes in artificial intelligence solutions for credit underwriting. Founded in 2009 and formerly known as ZestFinance, the company has developed a platform that utilizes advanced machine learning techniques to enhance credit decision-making processes. Zest AI's Model Management System allows lenders to analyze extensive credit data, increasing approval rates while mitigating the risks associated with credit decisions. The platform also emphasizes transparency and compliance, enabling lenders to understand and explain their data modeling results effectively. Through its innovative technology, Zest AI aims to make credit more accessible and fair, helping lenders improve their decision-making and ultimately provide better loan options to a wider array of consumers. The company has a strategic partnership with Microsoft, which supports its mission to expand the availability of credit.

Pentera is a leading provider of Automated Security Validation solutions. It empowers organizations to test the integrity of their cybersecurity layers across the entire attack surface continuously. By simulating real-world attacks, Pentera identifies genuine security vulnerabilities and guides remediation efforts.

Semperis develops an identity‑focused cybersecurity platform that protects the integrity and availability of enterprise directory services. Its suite enables organizations to automatically restore an entire Active Directory forest, recover thousands of objects or individual attributes, and revert to a previous state after accidental or malicious changes. The platform also offers real‑time attribute search, comparison, and restoration, hybrid threat detection, incident response, disaster recovery, and tools for Active Directory migration and consolidation. Additional capabilities include security posture assessment and attack path discovery within an identity resilience framework. Founded in 2013–2014, the company is headquartered in Hoboken, New Jersey, with offices in New York and Ramat Gan, and serves Fortune 500, financial, healthcare, and government customers worldwide.

Armis offers an asset intelligence platform, designed to address the new threat landscape that connected devices create. It provides a cyber exposure management and security platform that protects the attack surface and manages the organization’s cyber risk exposure in real-time.

Detectify is a Stockholm-based software company that offers a Software-as-a-Service website security scanner and a surface monitoring and application scanning platform. The service analyzes the security status of websites and provides reports on identified vulnerabilities. It combines automated testing with crowdsourced input from a global community of ethical hackers to perform continuous payload-based tests across exposed assets, delivering evolving coverage as the attack surface changes. The platform helps businesses identify critical security weaknesses before they are exploited, supporting proactive risk management.

Fairmarkit is a Boston‑based company that offers a SaaS platform for tail spend management. The platform is ERP‑agnostic and automates procurement for small to medium purchases by using machine learning to analyze unstructured spend data. It provides automated request‑for‑quotation workflows, vendor recommendations, price benchmarking, trend analysis, and risk identification. By delivering these capabilities in a single, cloud‑based solution, Fairmarkit helps procurement and supply‑chain teams reduce manual effort, increase competitive bidding, and realize savings across their tail spend.

Prevalent specializes in third-party risk management software and services. It helps businesses assess, monitor, and mitigate risks associated with vendors throughout their lifecycle. The company's solutions include vendor risk assessment tools, policy management platforms, and compliance services tailored to clients' needs.

Armis offers an asset intelligence platform, designed to address the new threat landscape that connected devices create. It provides a cyber exposure management and security platform that protects the attack surface and manages the organization’s cyber risk exposure in real-time.

Featurespace is a technology company that develops Adaptive Behavioral Analytics and automated deep behavioral networks to prevent fraud and financial crime. Its ARIC platform provides real-time risk scoring and anomaly detection to monitor customer data across transactions and channels, automatically identifying risk, blocking new fraud attacks, and distinguishing genuine activity. The ARIC Risk Hub operates in real time and is used by more than 30 major global financial institutions to protect customers and revenue, spanning multiple countries. The company serves financial institutions and other sectors, including responsible gambling and churn protection, by analyzing streams of customer data to detect anomalies and prevent loss while minimizing disruption to legitimate customers.

Jama Software, Inc. is a developer of a requirements management platform that aids organizations in creating complex products and mission-critical software systems. Founded in 2006 and headquartered in Portland, Oregon, with an additional office in Haarlem, the Netherlands, Jama Software offers Jama Connect, a solution designed to streamline the product development lifecycle from idea to launch. The platform enables detailed impact assessments from a single source, enhancing collaboration and reducing errors associated with disparate data sources. It serves various industries, including aerospace and defense, automotive, consumer electronics, enterprise software and services, financial services and insurance, industrial technology, medical devices, and semiconductors. By managing both operational and strategic elements of product development, Jama Software helps organizations improve product quality, mitigate risks, and accelerate their time to market.

Detectify is a Stockholm-based software company that offers a Software-as-a-Service website security scanner and a surface monitoring and application scanning platform. The service analyzes the security status of websites and provides reports on identified vulnerabilities. It combines automated testing with crowdsourced input from a global community of ethical hackers to perform continuous payload-based tests across exposed assets, delivering evolving coverage as the attack surface changes. The platform helps businesses identify critical security weaknesses before they are exploited, supporting proactive risk management.

Prevalent specializes in third-party risk management software and services. It helps businesses assess, monitor, and mitigate risks associated with vendors throughout their lifecycle. The company's solutions include vendor risk assessment tools, policy management platforms, and compliance services tailored to clients' needs.

Diligent Corporation is a leading provider of secure corporate governance and collaboration software, specializing in its Diligent Boards application, which serves as a board portal for management, board members, and administrative staff. This platform facilitates the production, delivery, review, and voting on board materials in a secure environment. Diligent offers subscription-based access to its software, along with services that include data hosting and customer support. The company caters to a wide range of sectors, including banking, insurance, healthcare, and government, and boasts a client base of over 19,000 organizations, encompassing a significant portion of the Fortune 1000. Founded in 2007 and headquartered in New York, Diligent aims to enhance governance practices by providing leaders with the tools and insights necessary to make informed decisions. The company is recognized for its commitment to customer service and has built a substantial global network of corporate directors and executives.

Appriss Inc. is a provider of software-as-a-service (SaaS) solutions focused on public safety, risk management, compliance, and health information in the United States. The company offers a range of products, including MobilePatrol, which connects users with their communities, and JusticeXchange, designed for law enforcement to track wanted individuals and create photo lineups. Additionally, Appriss provides CrashLogic for crash report management, VINE for crime victim notifications, and the National Precursor Log Exchange for tracking sales of certain medications. Their solutions also include RiskCheckNow for fraud detection, TrueCompliance for identifying non-compliance, and PMP AWARE for monitoring prescription drug distribution. Furthermore, Appriss operates various portals for police crash reports and offers ProviderSafe for healthcare credentialing. Founded in 1994 and headquartered in Louisville, Kentucky, Appriss serves clients in sectors such as insurance, healthcare, retail, and government agencies. The company was previously known as Interactive Systems, L.L.C. before rebranding in 2000.

Mimecast is a software-as-a-service provider offering cloud-based email security, continuity, and information archiving to protect organizations from email-borne threats and data leaks. Its integrated cloud platform delivers email security to block malware, phishing, impersonation, and spam; cyber resilience extensions include enterprise information archiving for e-discovery and compliance, mailbox continuity to maintain email access during outages, and web security to block malicious or inappropriate sites. Additional services include secure messaging, privacy protection, and Large File Send to manage secure file transfers, plus a Threat Intelligence Dashboard that analyzes organizational cyber risk. The company supports customers globally via direct sales and channel partners and operates a global data center footprint. Founded in 2003 and headquartered in London, Mimecast serves thousands of companies worldwide, handling millions of emails and documents daily through its cloud architecture.

Paisley specializes in governance, risk, and compliance (GRC) solutions for enterprises, offering a comprehensive suite of software, training, and professional services. Its software portfolio includes products designed for financial controls management, internal audit, operational risk management, compliance, IT governance, and enterprise risk management. In addition to its software offerings, Paisley provides professional services that integrate methodology and technology, delivering a practical approach to GRC convergence. Through these solutions, the company aims to enhance organizational efficiency and ensure adherence to regulatory requirements.