Black Hat 2023: Insights From Startup City

Black Hat's Startup City highlights top cybersecurity startups, offering exposure, feedback, and funding opportunities.

Analyzing the emerging cybersecurity vendors exhibiting at Black Hat is like tasseography or reading tea leaves, metaphorically speaking. Looking at the cybersecurity categories represented, promoted features, and the investments made in those categories may reveal the trajectory of the cybersecurity industry in 2024. Datos Insights’ tea leaves in this example are represented by the 87 vendors demonstrating their wares in Black Hat’s Startup City. 

Black Hat’s Startup City is a special event showcasing the industry’s self-avowed most innovative and promising cybersecurity startups. It includes an innovation competition with a video pitch element where the startups present their products and solutions to a live audience and a panel of judges at Black Hat USA. This year’s winners were: 

  • First place: Mobb, an automated vulnerability cleanup that reduces security backlogs and engineering resources 
  • Second place: Binarly, an automated supply chain security platform that identifies known and unknown firmware vulnerabilities 
  • Third place: Endor Labs, an open-source dependency life cycle management platform that secures and maintains software dependencies 
  • Fourth place: Gomboc AI, which solves cloud infrastructure security policy deviations with tailored remediations to the infrastructure as code while keeping functionality, architecture, performance, and resilience 

Startup City aims to provide a platform for startups to gain exposure, feedback, and potential funding from investors, customers, and partners. Vendors in Startup City are typically small pre-revenue companies, and this year was no different. Vendors exhibiting in Startup City collectively generate US$390 million annually, employ 3,050, and have received US$1.38 billion in venture capital investment.

Datos Insights classified Startup City vendors into 23 cybersecurity product categories.

The following is a summary of the top five categories:  

  • Security posture management: Posture management was part of 12% of Startup City vendor’s exhibits. Solutions ranged from application, threat, asset, Software-as-a-Service, and third-party posture management. Endor Labs and Enso Security focus on application posture, adding SBOM as a key element. Mondoo, Slim.AI, Sridatta, and VISO Trust covered cloud posture emphasizing container state and third parties. Interpres Security offered a new take by analyzing the dynamic relationship between defensive capabilities and adversarial threats. Noetic Cyber, ThreatKey, and Wizdome remained mainly focused on misconfigurations.
  • Identity and access management: While various solutions were designed to protect against identity-based attacks, vendors such as Aembit, Astrix Security, CyberFOX, and Fudo offered mostly conventional approaches. Hushmesh promoted a global unified identity mesh through personal namespaces; Entitle introduced JIT identity provisioning and remote access observability without device agents. Authomize demonstrated a solution that detects, investigates, and responds to identity and access threats within cloud services.
  • Threat detection and response: Crosswire, Cynamics, Flexxon Pte Ltd, Lightlytics, Lumu Technologies, Reco Labs, RevealSecurity, Skyhawk Security, and ThreatWarrior offered solutions that focused on detecting threats from the cloud, endpoints, identities, firmware, and networks. Infusing solutions with AI was omnipresent.
  • Software Supply Chain: Binarly, BlindSpot Security, Chainguard, Lineaje, OX Security, Phylum Inc., and SOOS offered solutions to secure the entire software supply chain from software developer attacks, distro errors and injections, continuous integration/continuous delivery pipeline integrity, and open-source code trust.
  • Security testing: A fine line exists between security testing solutions and security posture management. Vendors offered AI-power continuous penetration testing platforms, including HotWAN, Ridge Security, Sprocket, and Strike Security. Prelude Security offered a unique approach to testing by translating often obscure definitions of security into concrete questions by providing holistic internal intelligence. SnapAttack showed how their solution could test purple teams using a no-code way to search, write, validate, and deploy an attack across the entire technology estate. 

To read more about the 2023 Black Hat conference and exhibition, see my recent report, Black Hat 2023: Insights from Startup City. Contact me here to share your insights on innovative security solutions from an up-and-coming cybersecurity vendor.