RSAC 2026 Innovation Sandbox: Finalist Analysis
This page profiles and compares the ten finalists for RSAC 2026's Innovation Sandbox competition, scoring each across eight dimensions. The profiles were compiled on March 14, 2026 using AI tooling driven by Lenny Zeltser's security product strategy MCP server, based on publicly available information as of that date.
The analysis was performed by AI without direct human validation, to demonstrate the capabilities of AI agents guided by an expert framework. Outside this demo, a human analyst would conduct conversations with the AI agent to arrive at more accurate conclusions.
Cohort Overview
Seven of ten finalists build products that either secure AI systems, use AI as a core detection engine, or defend humans against AI-powered attacks. This is the most AI-concentrated cohort in the competition's history.
Predictions
Token Security (Score: 33/40)
Token Security sits at the intersection of two converging trends. Non-human identities are exploding across enterprises, and AI agents are accelerating the problem. CyberArk validated the market with a $1.54B acquisition of Venafi. Gartner now tracks Workload Identity Management as a distinct category.
Token's commercial evidence is strong. Ten named enterprise customers with CISO testimonials, including HPE, Elastic, Udemy, HiBob, Klaviyo, and Lemonade, are not design partners or pilots. These are named security leaders putting their names on public endorsements.
The founding team carries credibility through Unit 8200 backgrounds. Angel investor Shlomo Kramer co-founded Check Point, Imperva, and Cato Networks, three companies that shaped the infrastructure security market.
Clearly AI (Score: 32/40)
Clearly AI has the strongest go-to-market evidence in the cohort. Seventeen named enterprise customers, including Rivian, Ericsson, Okta, Webflow, and Affirm, demonstrate repeatable demand for AI-automated security and privacy reviews. A reported 90%+ reduction in review times provides concrete evidence of operational impact.
The husband-wife founding team from Amazon Alexa AI Security and Moveworks brings direct domain credibility. Y Combinator backing and an $8.4M seed round from Basis Set Ventures and Crosspoint Capital provide institutional validation. In a cohort heavy on agentic AI security, Clearly AI offers a distinct angle, making existing security review workflows faster rather than securing a new category of AI systems.
Fig Security (Score: 32/40)
Fig Security brings the best combination of funding and team pedigree in the cohort. The $38M raise from Team8 and Ten Eleven Ventures is the second-highest in the cohort. The founding team comes from Siemplify, where they held senior roles through its $500M acquisition by Google, and from Cymulate's security validation platform. Angel investors include the former CEO of Splunk, CrowdStrike's Chief Business Officer, and Palo Alto Networks' former CMO.
Detection drift occurs when changes to infrastructure silently break security monitoring. No established vendor category addresses this gap directly. Fig's change simulation feature shows how a proposed modification would ripple through the detection stack before deployment.
Fig emerged from stealth only twenty days before the Innovation Sandbox stage, limiting public evidence. However, Team8's venture creation model embeds structured customer development before launch. Past winners including HiddenLayer and Reality Defender had minimal public traction at the time of their wins. Judges weighted team credibility, problem significance, and demo impact above disclosed metrics.
Realm Labs (Score: 32/40)
Realm Labs claims a capability no other vendor in the cohort offers: "internal observability" for LLMs, inspecting attention patterns and chain-of-thought processes during inference. No comparable product exists in the market if it works as described.
The team's credentials support the ambition. CEO Saurabh Shintre holds a CMU PhD, has 10+ patents and 2,000+ citations, and served on the RSAC AI/ML track committee for five years. Co-founder Akash Mukherjee co-developed SLSA at Google and worked on Apple's Private Cloud Compute. The Anthropic customer relationship demonstrates technical credibility at the highest level.
The risk factor for Realm is scale. Six employees shipping three products on $5M in funding is a concern that could surface during Q&A. If judges press on the technical mechanism and the answers lack specificity, the strongest claim in the cohort could become its biggest liability.
Humanix (Score: 30/40)
Humanix scores below the top four on paper but has the strongest demo potential in the cohort. Social engineering detection, with AI analyzing a conversation in real time and flagging manipulation tactics before a victim transfers credentials, creates the kind of dramatic before-and-after moment that has decided past Innovation Sandbox outcomes.
The market thesis is data-grounded: social engineering causes 68% of breaches, current defenses are training and simulations, and no product intervenes during the attack itself. Keith Stewart's 20-year career in security, culminating in leading vArmour as CEO through its acquisition, provides direct operational credibility.
What holds Humanix back is category creation risk. "Human Threat Detection and Response" is not yet an established budget line. The company has not disclosed named customers, though credible VC backing suggests production deployments.
What Could Change
With just one point separating four top contenders and only three points between first and fifth, stage performance could be decisive. The Innovation Sandbox is a live pitch competition, not a paper evaluation. A founder who commands the stage, shows a compelling live demo, and tells a story that resonates emotionally can overcome structural weaknesses.
Judge composition and presentation order add further uncertainty. Financial services representation on the 2026 panel favors companies addressing fraud and identity. If three agentic AI security companies present back-to-back, the audience may tire of the theme, benefiting companies that offer contrast. Surprise announcements such as major customer wins revealed during a pitch have shifted outcomes in past years.
Historical Context
| Year | Winner | Category | What Worked |
|---|---|---|---|
| 2025 | ProjectDiscovery | Open-source vulnerability scanning | Community traction, developer-first approach |
| 2024 | Reality Defender | Deepfake detection | Cultural moment (election year + AI safety), media magnetism |
| 2023 | HiddenLayer | AI/ML model security | ChatGPT timing, first-mover in AI security |
| 2022 | Talon | Secure enterprise browser | New category creation; acquired by Palo Alto for $625M |
| 2021 | Apiiro | Code risk platform | Developer security timing, risk-based approach to AppSec |
Scores
Scores were calculated across eight dimensions from the security product analysis framework to assess each company's ability to enter and grow in a competitive security market.
RSAC judges evaluate live pitches and direct Q&A that outside analysts cannot observe. Rather than guess at those impacts, this page scores each company across these dimensions using public-evidence analysis. Individual company profiles also include a five-criterion assessment extrapolated from RSAC's judging priorities.
| Dimension | What It Measures |
|---|---|
| Problem Clarity | How precisely the company defines its problem, supported by evidence that the problem exists at the scale claimed. |
| Capability Depth | How specific the technical capabilities are, with evidence beyond marketing claims (docs, demos, third-party validation). |
| Market Timing | Whether the market is ready for this product, with evidence that buyers are actively seeking solutions. |
| Team Credibility | Demonstrated domain expertise with public signals (prior exits, publications, industry recognition). |
| GTM Proof | Evidence of actual traction (customers, revenue signals, partnerships) beyond stated intentions. |
| Funding Efficiency | Whether funding matches go-to-market ambition, with signs of capital-efficient growth. |
| Category Clarity | Whether the company creates or fits a recognizable category that buyers can quickly place in their stack. |
| Incumbent Defensibility | How vulnerable the core value proposition is to being absorbed as a feature by a platform vendor. |
Each dimension is scored 1-5:
- Critical gap: no evidence
- Weak signals: early or minimal evidence
- Adequate: meets baseline, differentiation unclear
- Strong: clear evidence from multiple data points
- Exceptional: category-defining, independently confirmed
Scores reflect publicly available evidence as of March 2026. Past winners had minimal public traction at the time of their win. Where strong signals such as reputable VC backing or senior team pedigree suggest customer traction that hasn't been publicly disclosed, the GTM Proof score includes a small upward adjustment.
| Company ▴▾ | Total ▴▾ | Problem Clarity ▴▾ | Capability ▴▾ | Timing ▴▾ | Team ▴▾ | GTM ▴▾ | Funding Eff. ▴▾ | Category ▴▾ | Defensibility ▴▾ |
|---|
Company Profiles
Ordered by cluster. Click "Expand details" for a quick inline view, or "View full profile" for the comprehensive analysis.
Token Security is an Israeli cybersecurity startup securing the identities of AI agents and non-human identities (NHIs) across enterprise environments. Founded in 2023 by two Unit 8200 veterans, the company raised $27M total (including a $20M Series A led by Notable Capital) and has landed enterprise customers such as HPE, HiBob, Udemy, and Elastic. Token Security enters the RSAC 2026 Innovation Sandbox with strong timing: agentic AI adoption is accelerating, and legacy IAM tools were not built to govern autonomous machine identities at scale.
| Founded | 2023 |
| HQ | Tel Aviv, Israel |
| Funding | $27M (Series A) |
| Stage | Series A |
| Employees | ~30 |
| Key Investors | Notable Capital, TLV Partners, SNR.vc, Shlomo Kramer (angel) |
| Score | 33/40 |
Key Risks
- Crowded NHI market with well-funded competitors (Oasis $40M+, CyberArk/Venafi $1.54B)
- Early revenue (~$1M estimated) with high burn rate relative to traction
- First-time founders in a sales-intensive enterprise market
- Platform dependency risk if cloud providers build native AI agent governance
Problem & Market
Enterprises now manage 45x more machine identities than human ones. That ratio is growing as organizations deploy AI agents, microservices, and cloud-native architectures. The problem breaks down into identity expansion, scale, visibility gaps, accountability vacuum, and shadow AI. The market is validated by major M&A activity: CyberArk acquired Venafi for $1.54B in 2024. Gartner now tracks "Workload Identity Management" as a distinct market category.
Product Capabilities
Token Security's platform operates on three pillars: Visibility, Control, and Governance, using a four-layer technical architecture (Data Access Layer, Real-Time Inventory, Risk Engine, Risk Map). Core capabilities include Continuous Discovery, Lifecycle Management, Security Posture Management, Identity Threat Detection and Response (ITDR), AI-Driven Remediation, and Intent-Based Least Privilege.
Notable releases include an MCP Server for NHI Security, AI Discovery Engine, and AI Agent Lifecycle Management. Free tools include AI Privilege Guardian and GPTs Compliance Insights.
Competitive Positioning
| Competitor | Focus | Differentiation vs. Token |
|---|---|---|
| Oasis Security | NHI platform | Broader NHI focus; less emphasis on AI agents |
| Entro Security | NHI discovery, NHIDR | Strong SDLC integration; less lifecycle governance |
| CyberArk + Venafi | Privileged access + machine identity | Enterprise incumbent; not purpose-built for agentic AI |
Go-to-Market & Traction
Named customers: HPE, HiBob, Udemy, Elastic, GEHA, Klaviyo, BetterHelp, Lemonade, Bloomreach, Dayforce. Customer testimonials with named CISOs. Web traffic: 7,410 monthly visits with 311% YoY growth. Awards include RSAC 2026 Innovation Sandbox finalist, The Information's 50 Most Promising Startups 2025, and 2026 SC Awards finalist.
Team & Credibility
Itamar Apelblat, CEO: 14+ years experience, 9 years at Unit 8200, B.Sc. CS from Reichman University. Ido Shlomo, CTO: 15+ years, 13 years at Unit 8200 rising to Cyber Security Branch Commander. Board includes Oren Yunger (Notable Capital) and Rona Segev (TLV Partners).
Trust Readiness
Open-source contributions through GPTs Compliance Insights. Demo available via request.
Sources
Geordie AI is a London-based seed-stage startup building a security and governance platform for autonomous AI agents. Founded in April 2025 by former Darktrace and Snyk leaders, the company raised $6.5M from Ten Eleven Ventures and General Catalyst. Its platform provides agent discovery, behavioral observability, and real-time risk mitigation across enterprise agentic deployments.
| Founded | April 2025 |
| HQ | London, UK |
| Funding | $6.5M (Seed) |
| Stage | Seed |
| Employees | ~29 |
| Key Investors | Ten Eleven Ventures, General Catalyst |
| Score | 28/40 |
Key Risks
- Pre-revenue with no disclosed customers beyond one testimonial
- Category definition risk if incumbent vendors add agent governance features
- Darktrace association carries both positive signals and historical scrutiny
- UK-headquartered with US enterprise ambitions adds GTM friction
Problem & Market
Enterprises deploying AI agents face a visibility gap. Agents act continuously, adapt to context, and make non-deterministic decisions. An EY survey found nearly 9 in 10 enterprise leaders identify roadblocks to agentic AI adoption. The AI governance market is projected to grow to $4.83B by 2034 at 35-45% CAGR. The EU AI Act adds regulatory urgency with fines up to EUR 35M or 7% of global turnover.
Product Capabilities
Agent Discovery and Inventory across pro-code, SaaS, endpoint, and low/no-code environments. Behavioral Observability providing end-to-end telemetry across agent workflows. Beam Risk Mitigation Engine for real-time contextual governance at the behavioral layer. Compliance mapping to EU AI Act, OWASP Agentic Top Ten, ISO 42001, NIST AI RMF.
Competitive Positioning
Differentiates from AI governance platforms (Collibra, Alation), AI security testing (Mindgard), API gateways, and CSPM tools. Claims to operate at the behavioral layer with full workflow context. General Catalyst's thesis: "Agentic systems demand similarly autonomous security systems."
Go-to-Market & Traction
Currys (UK retailer) CITO testimonial. Selected for 2026 CrowdStrike/AWS/NVIDIA Accelerator. Black Hat Europe 2025 Startup Spotlight winner. Published technical advisory on eight n8n CVEs.
Team & Credibility
Henry Comfort, CEO: COO Americas at Darktrace, led $5.3B Thoma Bravo due diligence. Hanah-Marie Darley, Chief AI Officer: 9+ years U.S. intelligence, Director of Threat Research at Darktrace. Benji Weber, CTO: Senior Director of Engineering at Snyk ($4.7B). SOC 2 Type 2 and SOC 3 certified.
Sources
Realm Labs builds AI security tools that monitor how large language models reason internally, not just what they output. Founded in 2023, the company offers an AI firewall (OmniGuard), an internal observability platform (Prism), and a data governance/DLP tool (DataRealm). The company raised $5M from Crosspoint Capital Partners and counts Anthropic among its early customers. Its core differentiator is "internal observability," which inspects attention patterns, chain-of-thought processes, and token probabilities inside LLMs during inference.
| Founded | 2023 |
| HQ | Sunnyvale, California |
| Funding | $5M (Seed) |
| Stage | Seed |
| Employees | ~6 |
| Key Investors | Crosspoint Capital, Tola Capital, Silver Buckshot |
| Score | 32/40 |
Key Risks
- Core "internal observability" claim not publicly documented with technical detail
- Six employees shipping three products across four modalities is ambitious
- Limited disclosed traction (one named customer, no revenue figures)
- Open-weight model dependency may limit addressable market for closed APIs
Problem & Market
Enterprises deploying AI face a visibility gap. Current guardrails monitor inputs and outputs but treat models as black boxes. Palo Alto Networks' Chief Security Intelligence Officer called AI agents "the biggest insider threat of 2026." The AI security market saw $9.4B in cybersecurity startup funding in H1 2025.
Product Capabilities
Realm OmniGuard: AI firewall blocking harmful content, jailbreaks, and prompt injections across text, audio, images, and video. 50+ languages, 20-100ms latency. Realm Prism: Observability across infrastructure, data, application, internal reasoning, and output quality layers. Claims 10,000+ thought patterns for anomaly detection. DataRealm: DLP for unstructured data with browser-based endpoint agent. SOC 2 badge displayed. Public playground at playground.realmlabs.ai.
Competitive Positioning
| Competitor | Focus | Realm Differentiator |
|---|---|---|
| HiddenLayer | Broad ML/DL model security | Deeper internal monitoring for LLMs specifically |
| WhyLabs | AI observability, guardrails | Internal reasoning inspection beyond behavioral monitoring |
| Robust Intelligence (Cisco) | AI firewall and validation | Positions as next-gen alternative |
Team & Credibility
Saurabh Shintre, CEO: CMU PhD, 10+ patents, 2,000+ citations, Principal Researcher at Symantec/Splunk, RSAC AI/ML committee member 2018-2023. Akash Mukherjee, Head of Engineering: Security Leader for AI/ML at Apple (Private Cloud Compute), co-developed SLSA at Google. Piotr Mardziel, Head of AI: University of Maryland PhD in CS, CMU CyLab post-doc, trustworthy ML researcher. Advisors: Jason Clinton (Anthropic Deputy CISO), Paul Kocher (SSL 3.0 inventor).
Sources
Humanix is building the first Human Threat Detection and Response (HTDR) platform, using conversational AI trained on human psychology to detect social engineering attacks in real time across voice, chat, email, and service channels. The company has raised $18M led by BoldStart Ventures and Acrew Capital. Founded by Keith Stewart, a 20-year security veteran who served as interim CEO of vArmour through its acquisition.
| Founded | 2023 |
| HQ | San Francisco, CA |
| Funding | $18M (Series A) |
| Stage | Series A |
| Employees | ~9-11 |
| Key Investors | Acrew Capital, BoldStart Ventures, Evolution Equity Partners |
| Score | 30/40 |
Key Risks
- No named customers, revenue metrics, or customer counts public
- Small team (~9-11) covering real-time AI across multiple channels
- Privacy and employee monitoring concerns (wiretapping laws, GDPR)
- Category creation risk for "Human Threat Detection and Response"
Problem & Market
Social engineering is the leading breach vector. Verizon DBIR 2024: 68% of breaches succeed by targeting humans. FBI IC3: $16.6B losses in 2024. CrowdStrike: 442% increase in voice-based attacks. The MGM Resorts breach triggered a $100M loss from a single social engineering call. Training stops less than 2% of incidents. Market: $2.5B in 2023, projected $9.8B by 2032.
Product Capabilities
Four pillars: Assess (maps human attack surface), Detect (conversational AI analyzing linguistic/psychological indicators), Respond (real-time alerts through SIEM/SOAR), Assure (compliance documentation). Integrations: Microsoft Teams, Slack, Zoom, Microsoft 365, Entra ID, ServiceNow. Use cases: help desk security, financial fraud prevention, executive protection.
Team & Credibility
Keith Stewart, CEO: 20+ years in security, Stanford MSc, Cisco (9 years), vArmour (VP Products through CEO through acquisition). Seyed Ahmadinejad, Engineering Lead: PhD CS, vArmour architect. Marc Woolward, Adviser: Goldman Sachs CTO (16 years), vArmour CTO/CISO.
Sources
Charm Security targets the gap between traditional transaction-based fraud detection and AI-powered social engineering scams that manipulate humans. The company applies agentic AI combined with behavioral psychology to intervene in real time before victims transfer funds. Backed by Team8 and angels including the founders of Wiz and Talon Cyber Security, Charm enters the Sandbox with early traction in the U.S. credit union market.
| Founded | December 2024 |
| HQ | New York, NY |
| Funding | $8M (Seed) |
| Stage | Seed |
| Employees | 10-15 |
| Key Investors | Team8, Assaf Rappaport (Wiz CEO), Ofer Ben-Noon (Talon co-founder) |
| Score | 25/40 |
Key Risks
- Funding gap relative to Doppel ($124M raised, $600M+ valuation)
- Narrow credit union beachhead may limit scaling to large banks
- Incumbent fraud platforms (Feedzai, BioCatch) could add intervention features
Problem & Market
Financial fraud has shifted from unauthorized transactions to authorized push payment (APP) scams. AI-powered scams account for an estimated $1.03 trillion in annual global losses. The UK now requires banks to reimburse scam victims up to GBP 85,000. 60% of UK scams originated on Meta platforms in 2023.
Product Capabilities
Three AI agents: Fraud Investigation Agent (signal correlation, 80% L1 triage reduction claimed), Fraud Frontline Agent (real-time insights during high-risk interactions), Fraud Intelligence Agent (HoneyBot network engaging scam infrastructure). Proprietary HVE Model (Human Vulnerabilities and Exploits) analogous to CVE for human attack vectors.
Go-to-Market & Traction
National Member Protection Initiative (NMPI) launched with Curql Collective (160+ credit unions). Five inaugural cohort members: InTouch CU ($818M), Lake Trust CU ($2.8B), Elements Financial ($2.5B), ORNL FCU ($4.7B), Altra FCU ($3.05B). Collectively $13.8B in assets, 734K+ members. ABA Partner Network member. Demoed at FinovateFall 2025.
Team & Credibility
Roy Zur, CEO: Third-time founder, two prior exits (Cybint became ThriveDX, Kontra acquired by SecurityCompass). 10+ years Unit 8200 intelligence officer. Avichai Ben, CTO: Led Data Science at Transmit Security, Microsoft. Yonatan Krieger, Head of Engineering: Senior Director at Palo Alto Networks, VP R&D at Cider Security (acquired by PANW).
Sources
Clearly AI automates enterprise security and privacy reviews using AI that ingests design documents, source code, and organizational knowledge to produce threat models, data flow diagrams, and compliance assessments. With 17 enterprise customers including Rivian, Ericsson, and Okta, and a reported 90%+ reduction in review times, the husband-wife founding team brings direct domain experience from Amazon Alexa AI Security and Moveworks.
| Founded | June 2024 |
| HQ | Seattle, WA |
| Funding | $13.9M (Seed + RSAC) |
| Stage | Seed |
| Employees | 12 |
| Key Investors | Basis Set Ventures, Crosspoint Capital, Y Combinator |
| Score | 32/40 |
Key Risks
- Competitive convergence as code security vendors and GRC platforms add AI
- LLM dependency introduces hallucination risks in high-stakes security assessments
- No publicly documented SOC 2 certification for a company handling sensitive data
Problem & Market
The industry ratio of 1 security engineer to 200 software engineers makes manual review unsustainable. AI-generated code accelerates the problem. Traditional reviews take days to weeks per feature. Basis Set Ventures: "AI-generated code is flooding into production with increasing velocity."
Product Capabilities
STRIDE-framework threat modeling, security/privacy assessments, vendor risk assessments, risk triage and prioritization, continuous monitoring. Integrates with Jira, GitHub, Confluence, Google Drive, Slack, Notion. Human-in-the-loop model with built-in hallucination safeguards. HID Global: documentation "generated within a minute" that would have "taken developers weeks."
Go-to-Market & Traction
17 enterprise customers including Rivian (90% review time reduction, 4x capacity), Ericsson, Okta, Webflow, Affirm, HID Global (300+ products). Okta Startup Challenge finalist. Active on conference circuit: BSides, OWASP Global AppSec, ThreatModCon, IAPP AI Governance Global.
Team & Credibility
Emily Choi-Greene, CEO: Dartmouth CS, 5 years Amazon (Alexa AI Security lead for 2,500+ engineers), Moveworks data security lead. Joe Choi-Greene, CTO: Carnegie Mellon CS, 9 years Amazon (Alexa Secure AI Foundations, Project Kuiper satellite telemetry).
Sources
ZeroPath is a Y Combinator-backed AI-native application security platform that replaces traditional SAST tools with LLM-driven vulnerability detection and automated patching. The company claims 750+ customers and 200,000+ monthly scans within 18 months of founding. Its core differentiator is detecting business logic flaws and authentication bypasses that rule-based scanners miss.
| Founded | June 2024 |
| HQ | San Francisco, CA |
| Funding | ~$7M (Seed) |
| Stage | Seed |
| Employees | 1-10 |
| Key Investors | Y Combinator, SurgePoint Capital, Paul Graham (angel) |
| Score | 29/40 |
Key Risks
- Competitive convergence as Snyk, Checkmarx, Semgrep add LLM capabilities
- Tiny team (1-10) serving 750+ claimed customers raises support questions
- Funding amount unverified (reports range $500K to $20M)
Problem & Market
Traditional SAST tools generate 70-90% false-positive rates and miss business logic flaws. Gartner projects the global application security market will exceed $10B by 2027. AI-generated code introduces novel vulnerability patterns that rule-based scanners cannot detect.
Product Capabilities
AI-native SAST combining AST analysis with LLMs across 15+ languages. Claims 2x more vulnerabilities with 75% fewer false positives. One-click patch generation via PRs. Sub-60-second PR scanning. SAST tool consolidation (imports from Semgrep, Snyk, Checkmarx). SCA with reachability, secrets detection, IaC scanning. SOC 2 Type II and GDPR compliant. BYOK and self-hosted options.
Go-to-Market & Traction
750+ companies, 200K+ monthly scans. Named customer: Aptos Labs (60 min to 20 min per finding). Zero-days found in Netflix, Hulu, Salesforce codebases. Daniel Stenberg (curl maintainer) endorsement. Pricing: $1K/mo + $60/dev. CTF challenges and MCP server for developer ecosystem.
Team & Credibility
Dean Valentine, CEO: Prior exit (Mevlink acquired by bloXroute), OSCP/OSCE. Raphael Karger, CTO: Google Security Engineer, Bishop Fox consultant, Brown MS Cybersecurity. Nathan Hrncirik: Tesla Red Team (intern), $100K+ bug bounties.
Sources
Crash Override provides build inspection technology that captures metadata inside CI/CD pipelines, creating a single source of truth across code, infrastructure, tools, and teams. Founded in 2022 by OWASP creator Mark Curphey and Capsule8 founder John Viega, the company raised $28M. Its open-source tool Chalk embeds provenance metadata into build artifacts and generates SBOMs, providing SLSA Level 2 compliance out of the box.
| Founded | 2022 |
| HQ | New York, NY |
| Funding | $28M (Seed) |
| Stage | Seed (large) |
| Employees | ~18-30 |
| Key Investors | GV (Google Ventures), SYN Ventures, Bessemer, Blackstone |
| Score | 28/40 |
Key Risks
- Modest open-source traction (415 GitHub stars after 2.5 years)
- Messaging pivot from "Engineering Relationship Management" to AI code discovery
- Competitive pressure from Chainguard ($892M raised) and ASPM vendors
Problem & Market
Modern software development suffers from fragmented visibility. Code comes from developers, open-source, third-party tools, and AI assistants. Vulnerability scanning generates noise because teams scan code that never reaches production. US EO 14028 and EU Cyber Resilience Act mandate supply chain transparency. Verizon 2025 DBIR: 30% of breaches involved third-party involvement, doubling YoY.
Product Capabilities
Chalk (open source): GPL-3.0, captures build metadata, injects chalk marks into artifacts, generates CycloneDX SBOMs, SLSA Level 2 compliance. 415 GitHub stars, 45 releases. Ocular (open source): Kubernetes-native API for out-of-band security scanning. Commercial ERM platform: AI code discovery, real-time change ledger, shadow engineering detection. Four lines of YAML to deploy.
Go-to-Market & Traction
Testimonials from Toyota Motor North America and Amazon. Board includes Gerhard Eschelbeck (former Google VP/CISO, CVSS co-inventor). Open Source Fellowship funding ZAP/OWASP. ~1,300 monthly web visits.
Team & Credibility
John Viega, CEO: 30+ years in AppSec, CEO of Capsule8 (acquired by Sophos), multiple books on software security, NYU adjunct. Mark Curphey, Co-Founder: Founded OWASP (2001), CEO of SourceClear (acquired by Veracode), co-founded Open Raven. Brandon Edwards, CTO: Co-founder Capsule8, Exodus Intelligence, deep vulnerability research.
Sources
Fig Security defines a new category it calls Security Operations Resilience. The company emerged from stealth in March 2026 with $38 million in funding. Its platform maps, monitors, and validates detection and response flows across the entire SecOps stack, catching silent breakdowns before they create blind spots. Founded by veterans of Siemplify (acquired by Google for $500M) and Cymulate.
| Founded | March 2025 |
| HQ | New York, NY / Tel Aviv |
| Funding | $38M (Seed + Series A) |
| Stage | Series A |
| Employees | ~25 |
| Key Investors | Team8, Ten Eleven Ventures; angels: Doug Merritt (ex-Splunk CEO), Daniel Bernard (CrowdStrike CBO) |
| Score | 32/40 |
Key Risks
- Category creation risk: "Security Operations Resilience" is not yet an established market
- No named customers or disclosed revenue despite Fortune 100 claims
- Less than one year old with limited production history
- SIEM vendors could build similar monitoring as a feature
Problem & Market
SOC teams depend on layered stacks of SIEMs, SOAR platforms, data pipelines, and AI agents. Changes to any component can silently break detection rules and data flows. These failures produce no alerts. CEO Gal Shafir: "The most dangerous failures in security are the ones you do not know about." The market sits at the intersection of SIEM ($6B+), SOAR, and SecOps tooling.
Product Capabilities
Autonomous discovery and mapping of detection/response flows. Continuous monitoring for drift. Root cause analysis and alerting. Change simulation before production deployment. Framed as "DevOps for SecOps." Claims frictionless integration with any tech stack.
Competitive Positioning
No direct competitor offers end-to-end SecOps data lineage mapping, drift detection, and change simulation combined. Adjacent: detection engineering tools (Anvilogic, CardinalOps), SOAR platforms (Torq, Tines), security posture management (Cymulate, SafeBreach), agentic SOC platforms (Seven AI). Fig positions as complementary to all of these.
Team & Credibility
Gal Shafir, CEO: Director Global Sales Engineering at Siemplify through $500M Google acquisition, then Head of Global Security Architects at Google SecOps. Nir Loya Dahan, CPO: VP Product at Cymulate, PM at Siemplify, Director of Product at Unit 8200. Roy Haimof, CTO: Director of Engineering at Cymulate, Security Researcher at Unit 8200.
Sources
Glide Identity replaces SMS one-time passwords with SIM-anchored cryptographic authentication. The company leverages private keys embedded in billions of SIM cards to verify identity without passwords or codes. Backed by $25M+ in funding led by Crosspoint Capital Partners, Glide has partnered with Google Cloud, T-Mobile, and Verizon for its first commercial deployments in the U.S.
| Founded | 2024 |
| HQ | San Francisco, CA / Tel Aviv |
| Funding | $25M+ (Series A) |
| Stage | Series A |
| Employees | ~24 |
| Key Investors | Crosspoint Capital, Fidelity Intl Strategic Ventures, Singtel Innov8 |
| Score | 29/40 |
Key Risks
- Heavy platform dependency on Google Cloud and carrier partnerships
- GSMA Open Gateway is an open standard that carriers could expose directly
- No named enterprise customers or disclosed revenue despite Fortune 500 pilot claims
- Competitive encroachment from Prove (1,500+ customers)
Problem & Market
SMS OTP is broken: SIM swap attacks, phishing, interception. FTC: $12.5B lost to scams in 2024 (25% YoY increase). GSMA Open Gateway backed by 86 operator groups representing 300+ networks and 80% of global connections. Authentication friction causes 70% online cart abandonment.
Product Capabilities
MagicalAuth: SIM-based Silent Network Authentication, sub-1-second verification. First commercial deployment of T-Mobile's SNA API. SuperPasskey: FIDO2 passkeys on SIM verification. Glide-Out: Payment authentication replacing 3DS OTP. Glide-In: NFC/QR physical identity. Google Cloud infrastructure, 2 API calls to integrate. FIDO2 certified, GSMA aligned.
Go-to-Market & Traction
Google Cloud strategic partner (Firebase integration reaching 3M developers). T-Mobile and Verizon partnerships live. MagicalAuth in beta, GA planned Q1 2026. Fortune 500 financial institution pilots claimed. Snapchat early application partner. MWC 2025 demonstration with GSMA endorsement.
Team & Credibility
Eran Haggiag, CEO: Serial entrepreneur (ClearX raised $17M, worked with 17+ telcos; Meme Video acquired). JFrog advisory board. Deep telco relationships from ClearX directly enabled carrier partnerships. 16 employees across 5 countries.