Silicon Valley CISO Investments

Knostic is a developer of a risk management and governance platform specifically designed for enterprise large language models (LLMs). The company's software addresses the challenges associated with LLMs, particularly in managing their tendencies to generate excessive or inappropriate responses. Knostic provides essential access controls that enable enterprises to deploy LLMs effectively while ensuring security, safety, and the preservation of value. Through its knowledge-centric capabilities, Knostic facilitates AI-powered innovation, allowing organizations to harness the potential of LLMs in a responsible and efficient manner.

Token Security is a technology company that specializes in machine-first identity security for cloud resources. It addresses the challenge of securing organizations' critical assets in an environment dominated by machines, apps, and services. The company's platform integrates with various systems, such as identity providers, source code repositories, and secrets managers, to understand and control machine identity exposure, thereby enhancing cloud security without hindering developer workflows.

Tines Security Services Ltd. is a cyber security automation company based in Dublin, Ireland, founded in 2018. It specializes in a no-code workflow automation platform designed specifically for security teams, enabling them to construct, execute, and monitor workflows with ease. The platform features a Story Library that includes pre-built templates and customizable workflows, allowing users to integrate their existing software applications without the need for additional integrations, apps, or custom coding. Tines also offers a free Community Edition for users to explore its functionalities. Through its cloud-based and on-premise solutions, the company aims to streamline remediation processes and enhance operational efficiency for businesses of all sizes.

Gem Security is a company focused on enhancing cloud security for businesses. Its cloud-based platform offers a centralized solution designed to address cloud-native threats, facilitating incident readiness, real-time threat detection, investigation, and response. By automating cloud security processes and incorporating behavioral analytics from an attacker's perspective, Gem Security empowers organizations to strengthen their existing security workflows. The company aims to prevent potential cloud threats before they escalate into significant incidents, supporting the evolution of security operations in the cloud era.

Gem Security is a company focused on enhancing cloud security for businesses. Its cloud-based platform offers a centralized solution designed to address cloud-native threats, facilitating incident readiness, real-time threat detection, investigation, and response. By automating cloud security processes and incorporating behavioral analytics from an attacker's perspective, Gem Security empowers organizations to strengthen their existing security workflows. The company aims to prevent potential cloud threats before they escalate into significant incidents, supporting the evolution of security operations in the cloud era.

Descope is a technology company specializing in secure customer identity solutions for software developers. It provides an authentication platform designed to enhance application security while minimizing user friction. Descope's platform enables developers to implement passwordless authentication and user management with minimal coding effort, thereby transforming customer identity into a business advantage.

Drata is a Trust Management Platform based in San Diego, California, founded in 2020 by Adam Markowitz, Daniel Marashlian, and Troy Markowitz. The company specializes in security compliance automation, assisting organizations in achieving and maintaining compliance with various standards such as SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, CCPA, CMMC, and NIST CSF. Drata's platform offers continuous, automated monitoring and evidence collection, significantly reducing the time and costs associated with annual audits. By providing actionable insights, reports, alerts, and seamless SaaS integrations, Drata enables enterprises to build trust with their users and partners while facilitating secure business growth.

Endor Labs specializes in enhancing application security with a focus on managing open-source software dependencies. The company aids developers in integrating safe Open Source Software (OSS) to expedite development processes while minimizing time spent on security issues. Its Dependency Lifecycle Management Platform targets the vulnerabilities in software supply chain security caused by ungoverned use of open-source software within enterprises.

Wing Security is a leader in SaaS security, dedicated to providing organizations with robust and consistent protection without the need for multiple vendors. Founded by a former Chief Information Security Officer and Head of Cyber Defense for the Israeli Defense Forces, the company focuses on delivering automated, self-service security tools for SaaS applications. Its security management platform continuously discovers, classifies, and controls all SaaS applications, automatically shutting down risky app-to-app connections. This enables businesses to effectively restrict and govern file sharing and data collaborations with external entities, promoting a secure software application environment.

Incode Technologies Inc. is a digital identity company based in San Francisco, California, with additional offices in Europe and Latin America. Founded in 2015, Incode specializes in developing biometric identity solutions that enhance customer experiences across various industries, including banking, payment, hospitality, and retail. The company's flagship product, Incode Omni, is an omnichannel platform that utilizes artificial intelligence to provide secure and efficient identity verification services. Key offerings include Incode Hello, a chat and video conferencing tool; Incode Welcome, which facilitates account or credit card applications; Incode Facepay, a transaction verification system utilizing facial recognition; and Incode Talk, which provides face authentication for applications. Recognized as a leader in enterprise-grade facial recognition, Incode's products are trusted by major banks, financial institutions, governments, and retailers to deliver both convenience and security to end-users.

Lucidum, Inc. is an asset discovery company based in San Jose, California, established in 2019. The firm operates an online platform that addresses blind spots in cloud, security, and IT operations, allowing clients to gain comprehensive visibility into their assets. Utilizing patent-pending machine learning technology, Lucidum's platform analyzes existing data to identify both known and previously unknown assets, including computers, mobile devices, cloud environments, IoT devices, and microservices. This capability is crucial for organizations, particularly Fortune 500 companies, as it enhances their ability to secure, manage, and transform their enterprise effectively.

Tromzo is a developer-first application security management platform designed to streamline the integration of security practices within software development processes. By centralizing application security activities, Tromzo effectively removes barriers between developers and security teams, facilitating a more collaborative approach to security. The platform enables organizations to automate and scale their application security efforts throughout the software development lifecycle, making security more accessible and manageable for developers. This innovative solution aims to enhance the overall security posture of modern software applications while aligning security practices with development workflows.

Drata is a Trust Management Platform based in San Diego, California, founded in 2020 by Adam Markowitz, Daniel Marashlian, and Troy Markowitz. The company specializes in security compliance automation, assisting organizations in achieving and maintaining compliance with various standards such as SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, CCPA, CMMC, and NIST CSF. Drata's platform offers continuous, automated monitoring and evidence collection, significantly reducing the time and costs associated with annual audits. By providing actionable insights, reports, alerts, and seamless SaaS integrations, Drata enables enterprises to build trust with their users and partners while facilitating secure business growth.

Cyral, Inc. is a cybersecurity company based in Redwood City, California, that specializes in cloud security solutions for data layer protection. Founded in 2018, Cyral offers a cloud-native service designed to monitor and enforce policies across various data endpoints utilized by services, applications, and users. Its platform provides organizations with enhanced visibility into data access, safeguards against data exfiltration, and establishes a unified privilege management layer, all without disrupting existing workflows or sacrificing agility. Cyral’s solution addresses a wide range of security threats, including database password spraying and SQL injection attacks, while ensuring compliance and facilitating efficient audits. By leveraging features such as Identity Federation and Zero Trust, Cyral enables businesses to manage data access securely across multiple repositories, identify users behind shared credentials, and enforce data segmentation to mitigate risks associated with logic and configuration errors. The platform ensures real-time monitoring of data activities, allowing organizations to respond swiftly to potential security incidents.

Tines Security Services Ltd. is a cyber security automation company based in Dublin, Ireland, founded in 2018. It specializes in a no-code workflow automation platform designed specifically for security teams, enabling them to construct, execute, and monitor workflows with ease. The platform features a Story Library that includes pre-built templates and customizable workflows, allowing users to integrate their existing software applications without the need for additional integrations, apps, or custom coding. Tines also offers a free Community Edition for users to explore its functionalities. Through its cloud-based and on-premise solutions, the company aims to streamline remediation processes and enhance operational efficiency for businesses of all sizes.

Orca Security is a company that specializes in cloud-native security solutions. Founded in 2019 with headquarters in Tel Aviv, Israel, Orca Security offers a platform that secures both cloud-native applications and legacy systems migrated to the cloud without requiring agents. The platform integrates into the cloud infrastructure layer to assess the security state of all discovered assets, including the cloud control plane, operating system, applications, and business data. It provides visibility into compromised resources, vulnerable software, and misconfigurations using read-only access, ensuring no impact on performance or availability. This approach allows IT security teams to avoid agent deployment and network scanning, streamlining the process of maintaining cloud security and compliance across various platforms such as AWS, Azure, Google Cloud Platform, and Oracle Cloud.

Wing Security is a leader in SaaS security, dedicated to providing organizations with robust and consistent protection without the need for multiple vendors. Founded by a former Chief Information Security Officer and Head of Cyber Defense for the Israeli Defense Forces, the company focuses on delivering automated, self-service security tools for SaaS applications. Its security management platform continuously discovers, classifies, and controls all SaaS applications, automatically shutting down risky app-to-app connections. This enables businesses to effectively restrict and govern file sharing and data collaborations with external entities, promoting a secure software application environment.

Tonic.ai is a synthetic data platform that creates mock data while maintaining the essential characteristics of secure datasets, including structure, distributions, interdependencies, and statistical correlations. Founded in 2018 and headquartered in San Francisco, California, with an additional office in Atlanta, Georgia, Tonic.ai enables software engineers, business analysts, and salespeople to access usable data without compromising privacy or breaching compliance with organizational policies. The platform transforms raw data into manageable, private datasets, facilitating analytics and software development while ensuring data security through features such as auditing capabilities and human-readable fingerprints. By providing a means to work with data safely, Tonic.ai helps its users unlock insights and drive innovation without risking customer trust.

Orca Security is a company that specializes in cloud-native security solutions. Founded in 2019 with headquarters in Tel Aviv, Israel, Orca Security offers a platform that secures both cloud-native applications and legacy systems migrated to the cloud without requiring agents. The platform integrates into the cloud infrastructure layer to assess the security state of all discovered assets, including the cloud control plane, operating system, applications, and business data. It provides visibility into compromised resources, vulnerable software, and misconfigurations using read-only access, ensuring no impact on performance or availability. This approach allows IT security teams to avoid agent deployment and network scanning, streamlining the process of maintaining cloud security and compliance across various platforms such as AWS, Azure, Google Cloud Platform, and Oracle Cloud.

Lucidum, Inc. is an asset discovery company based in San Jose, California, established in 2019. The firm operates an online platform that addresses blind spots in cloud, security, and IT operations, allowing clients to gain comprehensive visibility into their assets. Utilizing patent-pending machine learning technology, Lucidum's platform analyzes existing data to identify both known and previously unknown assets, including computers, mobile devices, cloud environments, IoT devices, and microservices. This capability is crucial for organizations, particularly Fortune 500 companies, as it enhances their ability to secure, manage, and transform their enterprise effectively.

Orca Security is a company that specializes in cloud-native security solutions. Founded in 2019 with headquarters in Tel Aviv, Israel, Orca Security offers a platform that secures both cloud-native applications and legacy systems migrated to the cloud without requiring agents. The platform integrates into the cloud infrastructure layer to assess the security state of all discovered assets, including the cloud control plane, operating system, applications, and business data. It provides visibility into compromised resources, vulnerable software, and misconfigurations using read-only access, ensuring no impact on performance or availability. This approach allows IT security teams to avoid agent deployment and network scanning, streamlining the process of maintaining cloud security and compliance across various platforms such as AWS, Azure, Google Cloud Platform, and Oracle Cloud.

Cyral, Inc. is a cybersecurity company based in Redwood City, California, that specializes in cloud security solutions for data layer protection. Founded in 2018, Cyral offers a cloud-native service designed to monitor and enforce policies across various data endpoints utilized by services, applications, and users. Its platform provides organizations with enhanced visibility into data access, safeguards against data exfiltration, and establishes a unified privilege management layer, all without disrupting existing workflows or sacrificing agility. Cyral’s solution addresses a wide range of security threats, including database password spraying and SQL injection attacks, while ensuring compliance and facilitating efficient audits. By leveraging features such as Identity Federation and Zero Trust, Cyral enables businesses to manage data access securely across multiple repositories, identify users behind shared credentials, and enforce data segmentation to mitigate risks associated with logic and configuration errors. The platform ensures real-time monitoring of data activities, allowing organizations to respond swiftly to potential security incidents.