The Black Unicorn Report for 2022

2022 | The Black Unicorn Report 1


Table of Contents 

The Future of Cybersecurity? Just One Word: Automation 4 

The Cybersecurity Lens: PANCCD 8 

Looking At the Cybersecurity Landscape with The PANCCD Lens 9 

Meet The Judges 16 

What Is the Definition of a Black Unicorn? 20 

The Black Unicorns for 2022 27 

About The Black Unicorn Winners for 2022 28 

About The Black Unicorn Finalists for 2022 35 

The Baby Black Unicorns for 2022 44 

About The Baby Black Unicorn Winners for 2022 45 

About The Baby Black Unicorn Finalists for 2022 50 

The Top InfoSec Innovators for 2022 55 

The Top Global CISOs 2022 57 


The Future of Cybersecurity? Just One Word: 

Automation 

By Dr. Peter Stephenson 

If you are not better informed, smarter, better equipped, and faster than the adversary, you can 

count on your system being compromised at some point. When I'm asked about the future of 

cybersecurity, I generally recount a cautionary tale. As far as I know, this has never actually 

happened. But it brings into focus two of the most important concepts in cyber adversary threats: 

autonomous bots and blockchain. 

Imagine the following scenario: it's late on a Friday evening starting a long weekend. There is a 

single engineer in the network operations center and a single engineer in the security operation 

center. Everything is quiet until the network engineer notices thousands of accounts logging in 


and removing money using the on-line banking system. At the same time, the security engineer 

notices the logins but sees nothing irregular about them except for their volume. The network 

engineer is concerned, and she disconnects the remote banking system from the Internet. At that 

point the security engineer notices that the attempts at removing money from accounts continue 

from inside the network but because the network is not connected to the Internet the attempts fail. 

Neither the network engineer nor the security engineer can explain the sudden removal of money 

from so many accounts. Further investigation shows that there were several million dollars 

removed from a few thousand accounts in the space of less than five minutes. The security 

engineer notifies the forensic team, and they began to try to figure out what happened. Unusually 

there is absolutely no indication of a breach. However, late on a Friday night is not when one 

would expect millions of dollars to be removed legitimately from several thousand accounts at the 

same time. The engineers and forensic specialists can offer no explanation. 

Here's what happened. Over the space of several months an autonomous bot from a hive net 

slowly accessed the protected network multiple times. The single bot was released, through 

phishing, into the network. That bot slowly sent account credentials to port 443 (https) via a 

blockchain network where they were saved. Once enough credentials were harvested, the bot 

destroyed itself leaving no trace. Because it was connected to port 443, the exfiltration was not 

noticed but was considered normal network operation. It set off no alarms in the intrusion detection 

system. 

The intrusion detection system was a next-generation system using machine learning. However, 

prior to penetrating the network, the hive net attacked the network multiple times in multiple ways 

collecting the intrusion detection system's responses. From those responses, the hive crafted 

attacks that would not trigger the intrusion detection system. This type of machine learning black 

box attack is called "querying the oracle". From the information gained, the first bot was able to 

enter the network as part of a phishing campaign. A second set of attacks, triggered inside the 

protected network, allowed the bot to query the oracle internally. The hive now had all the 

information it needed to complete the attack. 

Having gathered the defense information, the hive now could exfiltrate money from accounts 

without being detected. On the Friday evening the hive, using its swarm bots, performed a smashand-grab 

attack. Spoofing legitimate user accounts, the swarm logged in and transferred money 

out via the blockchain network. Each bot destroyed itself after performing its mission. The block 

chain network terminated in a bitcoin wallet. Money in the bitcoin wallet immediately was 

transferred to several additional bitcoin wallets, obfuscating the trail. The money was never 

recovered. 

This is an example of an attack by autonomous bots. In other words, the bots do not report to a 

hive master or a bot master. Unlike current generation attacks, the hive master simply needs to 

give the hive its objective and let the hive operate autonomously. The bots learn from each other 

and the intelligence of the hive grows. 


In current generation attacks, the bot master manages a command-and-control server. From there 

he directs the bots to attack. Autonomous bots, however, receive their initial programming and 

receive initial commands from the hive. The hive and the bots are based upon machine learning 

or other forms of artificial intelligence and do not require human intervention once they're 

programmed, and their objective defined. 

So how do we defend against autonomous hives and swarm bots? The only answer is that we 

must deploy machine learning models that learn from attacks against them - in addition to known 

attacks - and develop defenses on the fly. That means we must be smarter, faster, and more alert 

than current generation tools are. What does that really mean? It means that in the future humans 

will not be fast enough to respond. In fact, for certain types of current, distributed attacks humans 

are not fast enough to respond. Lest you interpret this as "there is no place for humans in cyber 

security", let me state clearly that you are about half right. 

Humans always will make the hard analytical decisions. To turn over all cyber security to an 

algorithm would eviscerate human control and open the way to errors and bias in the machine 

learning (ML) code. However, there are certain functions that depend upon rapid response - often 

at wire speeds - that preclude human intervention until the event is interdicted and it's time for 

after-action analysis. Then, using analytical tools, humans enter the picture and make decisions 

that then are added to the training set. In addition, ML systems often add events to their training 

set on their own. 

Here's the point… cyber security in the future must become a partnership between people and 

machines. There are things that the adversary will do with ML that a human can't hope to 

recognize and interdict in a timely manner. But there also are things on which the human and the 

machine can - and must - collaborate. The old saw that computers do only what their human 


programmers are telling them to do. Today - and, certainly, tomorrow - machines will learn to 

program machines with little to no human interaction. While it may be true that there is a human 

at the start of this chain, it also is true that at some point the human contribution is minimized to 

the point of obscurity. That is, potentially, a dangerous time for cyber security. 

Imagine, for example, a hivenet created by an especially talented hacker with malicious intent. 

The hive wanders through the Internet achieving its mission as assigned by its hacker hive master. 

But all the time it's doing the human's bidding, it is learning and training the swarm bots' ML. At 

what point - if any - do the swarm bots and the hive thumb their virtual noses at the human and 

go their own way? Does this mean that the future of cyber security is an endless battle of the 

bots with the bots becoming ever-more sentient? That is a debate for cyber philosophers, not 

security professionals. But - and this is a big but - what would we do if that became the case? 

About the Author 

Dr. Peter Stephenson has reactivated himself to 

exclusively focus on deep next generation 

Infosecurity product analysis for Cyber Defense 

Magazine after more than 50 years of active 

consulting and teaching. His research is in cyberlegal 

practice and cyber threat/intelligence analysis 

on large-scale computer networks such as the 

Internet. Dr. Stephenson was technology editor for 

several years for SC Magazine, for which he wrote 

for over 25 years. He is enabled in his research by 

an extensive personal research laboratory as well 

as a multi-alias presence in the Dark Web. He has 

lectured extensively on digital investigation and 

security, and has written, edited or contributed to 

over 20 books as well as several hundred articles and peer-reviewed papers in major national 

and international trade, technical and scientific publications. He spent ten years as a professor 

at Norwich University teaching digital forensics, cyber law and information security. He 

retired from the university as an Associate Professor in 2015. Dr. Stephenson obtained his PhD 

at Oxford Brookes University, Oxford, England where his research was in the structured 

investigation of digital incidents in complex computing environments. He holds a Master of 

Arts degree in diplomacy with a concentration in terrorism from Norwich University in Vermont. 

Dr. Stephenson is a full member, ex officio board member and CISO of the Vidocq Society 

(http://www.vidocq.org). He is a member of the Albany, NY chapter of InfraGard. He held – but 

has retired from – the CCFP, CISM, FICAF and FAAFS designations as well as currently holding 

the CISSP (ret) designation. 


The Cybersecurity Lens: PANCCD 

How do you take nearly 4,000 cybersecurity companies across the globe and fit them into 

a box? It’s not easy, so one of the judges, Gary Miliefsky, took up the challenge to create 

a new model for the entire marketplace with the acronym he’s coined “P.A.N.C.C.D.” - 

People, Applications, Networking, Computing Devices, Code and Data. These six layers 

to the stack, or the pyramid of cybersecurity make it much easier to understand the value 

proposition of a cybersecurity vendor and where they fit, although within each box in the 

stack there are subcategories and different angles of how the myriad of solutions solve 

different problems related to the challenges caused by cyber risk. 

First, we must understand that cyber risk relates to threats, vulnerabilities and assets, in 

the well-known formula: Risk = Threats x Vulnerabilities x Assets or R = T x V x A 

This formula cannot work without adding time to the equation, from the famous formula 

created by Winn Schwartau, called Time-based Security: Exposure (time) = Detection 

(time) + Response (time) or Pt=Dt + Rt 

So cyber risk happens over a period of time – when a threat exploits a vulnerability, how 

long does it take us to detect this threat and how long does it take us to respond? The 

closer to zero that Dt+Rt equals, the lower our Exposure (time) or Et. This is why more 

vendors are focusing on automation, machine learning and artificial intelligence to combat 

the latest cyber threats. Focusing our Cybersecurity Lens on those vendors who have 

entered the Black Unicorn Awards contest and made it into this report, we use the 

PANCCD model as follows; what does the cybersecurity vendor focus on: 

People, Applications, Networking, Computing Devices, Code, Data – the PANCCD lens 


Looking At the Cybersecurity 

Landscape with The PANCCD Lens 

It’s now very easy to look at a vendor and categorize where they fit, into helping solve the 

problems of cyber risk in a particular category. 

When you hear about or read about a cybersecurity vendor, you can now quickly and 

easily figure out what portion of cyber risk they solve, by using the PANCCD model. 

Feel free to use and share this model, just give credit to the author, as follows 

“PANCCD is a trademark of Gary Miliefsky, CEO, Cyber Defense Media Group” with a 

hyperlink to the author’s bio, found here: https://www.cyberdefensemagazine.com/aboutour-founder/ 

In this Black Unicorn Report for 2022, we’ve taken a few unique cybersecurity lenses to 

view the market and predict the future. Note that post COVID-19, the world has turned 

upside down and it’s accelerated telecommuting and cloud-based apps (SaaS) 

expansion, moving us from 3-4% home workforce to over 51% and growing. Thus, the 

major attack vectors have shifted to the cloud and weaker home-computing hygiene. This 


has opened doors for increased revenues and visibility among those players who secure 

the cloud, SaaS apps and deal with weak, remote, exposed endpoints. 

Dr. David DeWalt’s Super Cycles view gives us an even clearer picture of where current 

and future cybersecurity investments need to be made, and therefore where we expect 

to find additional Black Unicorns in the coming years. According to Dr. DeWalt’s 

NightDragon venture fund, by next year, the cybersecurity market will be worth over $248 

billion. What’s driving this exponential growth? 

● Attack surfaces continue to grow daily. As IT innovation around cloud, mobile, and 

virtualization continues, the attack surfaces that must be monitored and protected 

constantly grow and evolve. 

● A shortage of cybersecurity workers. There’s a serious shortage of professionals 

with real-world experience. This drives costs higher and increases demand for 

automation to reduce headcount. 

● Regulation is increasing and evolving. To keep up with constantly changing 

compliance needs, organizations are increasing their focus on cybersecurity to 

meet regulatory requirements. 

● Tactics are becoming more sophisticated: Keeping up with new tactics like 

monetizing attacks via cryptocurrency, renting attack infrastructure, phishing 

attacks, and AI require new defenses. 

● The cost of cybercrime is rising fast: Cybercrime is relentlessly gaining steam 

across almost every industry. That’s why cybercrime will cause over ten trillion in 

damages by 2025. 

With Robert (Bob) Ackerman running one of the most innovative and successful 

cybersecurity venture funds in America, we have another unique investor who 

understands the industry including bringing a reality check and a view on what is working 

into the judging process and our report. 

Dino Boukouris has spent over 16 years in the technology industry with expertise in 

cybersecurity, finance, strategy, operations, entrepreneurship, and venture capital & 

private equity. Dino is a Founding & Managing Director at Momentum Cyber, alongside 

Founders Dave DeWalt, Michael Tedesco and Eric McAlpine. Dino adds some wonderful 

market insights from his Cybersecurity Market Review for the 1 st half of 2022: 


Venture capital specialization is an emerging theme within the cybersecurity ecosystem. In the 

past two years, a new class of cybersecurity-focused firms have raised over $2 billion of capital 

in total. These specialist firms focus their investments exclusively on cybersecurity companies 

and broaden their value creation cycle beyond capital alone. 


The 7 Top Trends for Cyber Security In 2022 Driving Market Growth (Source: Gartner) 

1. Attack Surface Expansion 

Currently, 60% of knowledge workers are remote, and at least 18% will not return to the 

office. These changes in the way we work, together with greater use of public cloud, highly 

connected supply chains and use of Cyber-physical systems have exposed new and 


challenging attack “surfaces.” This leaves organizations more vulnerable to attack. 

Gartner recommends security leaders look beyond traditional approaches to security 

monitoring, detection and response to manage a wider set of risks. 

2. Identity System Defense 

Identity systems are coming under sustained attack. Misuse of credentials is now a 

primary method that attackers use to access systems and achieve their goals. For 

example, in the SolarWinds breach attackers used a supplier’s privileged access to 

infiltrate the target network. Gartner uses the term identity threat detection and response 

(ITDR) to describe a collection of tools and processes to defend identity systems. In the 

longer term, more consolidated solutions will emerge. 

3. Digital Supply Chain Risk 

Gartner predicts that by 2025, 45% of organizations worldwide will have experienced 

attacks on their software supply chains, a three-fold increase from 2021. Security and risk 

management leaders need to partner with other departments to prioritize digital supply 

chain risk and put pressure on suppliers to demonstrate security best practices 

4. Vendor Consolidation 

Security products are converging. Vendors are consolidating security functions into single 

platforms and introducing pricing and licensing options to make packaged solutions more 

attractive. While it may introduce new challenges such as reduced negotiating power and 

potential single points of failure, Gartner sees consolidation as a welcome trend that 

should reduce complexity, cut costs and improve efficiency, leading to better overall 

security. 

5. Cybersecurity Mesh 

The Cybersecurity mesh is a modern conceptual approach to security architecture that 

enables the distributed enterprise to deploy and integrate security to assets, whether 

they’re on premises, in data centers or in the cloud. Gartner predicts that by 2024, 

organizations adopting a Cybersecurity mesh architecture will reduce the financial impact 

of individual security incidents by an average of 90%. 

6. Distributed Decisions 

Executive leaders need a fast and agile Cybersecurity function to support digital business 

priorities. However, as more aspects of the business are digitalized, the job is becoming 

too big for a centralized CISO role. Leading organizations are building the office of the 

CISO to enable distributed Cyber judgment. The CISO and the centralized function will 

continue to set policy, while Cybersecurity leaders are placed in different parts of the 

organization to decentralize security decisions. 


7. Beyond Awareness 

Human error continues to feature in most data breaches, showing that traditional 

approaches to security awareness training are ineffective. Progressive organizations are 

moving beyond outdated compliance-based awareness campaigns and investing in 

holistic behavior and culture change programs designed to provoke more secure ways of 

working. 

According to IBM’s X-Force Threat Intelligence Index 2022 (Source: 

https://www.ibm.com/downloads/cas/ADLMYLAZ) Ransomware remains the #1 threat 

vector. 

Recommendations from Herjavec Group & Fishtech Group 2022 Cybersecurity 

Conversations Report are these 7 Steps To Mitigate Ransomware Damage (Source: 

https://www.herjavecgroup.com/herjavec-group-releases-the-2022-cybersecurityconversations-report/): 

1. Make Sure Incident Response Strategy Covers Ransomware 

2. Prioritize Post-Incident Review and Continuous Improvement 

3. Prepare for the Worst by Backing Up 

4. Ensure the Entire Team Knows How to Detect and Report Ransomware 

5. Segment and Isolate Crown Jewels 

6. Make Sure Detection and Response Tools will Cover Ransomware 

7. Prepare with the All-Necessary Parties 


Gary Miliefsky’s take on market with the PANCCD model gives us focus and helps us 

quickly determine where a vendor fits and how they might add value in the cyber risk 

reduction equation. 

Dr. Stephenson’s time in the trenches, teaching, testing and exploring all things 

cybersecurity with a keen insight into machine learning (ML), artificial intelligence (A.I.), 


what works and what doesn’t is extremely valuable predictive intelligence on the selection 

of Black Unicorns. 

On that note, given that we had to be pragmatic in our quest for current and future Black 

Unicorns, here’s where we started: There are now almost 4,000 cybersecurity companies 

in the world. We only allowed a small number of companies based on their funding, sales 

growth and scalability to enter the Black Unicorn Awards contest and required they 

provide detailed information including funding, financials, competition and much more. In 

many cases this information remains confidential, at the request of the applicants. 

We found some companies that didn’t make the cut as Finalist for various reasons but 

were seriously worth a look, so we’ll continue to keep an eye on them in 2023 and beyond 

and see how they progress. You will find all Winners and Finalists worthy of our attention 

and yours – you may find that they offer a unique solution missing in your cybersecurity 

portfolio. 

Meet The Judges 

Dino Boukouris has spent over 16 

years in the technology industry with 

expertise in cybersecurity, finance, 

strategy, 

operations, 

entrepreneurship, and venture 

capital & private equity. Dino has 

been a speaker at Cybersecurity 

conferences across the country 

including the RSA Conference, 

Cybertech Tel Aviv, Structure 

Security, Global Cyberspace Coop 

Summit, IoT Security Panel, M&A 

East 2017, as well as at numerous 

private events and corporate 

gatherings. 

Dino is a Founding & Managing 

Director at Momentum Cyber, alongside Founders Dave DeWalt, Michael Tedesco 

and Eric McAlpine. Momentum Cyber is the premier trusted strategic advisor to the 

Cybersecurity industry, providing bespoke high-impact advice combined with tailored 

senior-level access from incubation to exit. 


Prior to Momentum Cyber, Dino was a Founding Director of Momentum Partners, the 

precursor to Momentum Cyber, alongside Founders Eric McAlpine and Michael Tedesco. 

Prior to Momentum Partners, Dino spent much of his career working with and advising 

venture-backed and bootstrapped start-ups, including Cameron Health a medical device 

start-up which created the world’s first subcutaneous implantable defibrillator and was 

ultimately acquired by Boston Scientific for $1.35B. Prior to Cameron Health, Dino began 

his career with GKN, a multinational aerospace and automotive company, where he was 

one of ten graduates selected from across the United States for their International 

Leadership Development Program. 

Additionally, Dino has been a lecturer, GS instructor and mentor for the MBA, EWMBA 

and Executive MBA program for Venture Capital and Private Equity, Business Model 

Innovation, Entrepreneurial Strategy, and Managerial Economics. Dino has also served 

as an advisor to and been involved with a number of leading accelerators such as the 

Alchemist Accelerator, Intel Technology to Market Accelerator, National Science 

Foundation Innovation Corps, and Lean Launchpad. 

In his “spare” time, Dino received his MBA with Honors from UC Berkeley, where he was 

President of his MBA program, a Haas Venture Fellow, a Turner Fellow, a Dean’s Scholar 

and chair of Venture Capital Connect. Dino also graduated Summa Cum Laude with a 

B.S.E. in Mechanical Engineering and an M.S.E. in Mechanical Engineering from the 

University of Michigan, where he entered the Honors Program and was a Lawrence D. 

Corlett Scholar, an Engelbrecht Scholar and a David Aspland Scholar. 


Robert R. Ackerman, Jr. Managing 

Director, AllegisCyber Capital 

BOB FOUNDED ALLEGIS IN 1996 

AFTER A SUCCESSFUL CAREER 

AS A SERIAL ENTREPRENEUR. 

In founding Allegis, Bob’s mission 

was to build a seed and early-stage 

venture firm that would combine 

operational experience with an 

entrepreneurial spirit and a focus on 

forging true partnerships with 

portfolio companies to build 

successful and sustainable 

cybertechnology companies. Bob has 

been recognized as a Fortune 100 

cybersecurity executive and also as one of “CyberSecurity’s Money Men”. 

As an entrepreneur, Bob was the President and CEO of UniSoft Systems, a global leading 

UNIX Systems House and the Founder and Chairman of InfoGear Technology 

Corporation, a pioneer in the original integration of web and telephony technology and 

creator of the original iPhone. Outside of Allegis, Bob teaches New Venture Finance in 

the MBA program at the University of California, co-manages his family’s small Napa 

Valley winery – Ackerman Family Vineyards, and enjoys fly fishing. 

Gary Miliefsky, Founder & CEO of 

Cyber Defense Media Group 

(CDMG) is an internationally 

recognized cybersecurity expert, 

bestselling author and keynote 

speaker. He is a Founding Member of 

the US Department of Homeland 

Security, the National Information 

Security Group and the OVAL 

advisory board of MITRE responsible 

for the CVE Program. He also 

assisted the National Infrastructure 


Advisory Council (NIAC), which operates within the U.S. Department of Homeland 

Security, in their development of The National Strategy to Secure Cyberspace as well as 

the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. 

Gary has been founder and/or inventor for technologies and corporations sold and 

licensed to Hexis Cyber, WatchGuard, Intel/McAfee, IBM, Computer Associates and 

BlackBox Corporation. Gary is a member of ISC2.org and is a CISSP®. 

In 2012, he founded Cyber Defense Magazine, which has grown to a market leader on 

sharing information on all things cybersecurity and continuing to grow, every day. Other 

CDMG platforms he’s launched include CyberDefenseTV, CyberDefenseRadio, 

CyberDefenseAwards, CyberDefenseProfessionals, CyberDefenseWebinars, with 

additional platforms launching in 2023 and beyond. 

He is a frequent invited guest on national and international media commenting on 

breaches, cybercrime, internet of things, cloud computing, digital transformation, artificial 

intelligence, privacy, cyber security, and cyber terrorism. He has also been covered in 

Forbes, Fortune and Inc. Magazines. He is also an expert on Cryptocurrencies and 

related fraud as well as most issues pertaining to ICOs, Bitcoins, Blockchain technology 

and Ransomware. His recent bestselling book, rated 5.0 stars, is entitled Cryptoconomy 

– Bitcoins, Blockchains and Badguys, available on Amazon.com. He’s frequently writing 

articles published throughout the mainstream media and he also likes to write thought 

provoking articles at LinkedIn as a Top 1% of all INFOSEC LinkedIn profiles and a Top 

3% Globally on LinkedIn. 


What Is the Definition of a Black Unicorn? 

In the venture capital industry, a unicorn refers to any tech startup company that reaches 

a $1 billion-dollar market value as determined by private or public investment. 

The term was originally coined in 2013 by venture capitalist Aileen Lee, choosing the 

mythical animal to represent the statistical rarity of such successful ventures. Last year, 

CB Insights reported that the odds of becoming a unicorn — a company valued at $1 

billion or more — was less than 1% for companies that had raised venture capital. In 

2018, there were 47 tech companies in the US to reach this unicorn status, according to 

data provided by PitchBook. 

In the cybersecurity industry, Gary S. Miliefsky coined the term black unicorn as a 

cybersecurity company that has the potential to reach a $1 billion-dollar market value as 

determined by private or public investment within 1-3 years or a ‘baby’ black unicorn in 3- 

5 years. 

The black unicorn awards are designed to help showcase companies with this kind of 

potential. Ultimately, the judging in our awards is tough and it’s still up to those notable 

mentions, finalists and the winners to execute a flawless business model to reach this 

potential. It takes innovation, dedication, passion – the right team and the right cyber 

security solution, harmoniously executed to become a unicorn. 

Our mission is to uncover future Black Unicorns and based upon the hard work of our 

judges and the entrants in our awards program, we think we’ve found them. 








The Black Unicorns for 2022 

These winners and finalists competed against many of the industry’s leading providers of 

cybersecurity products and services for this prestigious award. The term “Black Unicorn” 

signifies a cybersecurity company that has the potential to reach a $1 billion dollar market 

value as determined by private or public investment (Source: 

https://en.wikipedia.org/wiki/Unicorn_(finance)) and these awards showcase those 

companies with this kind of incredible potential in the cybersecurity marketplace. 

“We’re pleased to name these winners and finalists among a small, elite group of 

cybersecurity industry leaders in our annual Black Unicorn awards,” said Judges Robert 

R. Ackerman Jr. of www.allegiscyber.com, Dino Boukouris of www.momentumcyber.com 

and Gary Miliefsky of www.cyberdefensemediagroup.com. 

Coalfire 

Cyderes 

Dragos 

Human Security 

iboss 

Orca Security 

Pentera 

Perimeter81 

SecurityScorecard 

Talon Cyber Security 

https://www.coalfire.com/ 

https://www.cyderes.com/ 

https://www.dragos.com/ 

https://www.humansecurity.com/ 

https://www.iboss.com/ 

https://orca.security/ 

https://pentera.io/ 

https://www.perimeter81.com/ 

https://securityscorecard.com/ 

https://talon-sec.com/ 


About The Black Unicorn Winners for 2022 

Coalfire 

The world’s leading organizations 

– the top-five cloud service 

providers, eight of the top-ten 

SaaS businesses, and three of the top-five in financial services, healthcare, and e- 

commerce – rely on Coalfire to strengthen their security postures and secure their digital 

transformations. As the largest global firm dedicated to cybersecurity, Coalfire delivers a 

full lifecycle of solutions through professional services, technology platforms, and 

managed services to help organizations solve their toughest cyber challenges. With more 

than 20 years of proven cybersecurity leadership, Coalfire combines extensive cloud 

expertise, advanced technology, and innovative approaches that fuel success. For more 

information, visit www.coalfire.com. 

Cyderes 

As the #1 MSSP in the world (Cyber Defense 

Magazine's 2021 Top MSSPs List), Cyderes 

is a global cybersecurity powerhouse 

offering comprehensive solutions in 

managed security, identity and access 

management, and professional services for the modern enterprise. Cyderes provides the 

people, processes, and technology to manage risk, and detect and respond to any threats 

– in ways that are better, faster, more cost-effective, and more scalable than traditional 

in-house solutions. Cyderes has six security operations centers across the United States, 

Canada, the United Kingdom, and India. For more information, visit www.cyderes.com. 


Dragos 

Dragos has a global mission: to safeguard 

civilization from those trying to disrupt the 

industrial infrastructure we depend on every 

day. The practitioners who founded Dragos 

were drawn to this mission through decades of government and private sector 

experience. 

Dragos codifies the knowledge of our cybersecurity experts into an integrated software 

platform that provides customers critical visibility into ICS and OT networks so that threats 

are identified and can be addressed before they become significant events. Our solutions 

protect organizations across a range of industries, including power and water utilities, 

energy, and manufacturing, and are optimized for emerging applications like the Industrial 

Internet of Things (IIOT). 

Dragos is privately held and headquartered in the Baltimore-Washington, DC area with 

regional presence around the world, including Canada, Australia, New Zealand, Europe, 

and the Middle East. 

HUMAN Security 

HUMAN is a cybersecurity company 

that safeguards 500+ customers from 

sophisticated bot attacks, fraud and 

account abuse. We leverage modern 

defense—internet visibility, network effect, and disruptions—to enable our customers to 

increase ROI and trust while decreasing end-user friction, data contamination, and 

cybersecurity exposure. Today we verify the humanity of more than 15 trillion interactions 

per week across advertising, marketing, ecommerce and enterprise security, putting us 

in a position to win against cybercriminals. Protect your digital business with HUMAN. To 

Know Who’s Real, visit www.humansecurity.com. 


iboss 

iboss is a Zero Trust cloud security 

company that enables the modern 

workforce to connect securely and 

directly to all applications from wherever 

they work. Built on a containerized cloud architecture, iboss delivers security capabilities 

such as SWG, malware defense, RBI, CASB and data loss prevention to all connections 

via the cloud, instantaneously and at scale. This eliminates the need for traditional 

network security appliances, such as VPNs, firewalls and web gateway proxies, which 

are ineffective at protecting a cloud-first and mobile world. Leveraging a purpose-built 

cloud architecture backed by 230+ issued and pending patents and more than 100 points 

of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion 

threats per day. More than 4,000 global enterprises trust the iboss Cloud Platform to 

support their modern workforces, including a large number of Fortune 50 companies. To 

learn more, visit https://www.iboss.com/. 

Orca Security 

Orca Security is the pioneer of 

agentless cloud security that is trusted 

by hundreds of enterprises globally. 

Orca makes cloud security possible for 

enterprises moving to and scaling in 

the cloud with its patented 

SideScanning technology and Unified 

Data Model. The Orca Cloud Security 

Platform delivers the world's most comprehensive coverage and visibility of all risks 

across the cloud. With continuous first-to-market innovations and expertise, the Orca 

Platform ensures security teams quickly identify and remediate risks to keep their 

businesses secure. Learn more at https://orca.security/. 


Pentera Security 

Pentera is the leader in Automated 

Security Validation. Our platform 

enables CISOs to close gaps in their 

security by challenging existing 

security controls across the entire 

cybersecurity kill-chain. Emulating the real-world techniques of hackers, Pentera’s 

platform identifies the true risks to organizational security and provides an actionable 

roadmap to reduce exposure. 

Learn more about us at https://pentera.io/ and to schedule a demo please visit 

https://pentera.io/contact-us/ anytime. 

Perimeter 81 

Perimeter 81 allows companies of all sizes 

to break free from outdated network 

architectures and legacy security tools to 

easily manage their network security from a 

single, seamless service, delivered from the 

cloud. Perimeter 81’s converged security 

solution includes Zero Trust Network 

Access (ZTNA), Firewall as a Service (FWaaS), and Secure Web Gateway (SWG). The 

company is helping thousands of businesses, of all industries and sizes, achieve holistic 

network security more easily and cost-effectively. 

To learn more about Perimeter 81 please visit: https://www.perimeter81.com/ or contact 

us here: https://www.perimeter81.com/contact. 


SecurityScorecard 

Funded by world-class investors 

including Evolution Equity Partners, 

Silver Lake Waterman, Sequoia 

Capital, GV, Riverwood Capital, and 

others,SecurityScorecard is the global 

leader in cybersecurity ratings with more than 12 million companies continuously rated. 

Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam 

Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 

organizations for enterprise risk management, third-party risk management, board 

reporting, due diligence, cyber insurance underwriting, and regulatory oversight. 

SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and 

incident response services, providing a 360-degree approach to security prevention and 

response for its worldwide customer and partner base. SecurityScorecard continues to 

make the world a safer place by transforming the way companies understand, improve 

and communicate cybersecurity risk to their boards, employees and vendors. Every 

organization has the universal right to their trusted and transparent Instant 

SecurityScorecard rating. For more information, visit https://securityscorecard.com/ or 

connect with us on LinkedIn. 

Talon Cyber Security 

Talon Cyber Security is modernizing security 

programs and improving user experiences for 

hybrid work by delivering the first secure 

enterprise browser. Built on Chromium, the 

TalonWork browser provides customers with 

the consistent user experiences, deep security 

visibility, and control over SaaS and web 

applications needed to simplify security for the 

future of work. Talon was named the Most 

Innovative Startup of 2022 at the prestigious 

RSA Conference Innovation Sandbox Contest. 

For more information, visit Talon at https://talon-sec.com/, or connect on LinkedIn, Twitter 

and Facebook. 


Airgap Networks 

Beijing ThreatBook 

Cervello Ltd. 

Code42 

Oxeye 

Cyble 

Cyera 

Dazz, Inc. 

Grip Security 

Konica Minolta 

Noname Security 

PlainID 

https://airgap.io/ 

https://www.threatbook.cn/ 

https://cervello.security/ 

https://www.code42.com/ 

https://www.oxeye.io/ 

https://cyble.com/ 

https://www.cyera.io/ 

https://dazz.ltd/ 

https://www.grip.security/ 

https://www.konicaminolta.us/ 

https://nonamesecurity.com/ 

https://www.plainid.com/ 


ReversingLabs 

SCADAfense 

Semperis 

Sepio 

Shift5, Inc. 

XM Cyber 

Zentera Systems, Inc. 

https://www.reversinglabs.com/ 

https://www.scadafence.com/ 

https://www.semperis.com/ 

https://sepiocyber.com/ 

https://www.shift5.io/ 

https://www.xmcyber.com/ 

https://www.zentera.net/ 


About The Black Unicorn Finalists for 2022 

Airgap Networks 

Airgap provides an agentless Anti- 

Ransomware platform to stop the 

spread of malware in the enterprise 

network. Our industry’s first 

Ransomware Kill Switch locks down 

your most critical network assets at the 

first indication of compromise with 

complete control and policy enforcement over the device-to-device and device-toapplication 

communication https://airgap.io. 

Beijing ThreatBook Technology Co., Ltd. 

ThreatBook, founded in 2015, is an 

innovative cybersecurity provider in 

the digital era, continually delivering 

precise, efficient and intelligent 

solutions of cyberthreat detection and 

response. ThreatBook takes the 

pioneering role in the development of cyberthreat intelligence in China, providing 

comprehensive protection on cloud, traffic and endpoints. ThreatBook aims to arm its 

customers with a lifelong threat monitoring system and security response capabilities. 

Learn more about us at www.threatbook.cn and email contactus@threatbook.cn anytime. 


Cervello Ltd. 

Cervello accelerates the rail digital 

transformation by securing the 

industry’s infrastructure and 

operations from cyber threats. 

Cervello gives you the confidence to 

see, secure, and manage all of the 

assets connected to your critical network, combining IT, OT, IoT and physical systems, 

and turn the associated data into a powerful resource. It means the end of any 

compromise between security, safety and usability – put simply, it allows you to operate 

with confidence. 

The world’s leading rail operators and infrastructure managers trust Cervello to minimize 

threats and prevent cybersecurity incidents, thereby increasing their safety, reliability, 

business continuity and service availability. Learn more at cervello.security. 

Code42 

Code42 is the Insider Risk 

Management leader. Native to the 

cloud, the Code42 Incydr solution 

rapidly detects data loss, leak and 

theft as well as speeds incident 

response – all without lengthy deployments, complex policy management or blocking 

employee productivity. With Code42, security professionals can protect corporate data 

and reduce insider threats while fostering an open and collaborative culture for 

employees. Backed by security best practices and control requirements, Code42’s Insider 

Risk solution is FedRAMP authorized and can be configured for GDPR, HIPAA, PCI and 

other regulatory frameworks. More than 50,000 organizations worldwide, including the 

most recognized brands in business and education, rely on Code42 to safeguard their 

ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and 

is backed by Accel Partners, JMI Equity, NewView Capital and Split Rock Partners. 

Code42 was recognized by Inc. magazine as one of America’s best workplaces in 2020. 

Learn more about us at www.code42.com or email information@code42.com. 


Oxeye 

Oxeye provides a cloud-native 

application security solution 

designed specifically for modern 

container and Kubernetes-based 

architectures. The company 

enables customers to quickly 

identify and resolve all application-layer risks as an integral part of the software 

development lifecycle by offering a seamless, comprehensive, and effective solution that 

ensures touchless assessment, focus on the exploitable risks, and actionable remediation 

guidance. Built for Dev and AppSec teams, Oxeye helps to shift security to the left while 

accelerating development cycles, reducing friction, and eliminating risks. 

Learn more about Oxeye at www.oxeye.io, schedule a product demonstration at 

www.oxeye.io/get-a-demo. Connect directly with Oxeye at info@oxeye.io. 

Cyble 

Cyble is a global threat intelligence SaaS provider that 

helps enterprises protect themselves from 

cybercrimes and exposure on the Surface web, 

Deepweb, and Darkweb. Its prime focus is to provide 

organizations with real-time visibility into their digital 

risk footprint. Backed by Blackbird Ventures, Xoogler, 

and Y Combinator as part of the 2021 winter cohort, 

Cyble has also been recognized by Forbes as one of 

the top 20 Best Cybersecurity Start-ups, along with 

several other industry recognitions. Headquartered in Georgia, United States, and with 

offices in Dubai, Australia, Singapore, and India, Cyble has a global presence. 

To learn more about Cyble, visit https://cyble.com/ or email contact@cyble.com. 


Cyera 

Cyera is the cloud data security company 

that gives businesses context and control 

over their cloud data. Our mission is to 

empower security teams to enable 

innovation, securely. As the industry’s most 

advanced cloud data protection platform, Cyera instantly provides companies a strong 

baseline for all security, risk management, and compliance efforts and ensures the entire 

organization operates with the same policies and guardrails. Backed by leading investors 

including Sequoia, Accel, and Cyberstarts, Cyera is defining the way companies do cloud 

data security. To learn more, visit www.cyera.io. 

Dazz 

The Dazz Remediation Cloud maps your codeto-production 

pipelines; performs smart root 

cause analysis and prioritizes risk; identifies 

code owners; and streamlines remediation 

right in the developer’s workflow. With Dazz, 

you gain full pipeline visibility, cut through alert noise, and shrink your risk window by 

reducing time to remediate. 

Learn more about us at dazz.io and email us at contact@dazz.io. 

Grip Security 

everywhere, and on-demand. 

Grip’s mission is to empower every customer to 

protect people and SaaS technology. Grip’s 

SaaS Security Control Plane is the linchpin in 

modern security architecture for safeguarding 

the SaaS attack surface—anywhere, 

Learn more about Grip by visiting our website at https://www.grip.security/ or send us an 

email at sales@grip.security. 


Konica Minolta Business Solutions U.S.A., 

All Covered, a division of Konica 

Minolta Business Solutions, 

U.S.A., Inc., is a leading 

nationwide IT Services company 

that helps businesses achieve 

their goals through better management of information and more effective collaboration. 

Our commitment to innovation in providing industry-leading solutions has been repeatedly 

recognized by some of the IT industry’s most respected publications and organizations, 

including CRN’s SP 500 and Channel Future’s MSP 501. We have also been 

acknowledged for our expertise across vertical markets such as education, finance, 

healthcare and legal. Our IT engineers are well versed in the nuances and regulations of 

each market segment. From network design to helpdesk support, IT security, cloud 

services and managed IT, All Covered customizes solutions to its clients’ business and 

application needs. Visit us online and follow All Covered on Facebook, YouTube, LinkedIn 

and Twitter. 

Noname Security 

Noname Security is the only company 

taking a complete, proactive approach to 

API Security. Noname works with 20% of 

the Fortune 500 and covers the entire API 

security scope across three pillars — 

Posture Management, Runtime Security, 

and API Security Testing.Noname Security 

is backed by leading venture capital firms, including Lightspeed, Georgian, The Syndicate 

Group (TSG), Forgepoint, Next47, Insight Partners, and Cyberstarts, and has raised 

$220M, achieving "unicorn" status only one year out of stealth.Noname Security is 

privately held, remote-first with headquarters in Silicon Valley, and offices in Tel Aviv and 

Amsterdam. 

Learn more about us at https://nonamesecurity.com/ and email 

info@nonamesecurity.com anytime. 


PlainID 

PlainID Inc., The Authorization 

Company, is the recognized leader in 

Authorization as a Service powered by 

Policy Based Access Control (PBAC). 

PlainID's simple, straightforward solution 

to authorization management enables organizations to create, manage, and enforce 

authorization policies across an enterprise. By securely connecting identities to digital 

assets via PlainID Authorizers, firms can meet the digital demands of user journeys, 

enable zero trust architectures and provide data security. The PlainID Authorization 

Platform enables rapid business growth by connecting new and legacy technologies with 

the latest and most advanced authorization features. To learn more about PlainID Inc. 

please visit: https://www.plainid.com/. 

ReversingLabs 

ReversingLabs empowers 

modern software development, 

IT and security operations teams 

with a unified platform to protect 

against software supply chain 

attacks. The ReversingLabs Titanium Platform integrates seamlessly at scale, analyzing 

software libraries, compiled binaries and release packages for vulnerabilities, malicious 

behaviors and tampering, enabling development to release confidently, IT to procure 

safely, and the SOC to effectively isolate and respond when breaches occur. 

Learn more about us at https://www.reversinglabs.com. 


ScaDafense 

SCADAfence is the global technology 

leader in OT & IoT cyber security. The 

SCADAfence platform enables 

organizations with complex OT networks to 

embrace the benefits of industrial IoT by 

reducing cyber risks and mitigating operational threats. The non-intrusive platform 

provides full coverage of large-scale networks, offering best-in-class detection accuracy, 

asset discovery and governance with minimal false-positives. SCADAfence delivers 

proactive security and visibility to many of the world's most complex OT networks, 

including the largest manufacturing facility in Europe and the largest automotive 

manufacturer in the world. SCADAfence enables organizations in manufacturing, building 

management and critical infrastructure industries to operate securely, reliably and 

efficiently. To learn more, visit our website, check out our blog, or follow us on LinkedIn. 

Semperis 

For security teams charged with defending hybrid and 

multi-cloud environments, Semperis ensures the integrity 

and availability of critical enterprise directory services at 

every step in the cyber kill chain and cuts recovery time 

by 90%. Purpose-built for securing hybrid Active 

Directory environments, Semperis’ patented technology 

protects over 50 million identities from cyberattacks, data 

breaches, and operational errors. The world’s leading organizations trust Semperis to 

spot directory vulnerabilities, intercept cyberattacks in progress,and quickly recover from 

ransomware and other data integrity emergencies. Semperis is headquartered in 

Hoboken, New Jersey, and operates internationally, with its research and development 

team distributed throughout the United States, Canada, and Israel. 

Semperis hosts the award-winning Hybrid Identity Protection conference 

(www.hipconf.com). The company has received the highest level of industry accolades 

and was recently ranked #157 in the 2021 Inc. 5000 list, the most prestigious ranking of 

the nation’s fastest-growing private companies. Semperis is accredited by Microsoft and 

recognized by Gartner. 

To learn more about Semperis and to get in touch with the team, visit 

https://www.semperis.com/contact-us-2/. 


Sepio 

At any given time, an organization is 

blind to 40%+ of connected devices, 

creating an ever growing attack 

surface and uncontrolled risk. Most 

visibility solutions scan traffic -causing 

additional privacy and compliance issues. Every device holds a RISK factor just by being 

there - even not generating traffic - IT’S STILL THERE. 

Sepio is the first hardware risk management platform, focusing on device 

EXISTENCE - not device ACTIVITY - seeing ALL devices as potential risks, needing to 

be verified and trusted. 

Sepio collects information with no changes to the way the network is built, no “spanning” 

traffic, no activity-based detection, no protocol dependency and no privacy or 

compliance issues. Sepio provides a holistic view of all IT, IOT or OT devices, showing 

all potential risks. Since Sepio sees a fraction of the data volume, it enables massive 

scale, saving resources and time, with a guaranteed 24-hour deployment.” Learn more 

about us at https://sepiocyber.com. 

Shift5 

Shift5 is the OT cybersecurity 

company that protects the 

world’s transportation 

infrastructure and weapons 

systems from cyberattacks. Created by founding members of the U.S. Army Cyber 

Command who pioneered modern weapons system cyber assessments, Shift5 defends 

military platforms and commercial transportation systems against malicious actors and 

operational failures. Customers rely on Shift5 to detect threats and maintain the resilience 

of a wide variety of operational technology systems, including aviation, rail and metro, 

defense, helicopters, and other heavy fleet machinery. For more information, visit 

https://www.shift5.io/. 


XM Cyber 

XM Cyber is a leading hybrid 

cloud security company that is 

changing the way innovative 

organizations approach cyber 

risk. Its attack path management 

platform continuously uncovers 

hidden attack paths to businesses’ critical assets across cloud and on-prem 

environments, enabling security teams to cut them off at key junctures and eradicate risk 

with a fraction of the effort. Many of the world’s largest, most complex organizations 

choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber 

intelligence community, XM Cyber has offices in North America, Europe, and Israel. For 

more information, you can visit www.xmcyber.com. 

Zentera Systems, Inc. 

Zentera Systems, the leader in Zero 

Trust Security solutions for the digitallytransformed 

enterprise, offers awardwinning 

Zero Trust networking, security, 

and access that overlays any fragmented infrastructure and cloud to deploy in less than 

a day. Available on-premises or as SaaS, global enterprises use Zentera’s products to 

secure employee and third-party access, protect against data leaks, and instantly secure 

hybrid applications and data in IT, OT and cloud environments. The Silicon Valley-based 

company has received numerous recognitions, including Cool Vendor for Cloud Security 

by Gartner. 

Visit us at https://zentera.net/ to learn more, or contact us via email at sales@zentera.net 

for a demo or trial. 


The Baby Black Unicorns for 2022 

These winners and finalists competed against many of the industry’s leading providers of 

cybersecurity products and services for this prestigious award. The term “Black Unicorn” 

signifies a cybersecurity company that has the potential to reach a $1 billion dollar market 

value as determined by private or public investment (Source: 

https://en.wikipedia.org/wiki/Unicorn_(finance)) and these awards showcase those 

companies with this kind of incredible potential in the cybersecurity marketplace. 

“We’re pleased to name these winners and finalists among a small, elite group of 

cybersecurity industry leaders in our annual Black Unicorn awards,” said Judges Robert 

R. Ackerman Jr. of www.allegiscyber.com, Dino Boukouris of www.momentumcyber.com 

and Gary Miliefsky of www.cyberdefensemediagroup.com. 

CONCEAL 

CyberGRX 

Cyberpion 

Cybersixgill 

CYFIRMA 

DNSFilter Inc. 

Eclypsium, Inc. 

ENVEIL 

Fortanix 

Strider Technologies, Inc. 

https://conceal.io/ 

https://www.cybergrx.com/ 

https://www.cyberpion.com/ 

https://www.cybersixgill.com/ 

https://www.cyfirma.com/ 

https://www.dnsfilter.com/ 

https://eclypsium.com/ 

https://www.enveil.com/ 

https://www.fortanix.com/ 

https://www.striderintel.com/ 


About The Baby Black Unicorn Winners for 2022 

Conceal 

Conceal enables organizations to 

protect users from malware and 

ransomware at the edge. The 

Conceal Platform uses Zero Trust 

isolation technology to defend 

against sophisticated cyber threats. Conceal is used by Fortune 500 and government 

organizations globally to ensure their users and IT operations remain secure, anonymous 

and isolated from attacks. For more information, visit https://conceal.io/. 

CyberGRX 

CyberGRX standardizes third-party 

cyber risk management, making it 

possible to achieve insights, prioritize 

risks and make smarter decisions 

across your entire vendor ecosystem. 

Driven by sophisticated data analytics and automation, real-world attack scenarios, and 

real-time threat intelligence, CyberGRX provides customers comprehensive and ongoing 

analysis of their vendor portfolio. Organizations can now effectively manage their cyber 

risk reputation by proactively utilizing the CyberGRX Exchange to complete and share a 

single assessment with multiple upstream partners. For more information: 

www.cybergrx.com. 


Cyberpion 

Cyberpion solves the rising cybersecurity 

challenge of understanding the risks and 

vulnerabilities of your connected online 

assets that form an external attack 

surface. Knowing how your organization 

is vulnerable, where those threats come from, and what infrastructures are at risk, is 

critical to preventing an attack and strengthens your security posture. Cyberpion makes 

organizations aware of these vulnerabilities and helps mitigate them by continuously 

discovering, inventorizing, monitoring and assessing the threat vectors present 

throughout online ecosystems that exist outside the traditional security perimeter. With 

an R&D team based in Israel, the company is funded by leading cybersecurity venture 

capitalists. To learn more, visit www.cyberpion.com or email us at info@cyberpion.com. 

Cybersixgill 

Cybersixgill has proven to have the 

broadest threat intelligence collection 

capabilities available, covertly 

extracting data from a wide range of 

sources including content from limitedaccess 

deep and dark web forums and markets, invite-only messaging groups, code 

repositories, paste sites and clear web platforms. We enrich this data with context to 

provide security teams with comprehensive insight into the nature and source of each 

threat. To learn more, visit www.cybersixgill.com 

CYFIRMA 

By combining cyber-intelligence with attack 

surface discovery and digital risk protection, 

CYFIRMA delivers predictive, personalized, 

contextual, outside-in and multi-layered insights 

to help clients prepare against upcoming attacks. Learn more at www.cyfirma.com. 


DNSFilter 

DNSFilter provides enterprise-grade 

protection and content filtering for your users. 

Protect your organization from costly 

cyberattacks. Our global any cast network 

means we scale for even the largest global businesses. You can visit www.dnsfilter.com 

for more info. 

Eclypsium, Inc. 

Eclypsium’s cloud-based platform provides digital supply chain 

security for critical hardware, firmware and software. Eclypsium 

defends enterprises and government agencies from the deep 

implants and exploits that have become the vector of choice for 

modern adversaries. Learn more https://eclypsium.com/. 

Enveil 

ENVEIL is a pioneering Privacy Enhancing 

Technology company protecting Data in 

Use. Enveil’s business-enabling and 

privacy-preserving capabilities change the 

paradigm of how and where organizations 

can leverage data to unlock value. Defining the transformative category of Privacy 

Enhancing Technologies (PETs), Enveil’s award-winning ZeroReveal® solutions for 

secure data usage, sharing, and collaboration protect data while it's being used or 

processed. Customers can extract insights, cross-match, search, and analyze data 

assets at scale without ever revealing the content of the search itself, compromising the 

security or ownership of the underlying data, or exposing their interests and intent. A 

World Economic Forum Technology Pioneer founded by U.S. Intelligence Community 

alumni, Enveil is deployed and operational today, revolutionizing data usage in the global 

marketplace. Learn more at www.enveil.com. 


Fortanix 

Fortanix Data Security Manager 

(DSM) SaaS provides integrated 

data security with encryption, 

multicloud key management, 

tokenization, and other capabilities 

from one platform, delivered-as-a-service. For every user. Any cloud. Anywhere in the 

world. Visit www.fortanix.com for more info. 

Strider Technologies, Inc. 

Strider is revolutionizing the way 

companies, government agencies, 

and research institutions protect 

their innovation and compete in a 

new era of global strategic 

competition. Our trailblazing technology and intelligence solutions enable clients to 

proactively identify, manage, and respond to nation-state-directed IP theft and supply 

chain vulnerabilities. Strider has operations in Salt Lake City, UT, Washington, D.C, and 

London, U.K. Learn more by visiting us online at www.striderintel.com. 


Anitian 

CardinalOps 

Clarabot Zrt. 

Concentric.ai 

Defendify 

DoControl 

Phosphorus Cybersecurity® 

Stellar Cyber 

StrikeReady Inc. 

Suridata 

Syxsense 

https://www.anitian.com/ 

https://www.cardinalops.com/ 

https://www.clarabot.com/ 

https://www.concentric.ai/ 

https://defendify.com/ 

https://www.docontrol.io/ 

https://www.phosphorus.io/ 

https://stellarcyber.ai/ 

https://www.strikeready.co/ 

https://www.suridata.ai/ 

https://www.syxsense.com/ 


About The Baby Black Unicorn Finalists for 2022 

Anitian 

Anitian makes your cloud 

applications secure and compliant 

so you can enter new markets and 

unlock revenue in weeks, not months or years. Our SecureCloud platforms for 

Compliance Automation and Enterprise Cloud Security unify DevOps and security to 

deliver the fastest path to security and compliance in the cloud. Anitian’s pre-engineered 

and automated cloud application infrastructure platforms deploy in a single day to 

empower enterprises to go from application to cloud to production 80% faster and at 50% 

of the cost. Find out more at www.anitian.com or follow them on LinkedIn or Twitter. 

CardinalOps 

Most security vendors pitch you on replacing your 

stack or adding new monitoring tools to it. 

CardinalOps has a more practical and pragmatic 

approach. The CardinalOps SaaS platform uses 

AI and automation to maximize MITRE ATT&CK 

coverage for your existing security stack and 

eliminate hidden detection gaps you may not even 

know you have. Setup takes less than an hour because there are no agents to deploy 

and it easily connects via the native APIs of your SIEM/EDR/XDR. What's more, it has 

the added advantage of boosting your detection engineering team's productivity 10x 

compared to manual processes. Learn more at www.cardinalops.com. 


Clarabot Zrt. 

Lightning fast, end-to-end encrypted 

unlimited file-sharing where privacy 

control is in your hands! Easy access, 

modern appearance, transparency, privacy by design. Clarabot Nano is the secure file 

sharing tool to improve content search, data access and collaboration between multiple 

parties. Clarabot Nano is equipped with a unique feature-set made possible by it’s hybrid 

delegated server design. Closing call: register for free or find out more at 

www.clarabot.com. For help or other questions, please contact us at info@clarabot.com 

or support@clarabot.com. 

Concentric.ai 

Concentric was born out of a 

powerful insight: Enterprises have a 

data security problem. And the 

security tools they’re using can’t fix it. 

We’re a team of AI experts, data 

scientists, software builders, and security junkies dedicated to solving the most pressing 

data security problems. Status quo approaches aren’t our thing – we live to serve our 

customers, solve their toughest issues with the latest technologies, and we won’t rest until 

the last contract, design doc, trading data, strategy and M&A terms sheet is safe and 

secure. For more information, see www.concentric.ai. 

Defendify 

Defendify is pioneering 

cybersecurity for scaling 

organizations. Delivering multiple 

layers of protection, Defendify provides cybersecurity expertise and support through an 

all-in-one platform designed to continuously strengthen cybersecurity across people, 

process, and technology. Defendify streamlines cybersecurity assessments, testing, 

policies, training, detection, and response in one consolidated and cost-effective 

cybersecurity solution. Take the next step towards robust cybersecurity at defendify.com. 


DoControl 

Founded in 2020 and headquartered in 

New York, DoControl is an automated data 

access controls platform for SaaS 

applications, 

improving security and operational 

efficiency with ease for enterprises. DoControl is backed by investors Insight Partners, 

StageOne Ventures, Cardumen Capital, RTP Global and global cybersecurity leader 

CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. The company's 

leadership team combines product, engineering and sales experience across 

cybersecurity, enterprise and SaaS innovators. For more information, please visit 

www.docontrol.io and follow us on Twitter and LinkedIn. 

Phosphorus Cybersecurity® 

Phosphorus Cybersecurity® is the 

leading xTended Security of Things 

platform designed to secure the 

rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our 

Extended Enterprise xIoT Security Platform delivers Attack Surface Management, 

Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to 

every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery 

and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, 

and Network device vulnerabilities—including unknown and inaccurate asset inventory, 

out-of-date firmware, default credentials, risky configurations, and out-of-date certificates. 

Follow Phosphorus on LinkedIn, Twitter, and YouTube, and learn more at 

https://phosphorus.io/. 


Stellar Cyber 

The Stellar Cyber Open XDR 

platform delivers comprehensive, 

unified security without 

complexity, empowering lean 

security teams of any skill to successfully secure their environments. With Stellar Cyber, 

organizations reduce risk with early and precise identification and remediation of threats 

while slashing costs, retaining investments in existing tools, and improving analyst 

productivity, delivering a 20x improvement in MTTD and an 8x improvement in MTTR. 

The company is based in Silicon Valley. For more information, visit stellarcyber.ai. 

StrikeReady Inc. 

StrikeReady Inc. is a cybersecurity startup 

based out of California. The company was 

founded in 2019 and offers the industry's first 

cloud-based security operations and 

management platform that enables 

organizations to increase the effectiveness, 

efficiency, and affordability of their security 

operations, while empowering and augmenting cybersecurity teams with institutional 

knowledge and automation. Visit www.strikeready.co to learn more. 

Suridata 

Suridata offers the industry’s most 

powerful SSPM platform, securing 

dozens of today’s most common 

SaaS applications. Suridata’s 

intelligent profiling engine flags critical issues by monitoring configurations, third-party 

applications, and access risks. Our sophisticated workflow engine then ensures the most 

critical security gaps are mitigated first. Our mission is to ensure SaaS applications are 

secured. Learn more at www.suridata.ai. 


Syxsense 

Syxsense is a leading provider of 

innovative, intuitive endpoint security 

and management technology that 

combines the power of artificial 

intelligence with industry expertise to help customers predict and remove security threats 

across all devices including mobile. Syxsense is the first Unified Security and Endpoint 

Management platform that centralizes the three key elements of endpoint security 

management (vulnerabilities, patch and compliance) and layers on a powerful workflow 

automation tool called Syxsense Cortex, all through a single cloud-based platform, 

enabling greater efficiency and collaboration between teams. The always-on technology 

performs in real-time so businesses can operate free of disruption from security breaches 

that cripple productivity and expose them to financial risk and reputational harm. For more 

information, visit www.syxsense.com. 


The Top InfoSec Innovators for 2022 

These companies competed against many of the industry’s leading providers of 

cybersecurity products and services for this prestigious award. Judges look at thousands 

of infosec companies searching for the most innovative, with great potential in stopping 

breaches and these awards showcase those companies with this kind of incredible 

potential in the cybersecurity marketplace. 

“We’re pleased to name these companies as winners among a small, elite group of 

cybersecurity innovators for 2022,”said Gary Miliefsky of 

www.cyberdefensemediagroup.com. 

Here are the winners in alphabetical order by the name of their company: 

AccSenSe 

Armis 

Bionic 

CionSystems 

Clarabot Zrt 

CYE 

Cymulate 

Cyral 

Cythereal 

https://www.accsense.com 

https://www.armis.com 

https://bionic.ai 

https://cionsystems.com 

https://www.clarabot.com 

https://cyesec.com 

https://cymulate.com 

https://cyral.com 

https://www.cythereal.com 


DataDome 

Dispersive Holdings, Inc 

Grip Security 

Hornetsecurity 

i2chain 

ImmuniWeb 

Insider Threat Defense Group 

Legit Security 

Lucidum 

OptimEyes 

Phylum 

Polar Security 

Reflectiz 

Sasa Software 

Sepio 

SlashNext 

Spin Technology 

StrikeReady 

TalaTek 

ThreatLocker 

Trend Micro 

TXOne Networks Inc. 

Xcitium 

https://datadome.co 

https://dispersive.io 

https://www.grip.security 

https://www.hornetsecurity.com/en 

https://www.i2chain.com 

https://www.immuniweb.com 

https://www.insiderthreatdefense.us 

https://www.legitsecurity.com 

https://lucidum.io 

https://optimeyes.ai 

https://phylum.io 

https://www.polar.security/platform 

https://www.reflectiz.com 

https://www.sasa-software.com 

https://sepiocyber.com 

https://www.slashnext.com 

https://spin.ai 

https://www.strikeready.co 

https://talatek.com 

https://threatlocker.com 

https://trendmicro.com/en_ph/business.html 

https://www.txone.com 

https://www.xcitium.com 


The Top Global CISOs 2022 

. 

These CISOs competed against thousands of candidates for this prestigious award. Judges look 

at these candidates, searching for the most innovative, with unparalleled success in 

communicating with their boards and senior level executives, detecting, and stopping breaches 

and data loss, complying with regulations, and building powerful risk reduction programs for their 

organizations. 

Chief Information Security Officers are the first responders of cyberspace and deserve to be 

recognized for their tremendous achievements as they fend off cyber criminals, cyber terrorists, 

malicious insiders, and nation state sponsored attacks. 

For years they have been considered operating cost centers while helping corporations avert 

disasters that could put them out of business. They work tirelessly to allow companies to grow, 

expand, and increase potential profits by managing and mitigating major risks and regulatory 

compliance issues on a day-to-day basis. 

“We’re pleased to name this small, elite group of information security professionals in our Top 

Global CISOs Awards for 2022,” said Gary Miliefsky, Publisher of Cyber Defense Magazine. 

Here are the winners in alphabetical order by the name of their company: 


Sujeet Bambawale 

Stephanie Franklin Thomas 

Matt Devico 

Mark Alvarado 

Chris Gay 

Jorel Van Os 

Thomas Dager 

Raymond Harris 

Edward Maule 

Tim Callahan 

Derek Hardy 

Jason Medeiros 

Craig McEwen 

Robert Schuetter 

Christopher Regan 

Aaron J. Goodwin 

Nick Ryan 

Karine Hӧne 

Dawn-Marie Hutchinson 

Rick Doten 

Alan Berry 

Patrice Bordron 

Fred Bret-Mounet 

Alex Schuchman 

Medha Bhalodkar 

Thanh Thai 

Tammy Clotz 

Diego Souza 

Endre Jarraux Walls 

Chandra McMahon 

7-Eleven 

ABM Industries 

Academy Mortgage Corporation 

Academy Sports + Outdoors 

Acosta 

Acrisure 

ADM 

Adtran 

Advocare, LLC 

Aflac 

AMD 

Amwell 

Anglo American 

Ashland 

AutoNation 

B. Riley Financial 

Baker Tilly Virchow Krause, LLP 

Barloworld Limited 

BAT 

Carolina Complete Health 

Centene 

CHS 

Clarify Health Solutions 

Colgate-Palmolive 

Columbia University 

Constellis Group 

Covanta 

Cummins Inc 

Customers Bank 

CVS Health 


David Ramirez 

Joe Voje 

Will Lazzaro 

Mohammed Darwish Azad 

Josh Knopp 

Bernardo Horta 

Christopher Leigh 

Kwame Fields 

Priya Sirwani 

Brian Minick 

Marc Ashworth 

Hardik Parekh 

Riad Amro 

Jason Benedict 

Jim Motes 

Steven Sim 

Michael Cunningham 

William Curtiss 

Richard Flahaven 

Jeffrey Vinson 

Hassan Asgar 

Marcos Marrero 

Joseph McComb 

Vikrant Arora 

Joanna Burkey 

Janet Heins 

Michael Madl 

Brent Conran 

Dane Warren 

Robert Pace 

Marene Allison 

DRW Holdings 

El Camino Health 

Embrace Pet Insurance 

EmiratesNBD Group 

Enterprise Holdings 

Erste Group Bank AG 

Eversource Energy 

Federal Home Loan Bank of San Francisco 

Fiera Capital 

Fifth Third Bank 

First Bank 

Five9 

FlightSafety International 

Fordham University 

GameStop 

Global PSA 

Graphic Packaging International 

Hanesbrands Inc. 

Harley-Davidson Motor Company 

Harris Health 

Hinge Health 

HIG Capital 

Holland & Hart LLP 

Hospital for Special Surgery 

HP 

iHeartMedia 

Indiana Wesleyan University 

Intel Corporation 

Intertek 

Invitation Homes 

J&J 


Timothy Rohrbaugh 

Longinus Timochenko 

Jeff Maxon 

Dan Meacham 

Kemal Piskin 

Hadas Cassorla 

Lester Godsey 

Richard Yun 

Matt Long 

Kapil Madaan 

John Opala 

Michael Jacobs 

Bill Hill 

Marcel Lehner 

Christos Syngelakis 

Scot Miller 

Venkatesh Subramaniam 

David Cross 

Raj Bahdwar 

William Bogdan 

Idan Malei 

Chuck Markarian 

Bradley Schaufenbuel 

Greg Bee 

Ravi Mani 

Mimoent Haddouti 

Lauren Heyndrickx 

Daniel Temisanren 

Gary A. Gooden 

Karine Thibault 

Joe Ellis 

JetBlue Airways 

Kabum 

Kansas Information Security Office 

Legendary Entertainment 

LinQuest 

M1 Finance 

Maricopa County 

Masimo Corporation 

MasterCraft Boat Company 

Max Healthcare 

McCormick & Company 

MINDBODY, Inc. 

MITRE 

MM Group 

Motor Oil Hellas 

Mr. Cooper 

Olam International 

Oracle 

Oracle 

Orange County Sheriff's Department 

Ormat 

PACCAR 

Paychex 

Pekin Insurance 

Quest Diagnostics 

RaboBank 

Ralph Lauren Corporation 

Registrar-Recorder/County Clerk, Los Angeles 

Relativity Space 

Roper Technologies, Inc. 

Ryder 


Ishaaq Jacobs 

Garrett Smiley 

Parthiv Shah 

John McClure 

Zachary Lewis 

Ernest Wohnig III 

Rex Wong 

Keith Turpin 

Dwayne Robinson 

Howard Whyte 

Kip James 

Tracey Brand Sanders 

Peter Rosario 

Daniella Traino 

Manas Giri 

Jeffrey Lolley 

Mac Esmilla 

Sasol 

Serco Inc. 

Signature Bank 

Sinclair Broadcast Group, Inc. 

St. Louis College of Pharmacy 

System 1, Inc. 

The Estée Lauder Companies Inc. 

The Friedkin Group 

Trader Joe's 

Truist 

TTEC 

UGI Corporation 

USI Insurance Services 

Wesfarmers 

WestJet Airlines 

Wilson Sonsini Goodrich & Rosati 

World Vision 
















About The Black Unicorn Report 

The Black Unicorn Report is a once-per-year publication of the Cyber Defense Awards and Cyber 

Defense Magazine team, two leading platforms of the Cyber Defense Media Group. This is Cyber 

Defense Magazine’s 10th year of honoring cybersecurity innovators, in this case the Black 

Unicorn Awards for 2022 on our Cyber Defense Awards platform. In this competition, judges for 

these prestigious awards includes cybersecurity industry veterans, trailblazers and market 

makers Gary Miliefsky of CDMG, Robert R. Ackerman Jr. of Allegis Cyber, Dino Boukouris of 

MomentumCyber and with much appreciation to emeritus judges Robert Herjavec of Herjavec 

Group, Dr. Peter Stephenson of CDMG and David DeWalt of NightDragon. 

To see the complete list of finalists and winners for the Black Unicorn Awards for 2022 please 

visit https://cyberdefenseawards.com/black-unicorn-winners-for-2022/ 

All rights reserved worldwide. Copyright © 2022, Cyber Defense Magazine. All rights reserved. 

No part of this newsletter may be used or reproduced by any means, graphic, electronic, or 

mechanical, including photocopying, recording, taping or by any information storage retrieval 

system without the written permission of the publisher except in the case of brief quotations 

embodied in critical articles and reviews. 

Because of the dynamic nature of the Internet, any Web addresses or links contained in this 

newsletter may have changed since publication and may no longer be valid. The views expressed 

in this work are solely those of the author and do not necessarily reflect the views of the publisher, 

and the publisher hereby disclaims any responsibility for them. 

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original 

author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of 

copyrighted material "for purposes such as criticism, comment, news reporting, teaching 

(including multiple copies for classroom use), scholarship, or research, is not an infringement of 

copyright." 


Black Unicorn Report for 2022, Copyright (C) 2022, Cyber Defense Magazine, a division of 

CYBER DEFENSE MEDIA GROUP 276 Fifth Avenue, Suite 704, New York, NY 10001, Toll Free 

(USA): 1-833-844-9468 d/b/a CyberDefenseAwards.com, CyberDefenseMagazine.com, 

CyberDefenseNewswire.com, CyberDefenseProfessionals.com, CyberDefenseRadio.com and 

CyberDefenseTV.com, is a Limited Liability Corporation (LLC) originally incorporated in the United 

States of America. Our Tax ID (EIN) is: 45-4188465, Cyber Defense Magazine® is a registered 

trademark of Cyber Defense Media Group. DUNS# 078358935. All rights reserved worldwide. 

marketing@cyberdefensemagazine.com 

Cyber Defense Magazine 

276 Fifth Avenue, Suite 704, New York, NY 1000 

EIN: 454-18-8465, DUNS# 078358935. 

All rights reserved worldwide. 

marketing@cyberdefensemagazine.com 

www.cyberdefensemagazine.com 

www.cyberdefenseawards.com 

Cyber Defense Magazine – Black Unicorn Report rev. date: 10/27/2022

The Black Unicorn Report for 2022

Create successful ePaper yourself

Delete template?

Save as template?