Our Investments
Since 2008, we’ve invested across multiple industry verticals through four funds.
Featured Securetech Investments
Accuknox
Alfahive
AuthNull
Bricklayer AI
Cylera
Daxa
Cupertino, CA
AccuKnox is a Zero Trust Cloud Native Application Protection Platform (CNAPP). Developed in partnership with Stanford Research Institute, AccuKnox is built to scale runtime protection for complex cloud native applications that are rapidly developed, deployed, and iterated. It combines CSPM, KSPM, CWPP features into a comprehensive CNAPP, integrates with leading DevOps & security tools, and supports all cloud environments. AccuKnox’s, KubeArmor is an open source CNCF project with 200K+ users.
AiStrike
Dublin, CA
AiStrike addresses cloud investigation and response through automation and AI. It alleviates alert fatigue for cloud security operations by cutting Cloud/CNAPP alert volumes by 85%, automatically enriching and prioritizing alerts for faster MTTR and better decision-making. With AiStrike, you get real-time alert triage, guided investigation, and automated response—all within a single intuitive platform.
South Plainfield, NJ
Alfahive transforms the way businesses analyze risk and build cyber resilience. Alfahive’s RiskNest security performance automation platform models the financial impact of cyber risks across your business functions and provides a roadmap of security controls to reduce risk. We enable CISOs to collaborate with the board, make data-driven investment decisions and manage security risk performance on an ongoing basis. RiskNest includes continuously researched cyber risk scenarios and machine learning techniques to help you save months of consulting effort.
Sacramento, CA
AuthNull provides a modern privileged access management (PAM) platform. It uses risk-based MFA to prevent unauthorized access to critical infrastructure resources. This is done using passwordless, vaultless strategies, which reduce both costs and complexity, addressing significant enterprise challenges for securing and managing large-scale infrastructure. AuthNull's features include machine-to-machine authentication and an AI security co-pilot designed to replace IT help desk support. AuthNull was conceptualized and is being implemented in stages at a Fortune 50 company.
Nirmata is a Kubernetes policy and governance solution. Nirmata’s game-changing Policy and Governance platform, powered by the popular open source policy engine Kyverno, leverages the power of policy-as-code to tackle risk early in the delivery cycle. With Nirmata, platform teams seamlessly create, manage, and enforce policies, ensuring unrivaled security, operational excellence, and compliance throughout the entire software supply chain.
TestifySec
Arlington, VA
Bricklayer AI is the first multi-agent LLM-based AI solution that brings autonomous AI specialists and human experts into a single collaborative and effective security team. Our automated AI Security Analyst, Threat Intelligence Analyst, and Incident Responder autonomously handle complex incidents with minimal human oversight. They learn continuously, collaborate seamlessly, and enable human teams to build a stronger defense.
New York, NY
Cylera uses machine learning-powered solutions to defend medical devices from cyber attacks, including zero day exploits, data breaches, and ransomware.
Oort
Palo Alto, CA
Daxa provides a multi-cloud data security platform that empowers security teams to intuitively discover high-risk data and proactively prioritize its protection. The agentless offering enables companies to continuously and collaboratively de-risk their crown jewels against increasingly sophisticated threats, including indirect and internal attacks.
Formotiv
Lineaje
Philadelphia, PA
Formotiv provides real-time predictive behavioral analytics of end-user intent detecting fraudulent data entry or manipulation and determining true user motives. Already trusted by banks, insurance companies, and other financial institutions, Formotiv uses machine learning to understand how users behave in both web-based and mobile apps.
Saratoga, CA
Lineaje is a software supply chain security company. The most damaging attacks in cybersecurity in recent years have featured software supply chain compromises where existing security controls and cloud security products had failed to detect them. From SolarWinds to Kaseya to open-source software (OSS) compromises, these attacks put software & digital brands and their customers at risk. Lineage addresses this unsolved problem by attesting software bill of materials (SBOM) integrity and detecting threats throughout the software supply chain.
Nirmata
San Jose, CA
Oort is an identity threat detection and response platform. Oort automatically identifies vulnerable user accounts and triggers alerts related to behavioral anomalies, best practices, or policies not being followed. Oort also identifies inactive, overactive, overprivileged, or unusual behavior to reduce the identity attack surface and prevent account takeover before it happens.
Opscura
RaySecur
Swif
Boston, MA
Palo Alto, CA
Opscura prevents industrial cyber attacks with a patented zero trust security overlay on the infrastructure. As of 2022, 34% of industrial control systems (ICSs) suffered at least one attack and 40% of these facilities experienced an attempted shutdown. Opscura protects industrial system downtime due to cyberattacks without modifying the current network nor demanding team resources.
Westwood, MA
San Jose, CA
RaySecur is a first-line package-scanning and defense solution that detects and confirms the presence of suspicious powders and liquids in extremely small quantities using advanced millimeter wave technology. Compared to X-rays, this technology requires little training, emits no radiation, is more effective, and far lower cost. Four of the five most valuable companies in the world are protected by RaySecur.
Spec
Spec provides a no-code identity abuse & fraud prevention platform. Today, Fintechs and eCommerce providers are under constant pressure from automated attacks and onerous regulatory requirements, which limits their ability to focus engineering efforts on business needs. Spec addresses this challenge with a cloud-native solution at the edge that can be commissioned in minuteas and managed by fraud investigation teams without any code modifications.
Santa Clara, CA
Swif.ai is an AI-powered tool to supercharge your device's security and compliance. Swif was designed from scratch to support hybrid device management on Mac, Windows, and Linux devices. We are the first company to merge device management, compliance automation, and AI to assist companies with their device security and compliance needs. Swif provides a one-click checklist to secure your device for compliance requirements, like automatically deploying policies, malware protection, and password management in one. Swif.ai is being used by over 100 organizations of various sizes.
Huntsville, AL
TestifySec is software supply chain attestation solution. Ensuring the integrity of software artifacts and the software development process is a significant challenge for organizations, as they face sophisticated attacks across the supply chain. This requires visibility, auditability, and integrations throughout the various stages that a software artifact passes through during development and deployment. TestifySec is the first solution to utilize the CNCF accepted in-toto framework to automatically document and validate each step of the software development process, from the initial commit to production deployment. TestifySec provides policy-based cryptographic attestations as well as automation and AI features, which simplify security, compliance, and user onboarding.
Tidal Cyber
Washington, DC
Beaverton, OR
UpSight is an anti-ransomware solution that provides instant response on endpoints. It employs a transformative approach to predict, interdict, and evict malware at the point of initial access. Unlike traditional EDRs that analyze events in batches—creating a vulnerability window for zero-day threats—UpSight uses highly specialized Small Language Models (SLMs) that act on the endpoint in real-time, preventing attacks before malware can even deploy payloads. It maps threats to MITRE ATT&CK, analyzing behaviors like a language to predict attacks accurately. Moreover, UpSight requires no configuration; it automatically evicts malware, reversing attacker persistence—in contrast with EDRs, which require expert fine-tuning and manual cleanup after attacks.
Tidal Cyber is a threat-informed defense platform. Despite a multitude of cybersecurity products, security analysts spend considerable time analyzing new threats to answer basic questions, "Should we care?" and "Are we protected?". By leveraging The MITRE ATT&CK framework to map adversary tactics, techniques and procedures (TTPs) to the enterprise's cyber defenses, Tidal empowers analysts to efficiently assess, organize and optimize their cyber defenses based on a deep understanding of the threats and adversaries that are most relevant to them.