Bright Pixel (formerly Sonae IM)

Picnic is a cybersecurity firm that proactively protects people and companies against the biggest threat vector in cyber today: attacks by social engineers. Social engineers are hackers who use public information about you, your family, and your company to craft attacks that include phishing scams, ransomware, impersonation, identity theft, malware, elder fraud, and many others. Picnic proactively finds and removes the information about businesses and people that can be harvested by social engineers. Our technology works automatically, seamlessly, and continuously to protect you, your organization, and also your family. We make you less visible and reduce your attack surface. This is next-generation security—security at the human level. Get in touch to learn more about how we preemptively safeguard enterprises and individual employees from social engineering attacks.

Sekoia.io is a developer of an advanced security operations center (SOC) platform that equips security teams with tools to effectively identify and respond to significant cyber threats across their entire attack surface. The platform integrates real-time detection and automation, allowing teams to manage the complexities and high volumes of security incidents while reducing false positives. By continuously analyzing emerging threats and implementing strategic responses, Sekoia.io enables organizations to enhance their security posture and respond to threats more swiftly and reliably than traditional security information and event management (SIEM) systems. This proactive approach ensures that clients remain informed and prepared against evolving cyber risks.

Trustero offers solutions for ensuring sustainable trustworthiness in emerging enterprises. Its Compliance as a Service (CaaS) uses AI and modern technologies to manage regulatory compliance through vulnerability assessments, risk analyses, and other measures. This provides clients with actionable insights into their compliance status across the extended enterprise.

Tamnoon provides a managed platform for enhancing cloud security. It simplifies detection and response to cloud security threats, improving overall cloud posture by addressing misconfigurations and vulnerabilities.

Founded in 2016, Vicarius develops a platform that proactively identifies, assesses, and mitigates software vulnerabilities. Its solution, vRx, combines discovery, prioritization, and mitigation to protect critical applications and assets against cyber threats.

Sekoia.io is a developer of an advanced security operations center (SOC) platform that equips security teams with tools to effectively identify and respond to significant cyber threats across their entire attack surface. The platform integrates real-time detection and automation, allowing teams to manage the complexities and high volumes of security incidents while reducing false positives. By continuously analyzing emerging threats and implementing strategic responses, Sekoia.io enables organizations to enhance their security posture and respond to threats more swiftly and reliably than traditional security information and event management (SIEM) systems. This proactive approach ensures that clients remain informed and prepared against evolving cyber risks.

Picnic is a cybersecurity firm that proactively protects people and companies against the biggest threat vector in cyber today: attacks by social engineers. Social engineers are hackers who use public information about you, your family, and your company to craft attacks that include phishing scams, ransomware, impersonation, identity theft, malware, elder fraud, and many others. Picnic proactively finds and removes the information about businesses and people that can be harvested by social engineers. Our technology works automatically, seamlessly, and continuously to protect you, your organization, and also your family. We make you less visible and reduce your attack surface. This is next-generation security—security at the human level. Get in touch to learn more about how we preemptively safeguard enterprises and individual employees from social engineering attacks.

IriusRisk is a Spain-based company specializing in threat modeling solutions for application security. Established in 2015 by Stephen de Vries and Cristina Bentue, the company focuses on integrating security measures into the software design and development process. Its automated platform conducts risk analysis and generates threat models during the design phase, offering actionable recommendations to address potential risks. This approach not only assists developers and security analysts in mitigating vulnerabilities but also enhances collaboration between security and development teams. IriusRisk's clientele includes notable enterprise clients, such as Fortune 500 banks and technology providers, highlighting its effectiveness in improving speed-to-market while avoiding costly security flaws.

Founded in 2018, Hackuity is a French cybersecurity company that specializes in vulnerability management. Its platform aggregates and normalizes security assessment data, enabling risk-driven remediation plans and aligning priorities with current threats.

Cybersixgill specializes in autonomous threat intelligence solutions aimed at enhancing cyber defense for organizations. The company provides a comprehensive Investigative Portal that offers covert access to threat intelligence sourced from the deep and dark web, delivering contextual and actionable insights for effective remediation. Its platform employs advanced algorithms to analyze threat actor behaviors and predict cybercrime, ensuring continuous monitoring and prioritized alerts. Additionally, Cybersixgill's Darkfeed™ feature enriches endpoint protection by proactively blocking malicious indicators of compromise, while the DVE Score™ offers critical insights into vulnerabilities, assessing the risk of exploitation based on threat actor intent. The company serves a diverse clientele, including global enterprises, financial services, managed security service providers, and governmental entities.

SafeBreach Inc. is a cybersecurity company that specializes in breach and attack simulation (BAS). Founded in 2014 and headquartered in Sunnyvale, California, with an additional office in Tel Aviv, Israel, SafeBreach offers a platform designed to enhance an organization's security posture by simulating real-world attack methods. The platform utilizes a comprehensive Hacker's Playbook, which includes a range of breach techniques derived from actual cyber incidents, to proactively identify vulnerabilities within an enterprise's network, cloud, and endpoints. By mimicking the tactics of cybercriminals, SafeBreach enables businesses to validate their security controls and improve the responsiveness of their security operations center (SOC) analysts. The platform can integrate with various security information and event management systems, ticketing solutions, and automation tools, providing continuous visibility into potential security threats and allowing organizations to address issues before they can be exploited by attackers.

Jscrambler specializes in enterprise-grade security solutions for web and hybrid mobile applications. Its core product, Code Integrity, employs polymorphic obfuscation and self-defensive capabilities to protect JavaScript code from reverse-engineering and tampering attempts, preventing intellectual property theft and data leakage. Additionally, Webpage Integrity offers real-time visibility of client-side attacks like Magecart web skimmers, enabling immediate response. Jscrambler's solutions are compliant with major tech frameworks and trusted by Fortune 500 companies.

Deepfence Inc is a cybersecurity company founded in 2016 and based in Milpitas, California. The company specializes in developing security software tailored for containerized applications, aiming to enhance cloud-native application security. Its innovative "Security as Microservice" solution fundamentally transforms the protection of cloud workloads and containers, addressing the unique challenges of modern application infrastructures. Deepfence's workload protection platform is designed to prevent cyberattacks by identifying subtle indicators of compromise and providing real-time defense against complex threats. This approach ensures comprehensive protection for businesses against both known and unknown vulnerabilities, thereby enhancing the overall security posture of their applications.

IriusRisk is a Spain-based company specializing in threat modeling solutions for application security. Established in 2015 by Stephen de Vries and Cristina Bentue, the company focuses on integrating security measures into the software design and development process. Its automated platform conducts risk analysis and generates threat models during the design phase, offering actionable recommendations to address potential risks. This approach not only assists developers and security analysts in mitigating vulnerabilities but also enhances collaboration between security and development teams. IriusRisk's clientele includes notable enterprise clients, such as Fortune 500 banks and technology providers, highlighting its effectiveness in improving speed-to-market while avoiding costly security flaws.

Probely offers an automated web vulnerability scanner for agile teams. It identifies security issues in web applications and APIs, providing guidance on remediation. Probely integrates into development processes and CI/CD pipelines to automate security testing.

Arctic Wolf Networks offers cloud-native security operations technology, providing Managed Detection and Response, Managed Risk, and Managed Cloud Monitoring services. Its team of concierge security engineers acts as an extension of clients' internal teams, offering tailored threat detection, response, and ongoing risk management to protect valuable business data.

Cybersixgill specializes in autonomous threat intelligence solutions aimed at enhancing cyber defense for organizations. The company provides a comprehensive Investigative Portal that offers covert access to threat intelligence sourced from the deep and dark web, delivering contextual and actionable insights for effective remediation. Its platform employs advanced algorithms to analyze threat actor behaviors and predict cybercrime, ensuring continuous monitoring and prioritized alerts. Additionally, Cybersixgill's Darkfeed™ feature enriches endpoint protection by proactively blocking malicious indicators of compromise, while the DVE Score™ offers critical insights into vulnerabilities, assessing the risk of exploitation based on threat actor intent. The company serves a diverse clientele, including global enterprises, financial services, managed security service providers, and governmental entities.

Fyde helps companies with an increasingly distributed workforce to mitigate breach risk by enabling secure access to critical enterprise resources for their employees, partners, contractors, and outsourcers. Fyde’s flagship enterprise product provides granular access controls for your enterprise apps and workloads, continuously monitors access requests, improves the security posture of endpoints and protects user identities against phishing and account takeover attacks.

Excellium Services specializes in proactive cybersecurity solutions. It combines Software as a Service (SaaS) models and cloud capabilities to provide real-time incident response, penetration testing, and security operations. The company helps businesses continuously monitor their infrastructure's exposure to vulnerabilities, aiming to enhance overall internet security.

Probely offers an automated web vulnerability scanner for agile teams. It identifies security issues in web applications and APIs, providing guidance on remediation. Probely integrates into development processes and CI/CD pipelines to automate security testing.

Arctic Wolf Networks offers cloud-native security operations technology, providing Managed Detection and Response, Managed Risk, and Managed Cloud Monitoring services. Its team of concierge security engineers acts as an extension of clients' internal teams, offering tailored threat detection, response, and ongoing risk management to protect valuable business data.

Beamy is a technology company that offers an application integration platform designed to streamline the management of software-as-a-service (SaaS) applications within large organizations. As businesses increasingly adopt a decentralized approach to digital transformation, they often encounter challenges with Shadow IT, where departments utilize software without informing IT teams. Beamy's platform automatically detects all SaaS applications in use, including those operating in the shadows, allowing organizations to effectively manage their entire SaaS stack. This capability helps mitigate GDPR risks, manage security breaches, and optimize expenses. Additionally, Beamy fosters improved communication between IT departments and business units by providing a collaborative platform where the latter can efficiently request the implementation of necessary tools while adhering to security standards and compliance policies. Overall, Beamy simplifies the selection and management of technology applications, offering visual representations of software usage, monitoring their impact against key performance indicators, and reducing the complexity of password management.

Reblaze Technologies Ltd. is a provider of cloud-based web security solutions, headquartered in St. Louis, Missouri, with additional offices in Sunnyvale, California, and Manchester, United Kingdom. The company specializes in securing websites, web applications, and APIs through its comprehensive platform, which includes a web application firewall, DDoS protection, bot mitigation, content delivery network, and traffic management services. By blocking hostile traffic in the cloud before it reaches protected networks, Reblaze ensures the safety of customers' data and web assets. The platform leverages machine learning for adaptive threat detection, utilizes dedicated Virtual Private Clouds for enhanced privacy, and features a user-friendly management console for real-time traffic control. Reblaze's infrastructure is designed for optimal performance and precise traffic regulation, providing organizations with a reliable defense against online threats.

Nextel S.A. is an information technology engineering and consulting company based in Zamudio, Spain, founded in 1988. The firm specializes in managing telecommunications and IT services, offering a wide range of solutions that include information security services, critical infrastructure protection, business continuity planning, and IT governance. Its portfolio features advanced services such as ethical hacking, cyber security, and compliance with various ISO standards. Additionally, Nextel S.A. provides innovative technologies like NextRisk, aimed at preventing and controlling labor, physical, and cyber risks, and CloudNSF, which facilitates the outsourcing of security management systems for public administrations. The company caters to a diverse clientele, including public administrations, private enterprises, financial institutions, and global operators, positioning itself as a key player in the IT and telecommunications sectors.

Jscrambler specializes in enterprise-grade security solutions for web and hybrid mobile applications. Its core product, Code Integrity, employs polymorphic obfuscation and self-defensive capabilities to protect JavaScript code from reverse-engineering and tampering attempts, preventing intellectual property theft and data leakage. Additionally, Webpage Integrity offers real-time visibility of client-side attacks like Magecart web skimmers, enabling immediate response. Jscrambler's solutions are compliant with major tech frameworks and trusted by Fortune 500 companies.

Arctic Wolf Networks offers cloud-native security operations technology, providing Managed Detection and Response, Managed Risk, and Managed Cloud Monitoring services. Its team of concierge security engineers acts as an extension of clients' internal teams, offering tailored threat detection, response, and ongoing risk management to protect valuable business data.

IriusRisk is a Spain-based company specializing in threat modeling solutions for application security. Established in 2015 by Stephen de Vries and Cristina Bentue, the company focuses on integrating security measures into the software design and development process. Its automated platform conducts risk analysis and generates threat models during the design phase, offering actionable recommendations to address potential risks. This approach not only assists developers and security analysts in mitigating vulnerabilities but also enhances collaboration between security and development teams. IriusRisk's clientele includes notable enterprise clients, such as Fortune 500 banks and technology providers, highlighting its effectiveness in improving speed-to-market while avoiding costly security flaws.

Secucloud is a global provider of high-availability cybersecurity solutions, specializing in a cloud-based security-as-a-service platform tailored for telecommunications providers and internet service providers (ISPs). Its flagship offering, the Elastic Cloud Security System (ECS2), delivers enterprise-level security to a diverse range of users, including mobile and landline consumers, small businesses, home offices, and small to medium-sized enterprises (SMEs). This scalable platform operates without the need for specialized hardware or proprietary appliances, accommodating over 100 million users and their connected devices. Secucloud's services effectively filter out threats such as trojans, spyware, and viruses, enabling individuals and businesses to securely navigate the complexities of modern cyber threats across all IP-based devices.

Probely offers an automated web vulnerability scanner for agile teams. It identifies security issues in web applications and APIs, providing guidance on remediation. Probely integrates into development processes and CI/CD pipelines to automate security testing.

Sysvalue is specialized in consulting, integration and security services. Focused on interactive business and Internet services, SysValue helps companies get more value from their systems and communications assets, while making them more secure.

S21sec is a cybersecurity company that specializes in providing comprehensive security solutions to various sectors, including government, energy, finance, and telecommunications. The company offers a range of services such as risk analysis, regulatory compliance, cloud security, threat hunting, and disaster response planning. Additionally, S21sec operates a 24-hour security intelligence center and has dedicated teams for CyberCrime and incident response, collaborating with law enforcement agencies like Europol and the FBI. With a strong client base that includes over 20% of the Dow Jones Eurostoxx 50 companies, S21sec is committed to helping organizations safeguard their critical infrastructures and protect personal data from cyber threats.