20.10.2022 Views

The Black Unicorn Report for 2022

Welcome to the Black unicorn report for 2022. In this year's report we cover the top infosec innovators, baby and black unicorns and the top global CISOs. In the venture capital industry, a unicorn refers to any tech startup company that reaches a $1 billion-dollar market value as determined by private or public investment. In the cybersecurity industry, Gary S. Miliefsky coined the term black unicorn as a cybersecurity company that has the potential to reach a $1 billion-dollar market value as determined by private or public investment within 1-3 years or a ‘baby’ black unicorn in 3-5 years. The black unicorn awards are designed to help showcase companies with this kind of potential. Learn about the latest threats and the most innovative defenders in this exclusive report.

Welcome to the Black unicorn report for 2022. In this year's report we cover the top infosec innovators, baby and black unicorns and the top global CISOs. In the venture capital industry, a unicorn refers to any tech startup company that reaches a $1 billion-dollar market value as determined by private or public investment. In the cybersecurity industry, Gary S. Miliefsky coined the term black unicorn as a cybersecurity company that has the potential to reach a $1 billion-dollar market value as determined by private or public investment within 1-3 years or a ‘baby’ black unicorn in 3-5 years. The black unicorn awards are designed to help showcase companies with this kind of potential. Learn about the latest threats and the most innovative defenders in this exclusive report.

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 1


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 2


Table of Contents<br />

<strong>The</strong> Future of Cybersecurity? Just One Word: Automation 4<br />

<strong>The</strong> Cybersecurity Lens: PANCCD 8<br />

Looking At the Cybersecurity Landscape with <strong>The</strong> PANCCD Lens 9<br />

Meet <strong>The</strong> Judges 16<br />

What Is the Definition of a <strong>Black</strong> <strong>Unicorn</strong>? 20<br />

<strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong>s <strong>for</strong> <strong>2022</strong> 27<br />

About <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> Winners <strong>for</strong> <strong>2022</strong> 28<br />

About <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> Finalists <strong>for</strong> <strong>2022</strong> 35<br />

<strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong>s <strong>for</strong> <strong>2022</strong> 44<br />

About <strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong> Winners <strong>for</strong> <strong>2022</strong> 45<br />

About <strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong> Finalists <strong>for</strong> <strong>2022</strong> 50<br />

<strong>The</strong> Top InfoSec Innovators <strong>for</strong> <strong>2022</strong> 55<br />

<strong>The</strong> Top Global CISOs <strong>2022</strong> 57<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 3


<strong>The</strong> Future of Cybersecurity? Just One Word:<br />

Automation<br />

By Dr. Peter Stephenson<br />

If you are not better in<strong>for</strong>med, smarter, better equipped, and faster than the adversary, you can<br />

count on your system being compromised at some point. When I'm asked about the future of<br />

cybersecurity, I generally recount a cautionary tale. As far as I know, this has never actually<br />

happened. But it brings into focus two of the most important concepts in cyber adversary threats:<br />

autonomous bots and blockchain.<br />

Imagine the following scenario: it's late on a Friday evening starting a long weekend. <strong>The</strong>re is a<br />

single engineer in the network operations center and a single engineer in the security operation<br />

center. Everything is quiet until the network engineer notices thousands of accounts logging in<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 4


and removing money using the on-line banking system. At the same time, the security engineer<br />

notices the logins but sees nothing irregular about them except <strong>for</strong> their volume. <strong>The</strong> network<br />

engineer is concerned, and she disconnects the remote banking system from the Internet. At that<br />

point the security engineer notices that the attempts at removing money from accounts continue<br />

from inside the network but because the network is not connected to the Internet the attempts fail.<br />

Neither the network engineer nor the security engineer can explain the sudden removal of money<br />

from so many accounts. Further investigation shows that there were several million dollars<br />

removed from a few thousand accounts in the space of less than five minutes. <strong>The</strong> security<br />

engineer notifies the <strong>for</strong>ensic team, and they began to try to figure out what happened. Unusually<br />

there is absolutely no indication of a breach. However, late on a Friday night is not when one<br />

would expect millions of dollars to be removed legitimately from several thousand accounts at the<br />

same time. <strong>The</strong> engineers and <strong>for</strong>ensic specialists can offer no explanation.<br />

Here's what happened. Over the space of several months an autonomous bot from a hive net<br />

slowly accessed the protected network multiple times. <strong>The</strong> single bot was released, through<br />

phishing, into the network. That bot slowly sent account credentials to port 443 (https) via a<br />

blockchain network where they were saved. Once enough credentials were harvested, the bot<br />

destroyed itself leaving no trace. Because it was connected to port 443, the exfiltration was not<br />

noticed but was considered normal network operation. It set off no alarms in the intrusion detection<br />

system.<br />

<strong>The</strong> intrusion detection system was a next-generation system using machine learning. However,<br />

prior to penetrating the network, the hive net attacked the network multiple times in multiple ways<br />

collecting the intrusion detection system's responses. From those responses, the hive crafted<br />

attacks that would not trigger the intrusion detection system. This type of machine learning black<br />

box attack is called "querying the oracle". From the in<strong>for</strong>mation gained, the first bot was able to<br />

enter the network as part of a phishing campaign. A second set of attacks, triggered inside the<br />

protected network, allowed the bot to query the oracle internally. <strong>The</strong> hive now had all the<br />

in<strong>for</strong>mation it needed to complete the attack.<br />

Having gathered the defense in<strong>for</strong>mation, the hive now could exfiltrate money from accounts<br />

without being detected. On the Friday evening the hive, using its swarm bots, per<strong>for</strong>med a smashand-grab<br />

attack. Spoofing legitimate user accounts, the swarm logged in and transferred money<br />

out via the blockchain network. Each bot destroyed itself after per<strong>for</strong>ming its mission. <strong>The</strong> block<br />

chain network terminated in a bitcoin wallet. Money in the bitcoin wallet immediately was<br />

transferred to several additional bitcoin wallets, obfuscating the trail. <strong>The</strong> money was never<br />

recovered.<br />

This is an example of an attack by autonomous bots. In other words, the bots do not report to a<br />

hive master or a bot master. Unlike current generation attacks, the hive master simply needs to<br />

give the hive its objective and let the hive operate autonomously. <strong>The</strong> bots learn from each other<br />

and the intelligence of the hive grows.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 5


In current generation attacks, the bot master manages a command-and-control server. From there<br />

he directs the bots to attack. Autonomous bots, however, receive their initial programming and<br />

receive initial commands from the hive. <strong>The</strong> hive and the bots are based upon machine learning<br />

or other <strong>for</strong>ms of artificial intelligence and do not require human intervention once they're<br />

programmed, and their objective defined.<br />

So how do we defend against autonomous hives and swarm bots? <strong>The</strong> only answer is that we<br />

must deploy machine learning models that learn from attacks against them - in addition to known<br />

attacks - and develop defenses on the fly. That means we must be smarter, faster, and more alert<br />

than current generation tools are. What does that really mean? It means that in the future humans<br />

will not be fast enough to respond. In fact, <strong>for</strong> certain types of current, distributed attacks humans<br />

are not fast enough to respond. Lest you interpret this as "there is no place <strong>for</strong> humans in cyber<br />

security", let me state clearly that you are about half right.<br />

Humans always will make the hard analytical decisions. To turn over all cyber security to an<br />

algorithm would eviscerate human control and open the way to errors and bias in the machine<br />

learning (ML) code. However, there are certain functions that depend upon rapid response - often<br />

at wire speeds - that preclude human intervention until the event is interdicted and it's time <strong>for</strong><br />

after-action analysis. <strong>The</strong>n, using analytical tools, humans enter the picture and make decisions<br />

that then are added to the training set. In addition, ML systems often add events to their training<br />

set on their own.<br />

Here's the point… cyber security in the future must become a partnership between people and<br />

machines. <strong>The</strong>re are things that the adversary will do with ML that a human can't hope to<br />

recognize and interdict in a timely manner. But there also are things on which the human and the<br />

machine can - and must - collaborate. <strong>The</strong> old saw that computers do only what their human<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 6


programmers are telling them to do. Today - and, certainly, tomorrow - machines will learn to<br />

program machines with little to no human interaction. While it may be true that there is a human<br />

at the start of this chain, it also is true that at some point the human contribution is minimized to<br />

the point of obscurity. That is, potentially, a dangerous time <strong>for</strong> cyber security.<br />

Imagine, <strong>for</strong> example, a hivenet created by an especially talented hacker with malicious intent.<br />

<strong>The</strong> hive wanders through the Internet achieving its mission as assigned by its hacker hive master.<br />

But all the time it's doing the human's bidding, it is learning and training the swarm bots' ML. At<br />

what point - if any - do the swarm bots and the hive thumb their virtual noses at the human and<br />

go their own way? Does this mean that the future of cyber security is an endless battle of the<br />

bots with the bots becoming ever-more sentient? That is a debate <strong>for</strong> cyber philosophers, not<br />

security professionals. But - and this is a big but - what would we do if that became the case?<br />

About the Author<br />

Dr. Peter Stephenson has reactivated himself to<br />

exclusively focus on deep next generation<br />

Infosecurity product analysis <strong>for</strong> Cyber Defense<br />

Magazine after more than 50 years of active<br />

consulting and teaching. His research is in cyberlegal<br />

practice and cyber threat/intelligence analysis<br />

on large-scale computer networks such as the<br />

Internet. Dr. Stephenson was technology editor <strong>for</strong><br />

several years <strong>for</strong> SC Magazine, <strong>for</strong> which he wrote<br />

<strong>for</strong> over 25 years. He is enabled in his research by<br />

an extensive personal research laboratory as well<br />

as a multi-alias presence in the Dark Web. He has<br />

lectured extensively on digital investigation and<br />

security, and has written, edited or contributed to<br />

over 20 books as well as several hundred articles and peer-reviewed papers in major national<br />

and international trade, technical and scientific publications. He spent ten years as a professor<br />

at Norwich University teaching digital <strong>for</strong>ensics, cyber law and in<strong>for</strong>mation security. He<br />

retired from the university as an Associate Professor in 2015. Dr. Stephenson obtained his PhD<br />

at Ox<strong>for</strong>d Brookes University, Ox<strong>for</strong>d, England where his research was in the structured<br />

investigation of digital incidents in complex computing environments. He holds a Master of<br />

Arts degree in diplomacy with a concentration in terrorism from Norwich University in Vermont.<br />

Dr. Stephenson is a full member, ex officio board member and CISO of the Vidocq Society<br />

(http://www.vidocq.org). He is a member of the Albany, NY chapter of InfraGard. He held – but<br />

has retired from – the CCFP, CISM, FICAF and FAAFS designations as well as currently holding<br />

the CISSP (ret) designation.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 7


<strong>The</strong> Cybersecurity Lens: PANCCD<br />

How do you take nearly 4,000 cybersecurity companies across the globe and fit them into<br />

a box? It’s not easy, so one of the judges, Gary Miliefsky, took up the challenge to create<br />

a new model <strong>for</strong> the entire marketplace with the acronym he’s coined “P.A.N.C.C.D.” -<br />

People, Applications, Networking, Computing Devices, Code and Data. <strong>The</strong>se six layers<br />

to the stack, or the pyramid of cybersecurity make it much easier to understand the value<br />

proposition of a cybersecurity vendor and where they fit, although within each box in the<br />

stack there are subcategories and different angles of how the myriad of solutions solve<br />

different problems related to the challenges caused by cyber risk.<br />

First, we must understand that cyber risk relates to threats, vulnerabilities and assets, in<br />

the well-known <strong>for</strong>mula: Risk = Threats x Vulnerabilities x Assets or R = T x V x A<br />

This <strong>for</strong>mula cannot work without adding time to the equation, from the famous <strong>for</strong>mula<br />

created by Winn Schwartau, called Time-based Security: Exposure (time) = Detection<br />

(time) + Response (time) or Pt=Dt + Rt<br />

So cyber risk happens over a period of time – when a threat exploits a vulnerability, how<br />

long does it take us to detect this threat and how long does it take us to respond? <strong>The</strong><br />

closer to zero that Dt+Rt equals, the lower our Exposure (time) or Et. This is why more<br />

vendors are focusing on automation, machine learning and artificial intelligence to combat<br />

the latest cyber threats. Focusing our Cybersecurity Lens on those vendors who have<br />

entered the <strong>Black</strong> <strong>Unicorn</strong> Awards contest and made it into this report, we use the<br />

PANCCD model as follows; what does the cybersecurity vendor focus on:<br />

People, Applications, Networking, Computing Devices, Code, Data – the PANCCD lens<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 8


Looking At the Cybersecurity<br />

Landscape with <strong>The</strong> PANCCD Lens<br />

It’s now very easy to look at a vendor and categorize where they fit, into helping solve the<br />

problems of cyber risk in a particular category.<br />

When you hear about or read about a cybersecurity vendor, you can now quickly and<br />

easily figure out what portion of cyber risk they solve, by using the PANCCD model.<br />

Feel free to use and share this model, just give credit to the author, as follows<br />

“PANCCD is a trademark of Gary Miliefsky, CEO, Cyber Defense Media Group” with a<br />

hyperlink to the author’s bio, found here: https://www.cyberdefensemagazine.com/aboutour-founder/<br />

In this <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> <strong>for</strong> <strong>2022</strong>, we’ve taken a few unique cybersecurity lenses to<br />

view the market and predict the future. Note that post COVID-19, the world has turned<br />

upside down and it’s accelerated telecommuting and cloud-based apps (SaaS)<br />

expansion, moving us from 3-4% home work<strong>for</strong>ce to over 51% and growing. Thus, the<br />

major attack vectors have shifted to the cloud and weaker home-computing hygiene. This<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 9


has opened doors <strong>for</strong> increased revenues and visibility among those players who secure<br />

the cloud, SaaS apps and deal with weak, remote, exposed endpoints.<br />

Dr. David DeWalt’s Super Cycles view gives us an even clearer picture of where current<br />

and future cybersecurity investments need to be made, and there<strong>for</strong>e where we expect<br />

to find additional <strong>Black</strong> <strong>Unicorn</strong>s in the coming years. According to Dr. DeWalt’s<br />

NightDragon venture fund, by next year, the cybersecurity market will be worth over $248<br />

billion. What’s driving this exponential growth?<br />

● Attack surfaces continue to grow daily. As IT innovation around cloud, mobile, and<br />

virtualization continues, the attack surfaces that must be monitored and protected<br />

constantly grow and evolve.<br />

● A shortage of cybersecurity workers. <strong>The</strong>re’s a serious shortage of professionals<br />

with real-world experience. This drives costs higher and increases demand <strong>for</strong><br />

automation to reduce headcount.<br />

● Regulation is increasing and evolving. To keep up with constantly changing<br />

compliance needs, organizations are increasing their focus on cybersecurity to<br />

meet regulatory requirements.<br />

● Tactics are becoming more sophisticated: Keeping up with new tactics like<br />

monetizing attacks via cryptocurrency, renting attack infrastructure, phishing<br />

attacks, and AI require new defenses.<br />

● <strong>The</strong> cost of cybercrime is rising fast: Cybercrime is relentlessly gaining steam<br />

across almost every industry. That’s why cybercrime will cause over ten trillion in<br />

damages by 2025.<br />

With Robert (Bob) Ackerman running one of the most innovative and successful<br />

cybersecurity venture funds in America, we have another unique investor who<br />

understands the industry including bringing a reality check and a view on what is working<br />

into the judging process and our report.<br />

Dino Boukouris has spent over 16 years in the technology industry with expertise in<br />

cybersecurity, finance, strategy, operations, entrepreneurship, and venture capital &<br />

private equity. Dino is a Founding & Managing Director at Momentum Cyber, alongside<br />

Founders Dave DeWalt, Michael Tedesco and Eric McAlpine. Dino adds some wonderful<br />

market insights from his Cybersecurity Market Review <strong>for</strong> the 1 st half of <strong>2022</strong>:<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 10


Venture capital specialization is an emerging theme within the cybersecurity ecosystem. In the<br />

past two years, a new class of cybersecurity-focused firms have raised over $2 billion of capital<br />

in total. <strong>The</strong>se specialist firms focus their investments exclusively on cybersecurity companies<br />

and broaden their value creation cycle beyond capital alone.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 11


<strong>The</strong> 7 Top Trends <strong>for</strong> Cyber Security In <strong>2022</strong> Driving Market Growth (Source: Gartner)<br />

1. Attack Surface Expansion<br />

Currently, 60% of knowledge workers are remote, and at least 18% will not return to the<br />

office. <strong>The</strong>se changes in the way we work, together with greater use of public cloud, highly<br />

connected supply chains and use of Cyber-physical systems have exposed new and<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 12


challenging attack “surfaces.” This leaves organizations more vulnerable to attack.<br />

Gartner recommends security leaders look beyond traditional approaches to security<br />

monitoring, detection and response to manage a wider set of risks.<br />

2. Identity System Defense<br />

Identity systems are coming under sustained attack. Misuse of credentials is now a<br />

primary method that attackers use to access systems and achieve their goals. For<br />

example, in the SolarWinds breach attackers used a supplier’s privileged access to<br />

infiltrate the target network. Gartner uses the term identity threat detection and response<br />

(ITDR) to describe a collection of tools and processes to defend identity systems. In the<br />

longer term, more consolidated solutions will emerge.<br />

3. Digital Supply Chain Risk<br />

Gartner predicts that by 2025, 45% of organizations worldwide will have experienced<br />

attacks on their software supply chains, a three-fold increase from 2021. Security and risk<br />

management leaders need to partner with other departments to prioritize digital supply<br />

chain risk and put pressure on suppliers to demonstrate security best practices<br />

4. Vendor Consolidation<br />

Security products are converging. Vendors are consolidating security functions into single<br />

plat<strong>for</strong>ms and introducing pricing and licensing options to make packaged solutions more<br />

attractive. While it may introduce new challenges such as reduced negotiating power and<br />

potential single points of failure, Gartner sees consolidation as a welcome trend that<br />

should reduce complexity, cut costs and improve efficiency, leading to better overall<br />

security.<br />

5. Cybersecurity Mesh<br />

<strong>The</strong> Cybersecurity mesh is a modern conceptual approach to security architecture that<br />

enables the distributed enterprise to deploy and integrate security to assets, whether<br />

they’re on premises, in data centers or in the cloud. Gartner predicts that by 2024,<br />

organizations adopting a Cybersecurity mesh architecture will reduce the financial impact<br />

of individual security incidents by an average of 90%.<br />

6. Distributed Decisions<br />

Executive leaders need a fast and agile Cybersecurity function to support digital business<br />

priorities. However, as more aspects of the business are digitalized, the job is becoming<br />

too big <strong>for</strong> a centralized CISO role. Leading organizations are building the office of the<br />

CISO to enable distributed Cyber judgment. <strong>The</strong> CISO and the centralized function will<br />

continue to set policy, while Cybersecurity leaders are placed in different parts of the<br />

organization to decentralize security decisions.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 13


7. Beyond Awareness<br />

Human error continues to feature in most data breaches, showing that traditional<br />

approaches to security awareness training are ineffective. Progressive organizations are<br />

moving beyond outdated compliance-based awareness campaigns and investing in<br />

holistic behavior and culture change programs designed to provoke more secure ways of<br />

working.<br />

According to IBM’s X-Force Threat Intelligence Index <strong>2022</strong> (Source:<br />

https://www.ibm.com/downloads/cas/ADLMYLAZ) Ransomware remains the #1 threat<br />

vector.<br />

Recommendations from Herjavec Group & Fishtech Group <strong>2022</strong> Cybersecurity<br />

Conversations <strong>Report</strong> are these 7 Steps To Mitigate Ransomware Damage (Source:<br />

https://www.herjavecgroup.com/herjavec-group-releases-the-<strong>2022</strong>-cybersecurityconversations-report/):<br />

1. Make Sure Incident Response Strategy Covers Ransomware<br />

2. Prioritize Post-Incident Review and Continuous Improvement<br />

3. Prepare <strong>for</strong> the Worst by Backing Up<br />

4. Ensure the Entire Team Knows How to Detect and <strong>Report</strong> Ransomware<br />

5. Segment and Isolate Crown Jewels<br />

6. Make Sure Detection and Response Tools will Cover Ransomware<br />

7. Prepare with the All-Necessary Parties<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 14


Gary Miliefsky’s take on market with the PANCCD model gives us focus and helps us<br />

quickly determine where a vendor fits and how they might add value in the cyber risk<br />

reduction equation.<br />

Dr. Stephenson’s time in the trenches, teaching, testing and exploring all things<br />

cybersecurity with a keen insight into machine learning (ML), artificial intelligence (A.I.),<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 15


what works and what doesn’t is extremely valuable predictive intelligence on the selection<br />

of <strong>Black</strong> <strong>Unicorn</strong>s.<br />

On that note, given that we had to be pragmatic in our quest <strong>for</strong> current and future <strong>Black</strong><br />

<strong>Unicorn</strong>s, here’s where we started: <strong>The</strong>re are now almost 4,000 cybersecurity companies<br />

in the world. We only allowed a small number of companies based on their funding, sales<br />

growth and scalability to enter the <strong>Black</strong> <strong>Unicorn</strong> Awards contest and required they<br />

provide detailed in<strong>for</strong>mation including funding, financials, competition and much more. In<br />

many cases this in<strong>for</strong>mation remains confidential, at the request of the applicants.<br />

We found some companies that didn’t make the cut as Finalist <strong>for</strong> various reasons but<br />

were seriously worth a look, so we’ll continue to keep an eye on them in 2023 and beyond<br />

and see how they progress. You will find all Winners and Finalists worthy of our attention<br />

and yours – you may find that they offer a unique solution missing in your cybersecurity<br />

portfolio.<br />

Meet <strong>The</strong> Judges<br />

Dino Boukouris has spent over 16<br />

years in the technology industry with<br />

expertise in cybersecurity, finance,<br />

strategy,<br />

operations,<br />

entrepreneurship, and venture<br />

capital & private equity. Dino has<br />

been a speaker at Cybersecurity<br />

conferences across the country<br />

including the RSA Conference,<br />

Cybertech Tel Aviv, Structure<br />

Security, Global Cyberspace Coop<br />

Summit, IoT Security Panel, M&A<br />

East 2017, as well as at numerous<br />

private events and corporate<br />

gatherings.<br />

Dino is a Founding & Managing<br />

Director at Momentum Cyber, alongside Founders Dave DeWalt, Michael Tedesco<br />

and Eric McAlpine. Momentum Cyber is the premier trusted strategic advisor to the<br />

Cybersecurity industry, providing bespoke high-impact advice combined with tailored<br />

senior-level access from incubation to exit.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 16


Prior to Momentum Cyber, Dino was a Founding Director of Momentum Partners, the<br />

precursor to Momentum Cyber, alongside Founders Eric McAlpine and Michael Tedesco.<br />

Prior to Momentum Partners, Dino spent much of his career working with and advising<br />

venture-backed and bootstrapped start-ups, including Cameron Health a medical device<br />

start-up which created the world’s first subcutaneous implantable defibrillator and was<br />

ultimately acquired by Boston Scientific <strong>for</strong> $1.35B. Prior to Cameron Health, Dino began<br />

his career with GKN, a multinational aerospace and automotive company, where he was<br />

one of ten graduates selected from across the United States <strong>for</strong> their International<br />

Leadership Development Program.<br />

Additionally, Dino has been a lecturer, GS instructor and mentor <strong>for</strong> the MBA, EWMBA<br />

and Executive MBA program <strong>for</strong> Venture Capital and Private Equity, Business Model<br />

Innovation, Entrepreneurial Strategy, and Managerial Economics. Dino has also served<br />

as an advisor to and been involved with a number of leading accelerators such as the<br />

Alchemist Accelerator, Intel Technology to Market Accelerator, National Science<br />

Foundation Innovation Corps, and Lean Launchpad.<br />

In his “spare” time, Dino received his MBA with Honors from UC Berkeley, where he was<br />

President of his MBA program, a Haas Venture Fellow, a Turner Fellow, a Dean’s Scholar<br />

and chair of Venture Capital Connect. Dino also graduated Summa Cum Laude with a<br />

B.S.E. in Mechanical Engineering and an M.S.E. in Mechanical Engineering from the<br />

University of Michigan, where he entered the Honors Program and was a Lawrence D.<br />

Corlett Scholar, an Engelbrecht Scholar and a David Aspland Scholar.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 17


Robert R. Ackerman, Jr. Managing<br />

Director, AllegisCyber Capital<br />

BOB FOUNDED ALLEGIS IN 1996<br />

AFTER A SUCCESSFUL CAREER<br />

AS A SERIAL ENTREPRENEUR.<br />

In founding Allegis, Bob’s mission<br />

was to build a seed and early-stage<br />

venture firm that would combine<br />

operational experience with an<br />

entrepreneurial spirit and a focus on<br />

<strong>for</strong>ging true partnerships with<br />

portfolio companies to build<br />

successful and sustainable<br />

cybertechnology companies. Bob has<br />

been recognized as a Fortune 100<br />

cybersecurity executive and also as one of “CyberSecurity’s Money Men”.<br />

As an entrepreneur, Bob was the President and CEO of UniSoft Systems, a global leading<br />

UNIX Systems House and the Founder and Chairman of InfoGear Technology<br />

Corporation, a pioneer in the original integration of web and telephony technology and<br />

creator of the original iPhone. Outside of Allegis, Bob teaches New Venture Finance in<br />

the MBA program at the University of Cali<strong>for</strong>nia, co-manages his family’s small Napa<br />

Valley winery – Ackerman Family Vineyards, and enjoys fly fishing.<br />

Gary Miliefsky, Founder & CEO of<br />

Cyber Defense Media Group<br />

(CDMG) is an internationally<br />

recognized cybersecurity expert,<br />

bestselling author and keynote<br />

speaker. He is a Founding Member of<br />

the US Department of Homeland<br />

Security, the National In<strong>for</strong>mation<br />

Security Group and the OVAL<br />

advisory board of MITRE responsible<br />

<strong>for</strong> the CVE Program. He also<br />

assisted the National Infrastructure<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 18


Advisory Council (NIAC), which operates within the U.S. Department of Homeland<br />

Security, in their development of <strong>The</strong> National Strategy to Secure Cyberspace as well as<br />

the Center <strong>for</strong> the Study of Counter-Terrorism and Cyber Crime at Norwich University.<br />

Gary has been founder and/or inventor <strong>for</strong> technologies and corporations sold and<br />

licensed to Hexis Cyber, WatchGuard, Intel/McAfee, IBM, Computer Associates and<br />

<strong>Black</strong>Box Corporation. Gary is a member of ISC2.org and is a CISSP®.<br />

In 2012, he founded Cyber Defense Magazine, which has grown to a market leader on<br />

sharing in<strong>for</strong>mation on all things cybersecurity and continuing to grow, every day. Other<br />

CDMG plat<strong>for</strong>ms he’s launched include CyberDefenseTV, CyberDefenseRadio,<br />

CyberDefenseAwards, CyberDefenseProfessionals, CyberDefenseWebinars, with<br />

additional plat<strong>for</strong>ms launching in 2023 and beyond.<br />

He is a frequent invited guest on national and international media commenting on<br />

breaches, cybercrime, internet of things, cloud computing, digital trans<strong>for</strong>mation, artificial<br />

intelligence, privacy, cyber security, and cyber terrorism. He has also been covered in<br />

Forbes, Fortune and Inc. Magazines. He is also an expert on Cryptocurrencies and<br />

related fraud as well as most issues pertaining to ICOs, Bitcoins, Blockchain technology<br />

and Ransomware. His recent bestselling book, rated 5.0 stars, is entitled Cryptoconomy<br />

– Bitcoins, Blockchains and Badguys, available on Amazon.com. He’s frequently writing<br />

articles published throughout the mainstream media and he also likes to write thought<br />

provoking articles at LinkedIn as a Top 1% of all INFOSEC LinkedIn profiles and a Top<br />

3% Globally on LinkedIn.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 19


What Is the Definition of a <strong>Black</strong> <strong>Unicorn</strong>?<br />

In the venture capital industry, a unicorn refers to any tech startup company that reaches<br />

a $1 billion-dollar market value as determined by private or public investment.<br />

<strong>The</strong> term was originally coined in 2013 by venture capitalist Aileen Lee, choosing the<br />

mythical animal to represent the statistical rarity of such successful ventures. Last year,<br />

CB Insights reported that the odds of becoming a unicorn — a company valued at $1<br />

billion or more — was less than 1% <strong>for</strong> companies that had raised venture capital. In<br />

2018, there were 47 tech companies in the US to reach this unicorn status, according to<br />

data provided by PitchBook.<br />

In the cybersecurity industry, Gary S. Miliefsky coined the term black unicorn as a<br />

cybersecurity company that has the potential to reach a $1 billion-dollar market value as<br />

determined by private or public investment within 1-3 years or a ‘baby’ black unicorn in 3-<br />

5 years.<br />

<strong>The</strong> black unicorn awards are designed to help showcase companies with this kind of<br />

potential. Ultimately, the judging in our awards is tough and it’s still up to those notable<br />

mentions, finalists and the winners to execute a flawless business model to reach this<br />

potential. It takes innovation, dedication, passion – the right team and the right cyber<br />

security solution, harmoniously executed to become a unicorn.<br />

Our mission is to uncover future <strong>Black</strong> <strong>Unicorn</strong>s and based upon the hard work of our<br />

judges and the entrants in our awards program, we think we’ve found them.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 20


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 21


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 22


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 23


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 24


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 25


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 26


<strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong>s <strong>for</strong> <strong>2022</strong><br />

<strong>The</strong>se winners and finalists competed against many of the industry’s leading providers of<br />

cybersecurity products and services <strong>for</strong> this prestigious award. <strong>The</strong> term “<strong>Black</strong> <strong>Unicorn</strong>”<br />

signifies a cybersecurity company that has the potential to reach a $1 billion dollar market<br />

value as determined by private or public investment (Source:<br />

https://en.wikipedia.org/wiki/<strong>Unicorn</strong>_(finance)) and these awards showcase those<br />

companies with this kind of incredible potential in the cybersecurity marketplace.<br />

“We’re pleased to name these winners and finalists among a small, elite group of<br />

cybersecurity industry leaders in our annual <strong>Black</strong> <strong>Unicorn</strong> awards,” said Judges Robert<br />

R. Ackerman Jr. of www.allegiscyber.com, Dino Boukouris of www.momentumcyber.com<br />

and Gary Miliefsky of www.cyberdefensemediagroup.com.<br />

Coalfire<br />

Cyderes<br />

Dragos<br />

Human Security<br />

iboss<br />

Orca Security<br />

Pentera<br />

Perimeter81<br />

SecurityScorecard<br />

Talon Cyber Security<br />

https://www.coalfire.com/<br />

https://www.cyderes.com/<br />

https://www.dragos.com/<br />

https://www.humansecurity.com/<br />

https://www.iboss.com/<br />

https://orca.security/<br />

https://pentera.io/<br />

https://www.perimeter81.com/<br />

https://securityscorecard.com/<br />

https://talon-sec.com/<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 27


About <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> Winners <strong>for</strong> <strong>2022</strong><br />

Coalfire<br />

<strong>The</strong> world’s leading organizations<br />

– the top-five cloud service<br />

providers, eight of the top-ten<br />

SaaS businesses, and three of the top-five in financial services, healthcare, and e-<br />

commerce – rely on Coalfire to strengthen their security postures and secure their digital<br />

trans<strong>for</strong>mations. As the largest global firm dedicated to cybersecurity, Coalfire delivers a<br />

full lifecycle of solutions through professional services, technology plat<strong>for</strong>ms, and<br />

managed services to help organizations solve their toughest cyber challenges. With more<br />

than 20 years of proven cybersecurity leadership, Coalfire combines extensive cloud<br />

expertise, advanced technology, and innovative approaches that fuel success. For more<br />

in<strong>for</strong>mation, visit www.coalfire.com.<br />

Cyderes<br />

As the #1 MSSP in the world (Cyber Defense<br />

Magazine's 2021 Top MSSPs List), Cyderes<br />

is a global cybersecurity powerhouse<br />

offering comprehensive solutions in<br />

managed security, identity and access<br />

management, and professional services <strong>for</strong> the modern enterprise. Cyderes provides the<br />

people, processes, and technology to manage risk, and detect and respond to any threats<br />

– in ways that are better, faster, more cost-effective, and more scalable than traditional<br />

in-house solutions. Cyderes has six security operations centers across the United States,<br />

Canada, the United Kingdom, and India. For more in<strong>for</strong>mation, visit www.cyderes.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 28


Dragos<br />

Dragos has a global mission: to safeguard<br />

civilization from those trying to disrupt the<br />

industrial infrastructure we depend on every<br />

day. <strong>The</strong> practitioners who founded Dragos<br />

were drawn to this mission through decades of government and private sector<br />

experience.<br />

Dragos codifies the knowledge of our cybersecurity experts into an integrated software<br />

plat<strong>for</strong>m that provides customers critical visibility into ICS and OT networks so that threats<br />

are identified and can be addressed be<strong>for</strong>e they become significant events. Our solutions<br />

protect organizations across a range of industries, including power and water utilities,<br />

energy, and manufacturing, and are optimized <strong>for</strong> emerging applications like the Industrial<br />

Internet of Things (IIOT).<br />

Dragos is privately held and headquartered in the Baltimore-Washington, DC area with<br />

regional presence around the world, including Canada, Australia, New Zealand, Europe,<br />

and the Middle East.<br />

HUMAN Security<br />

HUMAN is a cybersecurity company<br />

that safeguards 500+ customers from<br />

sophisticated bot attacks, fraud and<br />

account abuse. We leverage modern<br />

defense—internet visibility, network effect, and disruptions—to enable our customers to<br />

increase ROI and trust while decreasing end-user friction, data contamination, and<br />

cybersecurity exposure. Today we verify the humanity of more than 15 trillion interactions<br />

per week across advertising, marketing, ecommerce and enterprise security, putting us<br />

in a position to win against cybercriminals. Protect your digital business with HUMAN. To<br />

Know Who’s Real, visit www.humansecurity.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 29


iboss<br />

iboss is a Zero Trust cloud security<br />

company that enables the modern<br />

work<strong>for</strong>ce to connect securely and<br />

directly to all applications from wherever<br />

they work. Built on a containerized cloud architecture, iboss delivers security capabilities<br />

such as SWG, malware defense, RBI, CASB and data loss prevention to all connections<br />

via the cloud, instantaneously and at scale. This eliminates the need <strong>for</strong> traditional<br />

network security appliances, such as VPNs, firewalls and web gateway proxies, which<br />

are ineffective at protecting a cloud-first and mobile world. Leveraging a purpose-built<br />

cloud architecture backed by 230+ issued and pending patents and more than 100 points<br />

of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion<br />

threats per day. More than 4,000 global enterprises trust the iboss Cloud Plat<strong>for</strong>m to<br />

support their modern work<strong>for</strong>ces, including a large number of Fortune 50 companies. To<br />

learn more, visit https://www.iboss.com/.<br />

Orca Security<br />

Orca Security is the pioneer of<br />

agentless cloud security that is trusted<br />

by hundreds of enterprises globally.<br />

Orca makes cloud security possible <strong>for</strong><br />

enterprises moving to and scaling in<br />

the cloud with its patented<br />

SideScanning technology and Unified<br />

Data Model. <strong>The</strong> Orca Cloud Security<br />

Plat<strong>for</strong>m delivers the world's most comprehensive coverage and visibility of all risks<br />

across the cloud. With continuous first-to-market innovations and expertise, the Orca<br />

Plat<strong>for</strong>m ensures security teams quickly identify and remediate risks to keep their<br />

businesses secure. Learn more at https://orca.security/.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 30


Pentera Security<br />

Pentera is the leader in Automated<br />

Security Validation. Our plat<strong>for</strong>m<br />

enables CISOs to close gaps in their<br />

security by challenging existing<br />

security controls across the entire<br />

cybersecurity kill-chain. Emulating the real-world techniques of hackers, Pentera’s<br />

plat<strong>for</strong>m identifies the true risks to organizational security and provides an actionable<br />

roadmap to reduce exposure.<br />

Learn more about us at https://pentera.io/ and to schedule a demo please visit<br />

https://pentera.io/contact-us/ anytime.<br />

Perimeter 81<br />

Perimeter 81 allows companies of all sizes<br />

to break free from outdated network<br />

architectures and legacy security tools to<br />

easily manage their network security from a<br />

single, seamless service, delivered from the<br />

cloud. Perimeter 81’s converged security<br />

solution includes Zero Trust Network<br />

Access (ZTNA), Firewall as a Service (FWaaS), and Secure Web Gateway (SWG). <strong>The</strong><br />

company is helping thousands of businesses, of all industries and sizes, achieve holistic<br />

network security more easily and cost-effectively.<br />

To learn more about Perimeter 81 please visit: https://www.perimeter81.com/ or contact<br />

us here: https://www.perimeter81.com/contact.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 31


SecurityScorecard<br />

Funded by world-class investors<br />

including Evolution Equity Partners,<br />

Silver Lake Waterman, Sequoia<br />

Capital, GV, Riverwood Capital, and<br />

others,SecurityScorecard is the global<br />

leader in cybersecurity ratings with more than 12 million companies continuously rated.<br />

Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam<br />

Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000<br />

organizations <strong>for</strong> enterprise risk management, third-party risk management, board<br />

reporting, due diligence, cyber insurance underwriting, and regulatory oversight.<br />

SecurityScorecard is the first cybersecurity ratings company to offer digital <strong>for</strong>ensics and<br />

incident response services, providing a 360-degree approach to security prevention and<br />

response <strong>for</strong> its worldwide customer and partner base. SecurityScorecard continues to<br />

make the world a safer place by trans<strong>for</strong>ming the way companies understand, improve<br />

and communicate cybersecurity risk to their boards, employees and vendors. Every<br />

organization has the universal right to their trusted and transparent Instant<br />

SecurityScorecard rating. For more in<strong>for</strong>mation, visit https://securityscorecard.com/ or<br />

connect with us on LinkedIn.<br />

Talon Cyber Security<br />

Talon Cyber Security is modernizing security<br />

programs and improving user experiences <strong>for</strong><br />

hybrid work by delivering the first secure<br />

enterprise browser. Built on Chromium, the<br />

TalonWork browser provides customers with<br />

the consistent user experiences, deep security<br />

visibility, and control over SaaS and web<br />

applications needed to simplify security <strong>for</strong> the<br />

future of work. Talon was named the Most<br />

Innovative Startup of <strong>2022</strong> at the prestigious<br />

RSA Conference Innovation Sandbox Contest.<br />

For more in<strong>for</strong>mation, visit Talon at https://talon-sec.com/, or connect on LinkedIn, Twitter<br />

and Facebook.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 32


Airgap Networks<br />

Beijing ThreatBook<br />

Cervello Ltd.<br />

Code42<br />

Oxeye<br />

Cyble<br />

Cyera<br />

Dazz, Inc.<br />

Grip Security<br />

Konica Minolta<br />

Noname Security<br />

PlainID<br />

https://airgap.io/<br />

https://www.threatbook.cn/<br />

https://cervello.security/<br />

https://www.code42.com/<br />

https://www.oxeye.io/<br />

https://cyble.com/<br />

https://www.cyera.io/<br />

https://dazz.ltd/<br />

https://www.grip.security/<br />

https://www.konicaminolta.us/<br />

https://nonamesecurity.com/<br />

https://www.plainid.com/<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 33


ReversingLabs<br />

SCADAfense<br />

Semperis<br />

Sepio<br />

Shift5, Inc.<br />

XM Cyber<br />

Zentera Systems, Inc.<br />

https://www.reversinglabs.com/<br />

https://www.scadafence.com/<br />

https://www.semperis.com/<br />

https://sepiocyber.com/<br />

https://www.shift5.io/<br />

https://www.xmcyber.com/<br />

https://www.zentera.net/<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 34


About <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> Finalists <strong>for</strong> <strong>2022</strong><br />

Airgap Networks<br />

Airgap provides an agentless Anti-<br />

Ransomware plat<strong>for</strong>m to stop the<br />

spread of malware in the enterprise<br />

network. Our industry’s first<br />

Ransomware Kill Switch locks down<br />

your most critical network assets at the<br />

first indication of compromise with<br />

complete control and policy en<strong>for</strong>cement over the device-to-device and device-toapplication<br />

communication https://airgap.io.<br />

Beijing ThreatBook Technology Co., Ltd.<br />

ThreatBook, founded in 2015, is an<br />

innovative cybersecurity provider in<br />

the digital era, continually delivering<br />

precise, efficient and intelligent<br />

solutions of cyberthreat detection and<br />

response. ThreatBook takes the<br />

pioneering role in the development of cyberthreat intelligence in China, providing<br />

comprehensive protection on cloud, traffic and endpoints. ThreatBook aims to arm its<br />

customers with a lifelong threat monitoring system and security response capabilities.<br />

Learn more about us at www.threatbook.cn and email contactus@threatbook.cn anytime.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 35


Cervello Ltd.<br />

Cervello accelerates the rail digital<br />

trans<strong>for</strong>mation by securing the<br />

industry’s infrastructure and<br />

operations from cyber threats.<br />

Cervello gives you the confidence to<br />

see, secure, and manage all of the<br />

assets connected to your critical network, combining IT, OT, IoT and physical systems,<br />

and turn the associated data into a powerful resource. It means the end of any<br />

compromise between security, safety and usability – put simply, it allows you to operate<br />

with confidence.<br />

<strong>The</strong> world’s leading rail operators and infrastructure managers trust Cervello to minimize<br />

threats and prevent cybersecurity incidents, thereby increasing their safety, reliability,<br />

business continuity and service availability. Learn more at cervello.security.<br />

Code42<br />

Code42 is the Insider Risk<br />

Management leader. Native to the<br />

cloud, the Code42 Incydr solution<br />

rapidly detects data loss, leak and<br />

theft as well as speeds incident<br />

response – all without lengthy deployments, complex policy management or blocking<br />

employee productivity. With Code42, security professionals can protect corporate data<br />

and reduce insider threats while fostering an open and collaborative culture <strong>for</strong><br />

employees. Backed by security best practices and control requirements, Code42’s Insider<br />

Risk solution is FedRAMP authorized and can be configured <strong>for</strong> GDPR, HIPAA, PCI and<br />

other regulatory frameworks. More than 50,000 organizations worldwide, including the<br />

most recognized brands in business and education, rely on Code42 to safeguard their<br />

ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and<br />

is backed by Accel Partners, JMI Equity, NewView Capital and Split Rock Partners.<br />

Code42 was recognized by Inc. magazine as one of America’s best workplaces in 2020.<br />

Learn more about us at www.code42.com or email in<strong>for</strong>mation@code42.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 36


Oxeye<br />

Oxeye provides a cloud-native<br />

application security solution<br />

designed specifically <strong>for</strong> modern<br />

container and Kubernetes-based<br />

architectures. <strong>The</strong> company<br />

enables customers to quickly<br />

identify and resolve all application-layer risks as an integral part of the software<br />

development lifecycle by offering a seamless, comprehensive, and effective solution that<br />

ensures touchless assessment, focus on the exploitable risks, and actionable remediation<br />

guidance. Built <strong>for</strong> Dev and AppSec teams, Oxeye helps to shift security to the left while<br />

accelerating development cycles, reducing friction, and eliminating risks.<br />

Learn more about Oxeye at www.oxeye.io, schedule a product demonstration at<br />

www.oxeye.io/get-a-demo. Connect directly with Oxeye at info@oxeye.io.<br />

Cyble<br />

Cyble is a global threat intelligence SaaS provider that<br />

helps enterprises protect themselves from<br />

cybercrimes and exposure on the Surface web,<br />

Deepweb, and Darkweb. Its prime focus is to provide<br />

organizations with real-time visibility into their digital<br />

risk footprint. Backed by <strong>Black</strong>bird Ventures, Xoogler,<br />

and Y Combinator as part of the 2021 winter cohort,<br />

Cyble has also been recognized by Forbes as one of<br />

the top 20 Best Cybersecurity Start-ups, along with<br />

several other industry recognitions. Headquartered in Georgia, United States, and with<br />

offices in Dubai, Australia, Singapore, and India, Cyble has a global presence.<br />

To learn more about Cyble, visit https://cyble.com/ or email contact@cyble.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 37


Cyera<br />

Cyera is the cloud data security company<br />

that gives businesses context and control<br />

over their cloud data. Our mission is to<br />

empower security teams to enable<br />

innovation, securely. As the industry’s most<br />

advanced cloud data protection plat<strong>for</strong>m, Cyera instantly provides companies a strong<br />

baseline <strong>for</strong> all security, risk management, and compliance ef<strong>for</strong>ts and ensures the entire<br />

organization operates with the same policies and guardrails. Backed by leading investors<br />

including Sequoia, Accel, and Cyberstarts, Cyera is defining the way companies do cloud<br />

data security. To learn more, visit www.cyera.io.<br />

Dazz<br />

<strong>The</strong> Dazz Remediation Cloud maps your codeto-production<br />

pipelines; per<strong>for</strong>ms smart root<br />

cause analysis and prioritizes risk; identifies<br />

code owners; and streamlines remediation<br />

right in the developer’s workflow. With Dazz,<br />

you gain full pipeline visibility, cut through alert noise, and shrink your risk window by<br />

reducing time to remediate.<br />

Learn more about us at dazz.io and email us at contact@dazz.io.<br />

Grip Security<br />

everywhere, and on-demand.<br />

Grip’s mission is to empower every customer to<br />

protect people and SaaS technology. Grip’s<br />

SaaS Security Control Plane is the linchpin in<br />

modern security architecture <strong>for</strong> safeguarding<br />

the SaaS attack surface—anywhere,<br />

Learn more about Grip by visiting our website at https://www.grip.security/ or send us an<br />

email at sales@grip.security.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 38


Konica Minolta Business Solutions U.S.A.,<br />

All Covered, a division of Konica<br />

Minolta Business Solutions,<br />

U.S.A., Inc., is a leading<br />

nationwide IT Services company<br />

that helps businesses achieve<br />

their goals through better management of in<strong>for</strong>mation and more effective collaboration.<br />

Our commitment to innovation in providing industry-leading solutions has been repeatedly<br />

recognized by some of the IT industry’s most respected publications and organizations,<br />

including CRN’s SP 500 and Channel Future’s MSP 501. We have also been<br />

acknowledged <strong>for</strong> our expertise across vertical markets such as education, finance,<br />

healthcare and legal. Our IT engineers are well versed in the nuances and regulations of<br />

each market segment. From network design to helpdesk support, IT security, cloud<br />

services and managed IT, All Covered customizes solutions to its clients’ business and<br />

application needs. Visit us online and follow All Covered on Facebook, YouTube, LinkedIn<br />

and Twitter.<br />

Noname Security<br />

Noname Security is the only company<br />

taking a complete, proactive approach to<br />

API Security. Noname works with 20% of<br />

the Fortune 500 and covers the entire API<br />

security scope across three pillars —<br />

Posture Management, Runtime Security,<br />

and API Security Testing.Noname Security<br />

is backed by leading venture capital firms, including Lightspeed, Georgian, <strong>The</strong> Syndicate<br />

Group (TSG), Forgepoint, Next47, Insight Partners, and Cyberstarts, and has raised<br />

$220M, achieving "unicorn" status only one year out of stealth.Noname Security is<br />

privately held, remote-first with headquarters in Silicon Valley, and offices in Tel Aviv and<br />

Amsterdam.<br />

Learn more about us at https://nonamesecurity.com/ and email<br />

info@nonamesecurity.com anytime.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 39


PlainID<br />

PlainID Inc., <strong>The</strong> Authorization<br />

Company, is the recognized leader in<br />

Authorization as a Service powered by<br />

Policy Based Access Control (PBAC).<br />

PlainID's simple, straight<strong>for</strong>ward solution<br />

to authorization management enables organizations to create, manage, and en<strong>for</strong>ce<br />

authorization policies across an enterprise. By securely connecting identities to digital<br />

assets via PlainID Authorizers, firms can meet the digital demands of user journeys,<br />

enable zero trust architectures and provide data security. <strong>The</strong> PlainID Authorization<br />

Plat<strong>for</strong>m enables rapid business growth by connecting new and legacy technologies with<br />

the latest and most advanced authorization features. To learn more about PlainID Inc.<br />

please visit: https://www.plainid.com/.<br />

ReversingLabs<br />

ReversingLabs empowers<br />

modern software development,<br />

IT and security operations teams<br />

with a unified plat<strong>for</strong>m to protect<br />

against software supply chain<br />

attacks. <strong>The</strong> ReversingLabs Titanium Plat<strong>for</strong>m integrates seamlessly at scale, analyzing<br />

software libraries, compiled binaries and release packages <strong>for</strong> vulnerabilities, malicious<br />

behaviors and tampering, enabling development to release confidently, IT to procure<br />

safely, and the SOC to effectively isolate and respond when breaches occur.<br />

Learn more about us at https://www.reversinglabs.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 40


ScaDafense<br />

SCADAfence is the global technology<br />

leader in OT & IoT cyber security. <strong>The</strong><br />

SCADAfence plat<strong>for</strong>m enables<br />

organizations with complex OT networks to<br />

embrace the benefits of industrial IoT by<br />

reducing cyber risks and mitigating operational threats. <strong>The</strong> non-intrusive plat<strong>for</strong>m<br />

provides full coverage of large-scale networks, offering best-in-class detection accuracy,<br />

asset discovery and governance with minimal false-positives. SCADAfence delivers<br />

proactive security and visibility to many of the world's most complex OT networks,<br />

including the largest manufacturing facility in Europe and the largest automotive<br />

manufacturer in the world. SCADAfence enables organizations in manufacturing, building<br />

management and critical infrastructure industries to operate securely, reliably and<br />

efficiently. To learn more, visit our website, check out our blog, or follow us on LinkedIn.<br />

Semperis<br />

For security teams charged with defending hybrid and<br />

multi-cloud environments, Semperis ensures the integrity<br />

and availability of critical enterprise directory services at<br />

every step in the cyber kill chain and cuts recovery time<br />

by 90%. Purpose-built <strong>for</strong> securing hybrid Active<br />

Directory environments, Semperis’ patented technology<br />

protects over 50 million identities from cyberattacks, data<br />

breaches, and operational errors. <strong>The</strong> world’s leading organizations trust Semperis to<br />

spot directory vulnerabilities, intercept cyberattacks in progress,and quickly recover from<br />

ransomware and other data integrity emergencies. Semperis is headquartered in<br />

Hoboken, New Jersey, and operates internationally, with its research and development<br />

team distributed throughout the United States, Canada, and Israel.<br />

Semperis hosts the award-winning Hybrid Identity Protection conference<br />

(www.hipconf.com). <strong>The</strong> company has received the highest level of industry accolades<br />

and was recently ranked #157 in the 2021 Inc. 5000 list, the most prestigious ranking of<br />

the nation’s fastest-growing private companies. Semperis is accredited by Microsoft and<br />

recognized by Gartner.<br />

To learn more about Semperis and to get in touch with the team, visit<br />

https://www.semperis.com/contact-us-2/.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 41


Sepio<br />

At any given time, an organization is<br />

blind to 40%+ of connected devices,<br />

creating an ever growing attack<br />

surface and uncontrolled risk. Most<br />

visibility solutions scan traffic -causing<br />

additional privacy and compliance issues. Every device holds a RISK factor just by being<br />

there - even not generating traffic - IT’S STILL THERE.<br />

Sepio is the first hardware risk management plat<strong>for</strong>m, focusing on device<br />

EXISTENCE - not device ACTIVITY - seeing ALL devices as potential risks, needing to<br />

be verified and trusted.<br />

Sepio collects in<strong>for</strong>mation with no changes to the way the network is built, no “spanning”<br />

traffic, no activity-based detection, no protocol dependency and no privacy or<br />

compliance issues. Sepio provides a holistic view of all IT, IOT or OT devices, showing<br />

all potential risks. Since Sepio sees a fraction of the data volume, it enables massive<br />

scale, saving resources and time, with a guaranteed 24-hour deployment.” Learn more<br />

about us at https://sepiocyber.com.<br />

Shift5<br />

Shift5 is the OT cybersecurity<br />

company that protects the<br />

world’s transportation<br />

infrastructure and weapons<br />

systems from cyberattacks. Created by founding members of the U.S. Army Cyber<br />

Command who pioneered modern weapons system cyber assessments, Shift5 defends<br />

military plat<strong>for</strong>ms and commercial transportation systems against malicious actors and<br />

operational failures. Customers rely on Shift5 to detect threats and maintain the resilience<br />

of a wide variety of operational technology systems, including aviation, rail and metro,<br />

defense, helicopters, and other heavy fleet machinery. For more in<strong>for</strong>mation, visit<br />

https://www.shift5.io/.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 42


XM Cyber<br />

XM Cyber is a leading hybrid<br />

cloud security company that is<br />

changing the way innovative<br />

organizations approach cyber<br />

risk. Its attack path management<br />

plat<strong>for</strong>m continuously uncovers<br />

hidden attack paths to businesses’ critical assets across cloud and on-prem<br />

environments, enabling security teams to cut them off at key junctures and eradicate risk<br />

with a fraction of the ef<strong>for</strong>t. Many of the world’s largest, most complex organizations<br />

choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber<br />

intelligence community, XM Cyber has offices in North America, Europe, and Israel. For<br />

more in<strong>for</strong>mation, you can visit www.xmcyber.com.<br />

Zentera Systems, Inc.<br />

Zentera Systems, the leader in Zero<br />

Trust Security solutions <strong>for</strong> the digitallytrans<strong>for</strong>med<br />

enterprise, offers awardwinning<br />

Zero Trust networking, security,<br />

and access that overlays any fragmented infrastructure and cloud to deploy in less than<br />

a day. Available on-premises or as SaaS, global enterprises use Zentera’s products to<br />

secure employee and third-party access, protect against data leaks, and instantly secure<br />

hybrid applications and data in IT, OT and cloud environments. <strong>The</strong> Silicon Valley-based<br />

company has received numerous recognitions, including Cool Vendor <strong>for</strong> Cloud Security<br />

by Gartner.<br />

Visit us at https://zentera.net/ to learn more, or contact us via email at sales@zentera.net<br />

<strong>for</strong> a demo or trial.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 43


<strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong>s <strong>for</strong> <strong>2022</strong><br />

<strong>The</strong>se winners and finalists competed against many of the industry’s leading providers of<br />

cybersecurity products and services <strong>for</strong> this prestigious award. <strong>The</strong> term “<strong>Black</strong> <strong>Unicorn</strong>”<br />

signifies a cybersecurity company that has the potential to reach a $1 billion dollar market<br />

value as determined by private or public investment (Source:<br />

https://en.wikipedia.org/wiki/<strong>Unicorn</strong>_(finance)) and these awards showcase those<br />

companies with this kind of incredible potential in the cybersecurity marketplace.<br />

“We’re pleased to name these winners and finalists among a small, elite group of<br />

cybersecurity industry leaders in our annual <strong>Black</strong> <strong>Unicorn</strong> awards,” said Judges Robert<br />

R. Ackerman Jr. of www.allegiscyber.com, Dino Boukouris of www.momentumcyber.com<br />

and Gary Miliefsky of www.cyberdefensemediagroup.com.<br />

CONCEAL<br />

CyberGRX<br />

Cyberpion<br />

Cybersixgill<br />

CYFIRMA<br />

DNSFilter Inc.<br />

Eclypsium, Inc.<br />

ENVEIL<br />

Fortanix<br />

Strider Technologies, Inc.<br />

https://conceal.io/<br />

https://www.cybergrx.com/<br />

https://www.cyberpion.com/<br />

https://www.cybersixgill.com/<br />

https://www.cyfirma.com/<br />

https://www.dnsfilter.com/<br />

https://eclypsium.com/<br />

https://www.enveil.com/<br />

https://www.<strong>for</strong>tanix.com/<br />

https://www.striderintel.com/<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 44


About <strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong> Winners <strong>for</strong> <strong>2022</strong><br />

Conceal<br />

Conceal enables organizations to<br />

protect users from malware and<br />

ransomware at the edge. <strong>The</strong><br />

Conceal Plat<strong>for</strong>m uses Zero Trust<br />

isolation technology to defend<br />

against sophisticated cyber threats. Conceal is used by Fortune 500 and government<br />

organizations globally to ensure their users and IT operations remain secure, anonymous<br />

and isolated from attacks. For more in<strong>for</strong>mation, visit https://conceal.io/.<br />

CyberGRX<br />

CyberGRX standardizes third-party<br />

cyber risk management, making it<br />

possible to achieve insights, prioritize<br />

risks and make smarter decisions<br />

across your entire vendor ecosystem.<br />

Driven by sophisticated data analytics and automation, real-world attack scenarios, and<br />

real-time threat intelligence, CyberGRX provides customers comprehensive and ongoing<br />

analysis of their vendor portfolio. Organizations can now effectively manage their cyber<br />

risk reputation by proactively utilizing the CyberGRX Exchange to complete and share a<br />

single assessment with multiple upstream partners. For more in<strong>for</strong>mation:<br />

www.cybergrx.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 45


Cyberpion<br />

Cyberpion solves the rising cybersecurity<br />

challenge of understanding the risks and<br />

vulnerabilities of your connected online<br />

assets that <strong>for</strong>m an external attack<br />

surface. Knowing how your organization<br />

is vulnerable, where those threats come from, and what infrastructures are at risk, is<br />

critical to preventing an attack and strengthens your security posture. Cyberpion makes<br />

organizations aware of these vulnerabilities and helps mitigate them by continuously<br />

discovering, inventorizing, monitoring and assessing the threat vectors present<br />

throughout online ecosystems that exist outside the traditional security perimeter. With<br />

an R&D team based in Israel, the company is funded by leading cybersecurity venture<br />

capitalists. To learn more, visit www.cyberpion.com or email us at info@cyberpion.com.<br />

Cybersixgill<br />

Cybersixgill has proven to have the<br />

broadest threat intelligence collection<br />

capabilities available, covertly<br />

extracting data from a wide range of<br />

sources including content from limitedaccess<br />

deep and dark web <strong>for</strong>ums and markets, invite-only messaging groups, code<br />

repositories, paste sites and clear web plat<strong>for</strong>ms. We enrich this data with context to<br />

provide security teams with comprehensive insight into the nature and source of each<br />

threat. To learn more, visit www.cybersixgill.com<br />

CYFIRMA<br />

By combining cyber-intelligence with attack<br />

surface discovery and digital risk protection,<br />

CYFIRMA delivers predictive, personalized,<br />

contextual, outside-in and multi-layered insights<br />

to help clients prepare against upcoming attacks. Learn more at www.cyfirma.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 46


DNSFilter<br />

DNSFilter provides enterprise-grade<br />

protection and content filtering <strong>for</strong> your users.<br />

Protect your organization from costly<br />

cyberattacks. Our global any cast network<br />

means we scale <strong>for</strong> even the largest global businesses. You can visit www.dnsfilter.com<br />

<strong>for</strong> more info.<br />

Eclypsium, Inc.<br />

Eclypsium’s cloud-based plat<strong>for</strong>m provides digital supply chain<br />

security <strong>for</strong> critical hardware, firmware and software. Eclypsium<br />

defends enterprises and government agencies from the deep<br />

implants and exploits that have become the vector of choice <strong>for</strong><br />

modern adversaries. Learn more https://eclypsium.com/.<br />

Enveil<br />

ENVEIL is a pioneering Privacy Enhancing<br />

Technology company protecting Data in<br />

Use. Enveil’s business-enabling and<br />

privacy-preserving capabilities change the<br />

paradigm of how and where organizations<br />

can leverage data to unlock value. Defining the trans<strong>for</strong>mative category of Privacy<br />

Enhancing Technologies (PETs), Enveil’s award-winning ZeroReveal® solutions <strong>for</strong><br />

secure data usage, sharing, and collaboration protect data while it's being used or<br />

processed. Customers can extract insights, cross-match, search, and analyze data<br />

assets at scale without ever revealing the content of the search itself, compromising the<br />

security or ownership of the underlying data, or exposing their interests and intent. A<br />

World Economic Forum Technology Pioneer founded by U.S. Intelligence Community<br />

alumni, Enveil is deployed and operational today, revolutionizing data usage in the global<br />

marketplace. Learn more at www.enveil.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 47


Fortanix<br />

Fortanix Data Security Manager<br />

(DSM) SaaS provides integrated<br />

data security with encryption,<br />

multicloud key management,<br />

tokenization, and other capabilities<br />

from one plat<strong>for</strong>m, delivered-as-a-service. For every user. Any cloud. Anywhere in the<br />

world. Visit www.<strong>for</strong>tanix.com <strong>for</strong> more info.<br />

Strider Technologies, Inc.<br />

Strider is revolutionizing the way<br />

companies, government agencies,<br />

and research institutions protect<br />

their innovation and compete in a<br />

new era of global strategic<br />

competition. Our trailblazing technology and intelligence solutions enable clients to<br />

proactively identify, manage, and respond to nation-state-directed IP theft and supply<br />

chain vulnerabilities. Strider has operations in Salt Lake City, UT, Washington, D.C, and<br />

London, U.K. Learn more by visiting us online at www.striderintel.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 48


Anitian<br />

CardinalOps<br />

Clarabot Zrt.<br />

Concentric.ai<br />

Defendify<br />

DoControl<br />

Phosphorus Cybersecurity®<br />

Stellar Cyber<br />

StrikeReady Inc.<br />

Suridata<br />

Syxsense<br />

https://www.anitian.com/<br />

https://www.cardinalops.com/<br />

https://www.clarabot.com/<br />

https://www.concentric.ai/<br />

https://defendify.com/<br />

https://www.docontrol.io/<br />

https://www.phosphorus.io/<br />

https://stellarcyber.ai/<br />

https://www.strikeready.co/<br />

https://www.suridata.ai/<br />

https://www.syxsense.com/<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 49


About <strong>The</strong> Baby <strong>Black</strong> <strong>Unicorn</strong> Finalists <strong>for</strong> <strong>2022</strong><br />

Anitian<br />

Anitian makes your cloud<br />

applications secure and compliant<br />

so you can enter new markets and<br />

unlock revenue in weeks, not months or years. Our SecureCloud plat<strong>for</strong>ms <strong>for</strong><br />

Compliance Automation and Enterprise Cloud Security unify DevOps and security to<br />

deliver the fastest path to security and compliance in the cloud. Anitian’s pre-engineered<br />

and automated cloud application infrastructure plat<strong>for</strong>ms deploy in a single day to<br />

empower enterprises to go from application to cloud to production 80% faster and at 50%<br />

of the cost. Find out more at www.anitian.com or follow them on LinkedIn or Twitter.<br />

CardinalOps<br />

Most security vendors pitch you on replacing your<br />

stack or adding new monitoring tools to it.<br />

CardinalOps has a more practical and pragmatic<br />

approach. <strong>The</strong> CardinalOps SaaS plat<strong>for</strong>m uses<br />

AI and automation to maximize MITRE ATT&CK<br />

coverage <strong>for</strong> your existing security stack and<br />

eliminate hidden detection gaps you may not even<br />

know you have. Setup takes less than an hour because there are no agents to deploy<br />

and it easily connects via the native APIs of your SIEM/EDR/XDR. What's more, it has<br />

the added advantage of boosting your detection engineering team's productivity 10x<br />

compared to manual processes. Learn more at www.cardinalops.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 50


Clarabot Zrt.<br />

Lightning fast, end-to-end encrypted<br />

unlimited file-sharing where privacy<br />

control is in your hands! Easy access,<br />

modern appearance, transparency, privacy by design. Clarabot Nano is the secure file<br />

sharing tool to improve content search, data access and collaboration between multiple<br />

parties. Clarabot Nano is equipped with a unique feature-set made possible by it’s hybrid<br />

delegated server design. Closing call: register <strong>for</strong> free or find out more at<br />

www.clarabot.com. For help or other questions, please contact us at info@clarabot.com<br />

or support@clarabot.com.<br />

Concentric.ai<br />

Concentric was born out of a<br />

powerful insight: Enterprises have a<br />

data security problem. And the<br />

security tools they’re using can’t fix it.<br />

We’re a team of AI experts, data<br />

scientists, software builders, and security junkies dedicated to solving the most pressing<br />

data security problems. Status quo approaches aren’t our thing – we live to serve our<br />

customers, solve their toughest issues with the latest technologies, and we won’t rest until<br />

the last contract, design doc, trading data, strategy and M&A terms sheet is safe and<br />

secure. For more in<strong>for</strong>mation, see www.concentric.ai.<br />

Defendify<br />

Defendify is pioneering<br />

cybersecurity <strong>for</strong> scaling<br />

organizations. Delivering multiple<br />

layers of protection, Defendify provides cybersecurity expertise and support through an<br />

all-in-one plat<strong>for</strong>m designed to continuously strengthen cybersecurity across people,<br />

process, and technology. Defendify streamlines cybersecurity assessments, testing,<br />

policies, training, detection, and response in one consolidated and cost-effective<br />

cybersecurity solution. Take the next step towards robust cybersecurity at defendify.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 51


DoControl<br />

Founded in 2020 and headquartered in<br />

New York, DoControl is an automated data<br />

access controls plat<strong>for</strong>m <strong>for</strong> SaaS<br />

applications,<br />

improving security and operational<br />

efficiency with ease <strong>for</strong> enterprises. DoControl is backed by investors Insight Partners,<br />

StageOne Ventures, Cardumen Capital, RTP Global and global cybersecurity leader<br />

CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. <strong>The</strong> company's<br />

leadership team combines product, engineering and sales experience across<br />

cybersecurity, enterprise and SaaS innovators. For more in<strong>for</strong>mation, please visit<br />

www.docontrol.io and follow us on Twitter and LinkedIn.<br />

Phosphorus Cybersecurity®<br />

Phosphorus Cybersecurity® is the<br />

leading xTended Security of Things<br />

plat<strong>for</strong>m designed to secure the<br />

rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our<br />

Extended Enterprise xIoT Security Plat<strong>for</strong>m delivers Attack Surface Management,<br />

Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to<br />

every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery<br />

and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT,<br />

and Network device vulnerabilities—including unknown and inaccurate asset inventory,<br />

out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.<br />

Follow Phosphorus on LinkedIn, Twitter, and YouTube, and learn more at<br />

https://phosphorus.io/.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 52


Stellar Cyber<br />

<strong>The</strong> Stellar Cyber Open XDR<br />

plat<strong>for</strong>m delivers comprehensive,<br />

unified security without<br />

complexity, empowering lean<br />

security teams of any skill to successfully secure their environments. With Stellar Cyber,<br />

organizations reduce risk with early and precise identification and remediation of threats<br />

while slashing costs, retaining investments in existing tools, and improving analyst<br />

productivity, delivering a 20x improvement in MTTD and an 8x improvement in MTTR.<br />

<strong>The</strong> company is based in Silicon Valley. For more in<strong>for</strong>mation, visit stellarcyber.ai.<br />

StrikeReady Inc.<br />

StrikeReady Inc. is a cybersecurity startup<br />

based out of Cali<strong>for</strong>nia. <strong>The</strong> company was<br />

founded in 2019 and offers the industry's first<br />

cloud-based security operations and<br />

management plat<strong>for</strong>m that enables<br />

organizations to increase the effectiveness,<br />

efficiency, and af<strong>for</strong>dability of their security<br />

operations, while empowering and augmenting cybersecurity teams with institutional<br />

knowledge and automation. Visit www.strikeready.co to learn more.<br />

Suridata<br />

Suridata offers the industry’s most<br />

powerful SSPM plat<strong>for</strong>m, securing<br />

dozens of today’s most common<br />

SaaS applications. Suridata’s<br />

intelligent profiling engine flags critical issues by monitoring configurations, third-party<br />

applications, and access risks. Our sophisticated workflow engine then ensures the most<br />

critical security gaps are mitigated first. Our mission is to ensure SaaS applications are<br />

secured. Learn more at www.suridata.ai.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 53


Syxsense<br />

Syxsense is a leading provider of<br />

innovative, intuitive endpoint security<br />

and management technology that<br />

combines the power of artificial<br />

intelligence with industry expertise to help customers predict and remove security threats<br />

across all devices including mobile. Syxsense is the first Unified Security and Endpoint<br />

Management plat<strong>for</strong>m that centralizes the three key elements of endpoint security<br />

management (vulnerabilities, patch and compliance) and layers on a powerful workflow<br />

automation tool called Syxsense Cortex, all through a single cloud-based plat<strong>for</strong>m,<br />

enabling greater efficiency and collaboration between teams. <strong>The</strong> always-on technology<br />

per<strong>for</strong>ms in real-time so businesses can operate free of disruption from security breaches<br />

that cripple productivity and expose them to financial risk and reputational harm. For more<br />

in<strong>for</strong>mation, visit www.syxsense.com.<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 54


<strong>The</strong> Top InfoSec Innovators <strong>for</strong> <strong>2022</strong><br />

<strong>The</strong>se companies competed against many of the industry’s leading providers of<br />

cybersecurity products and services <strong>for</strong> this prestigious award. Judges look at thousands<br />

of infosec companies searching <strong>for</strong> the most innovative, with great potential in stopping<br />

breaches and these awards showcase those companies with this kind of incredible<br />

potential in the cybersecurity marketplace.<br />

“We’re pleased to name these companies as winners among a small, elite group of<br />

cybersecurity innovators <strong>for</strong> <strong>2022</strong>,”said Gary Miliefsky of<br />

www.cyberdefensemediagroup.com.<br />

Here are the winners in alphabetical order by the name of their company:<br />

AccSenSe<br />

Armis<br />

Bionic<br />

CionSystems<br />

Clarabot Zrt<br />

CYE<br />

Cymulate<br />

Cyral<br />

Cythereal<br />

https://www.accsense.com<br />

https://www.armis.com<br />

https://bionic.ai<br />

https://cionsystems.com<br />

https://www.clarabot.com<br />

https://cyesec.com<br />

https://cymulate.com<br />

https://cyral.com<br />

https://www.cythereal.com<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 55


DataDome<br />

Dispersive Holdings, Inc<br />

Grip Security<br />

Hornetsecurity<br />

i2chain<br />

ImmuniWeb<br />

Insider Threat Defense Group<br />

Legit Security<br />

Lucidum<br />

OptimEyes<br />

Phylum<br />

Polar Security<br />

Reflectiz<br />

Sasa Software<br />

Sepio<br />

SlashNext<br />

Spin Technology<br />

StrikeReady<br />

TalaTek<br />

ThreatLocker<br />

Trend Micro<br />

TXOne Networks Inc.<br />

Xcitium<br />

https://datadome.co<br />

https://dispersive.io<br />

https://www.grip.security<br />

https://www.hornetsecurity.com/en<br />

https://www.i2chain.com<br />

https://www.immuniweb.com<br />

https://www.insiderthreatdefense.us<br />

https://www.legitsecurity.com<br />

https://lucidum.io<br />

https://optimeyes.ai<br />

https://phylum.io<br />

https://www.polar.security/plat<strong>for</strong>m<br />

https://www.reflectiz.com<br />

https://www.sasa-software.com<br />

https://sepiocyber.com<br />

https://www.slashnext.com<br />

https://spin.ai<br />

https://www.strikeready.co<br />

https://talatek.com<br />

https://threatlocker.com<br />

https://trendmicro.com/en_ph/business.html<br />

https://www.txone.com<br />

https://www.xcitium.com<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 56


<strong>The</strong> Top Global CISOs <strong>2022</strong><br />

.<br />

<strong>The</strong>se CISOs competed against thousands of candidates <strong>for</strong> this prestigious award. Judges look<br />

at these candidates, searching <strong>for</strong> the most innovative, with unparalleled success in<br />

communicating with their boards and senior level executives, detecting, and stopping breaches<br />

and data loss, complying with regulations, and building powerful risk reduction programs <strong>for</strong> their<br />

organizations.<br />

Chief In<strong>for</strong>mation Security Officers are the first responders of cyberspace and deserve to be<br />

recognized <strong>for</strong> their tremendous achievements as they fend off cyber criminals, cyber terrorists,<br />

malicious insiders, and nation state sponsored attacks.<br />

For years they have been considered operating cost centers while helping corporations avert<br />

disasters that could put them out of business. <strong>The</strong>y work tirelessly to allow companies to grow,<br />

expand, and increase potential profits by managing and mitigating major risks and regulatory<br />

compliance issues on a day-to-day basis.<br />

“We’re pleased to name this small, elite group of in<strong>for</strong>mation security professionals in our Top<br />

Global CISOs Awards <strong>for</strong> <strong>2022</strong>,” said Gary Miliefsky, Publisher of Cyber Defense Magazine.<br />

Here are the winners in alphabetical order by the name of their company:<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 57


Sujeet Bambawale<br />

Stephanie Franklin Thomas<br />

Matt Devico<br />

Mark Alvarado<br />

Chris Gay<br />

Jorel Van Os<br />

Thomas Dager<br />

Raymond Harris<br />

Edward Maule<br />

Tim Callahan<br />

Derek Hardy<br />

Jason Medeiros<br />

Craig McEwen<br />

Robert Schuetter<br />

Christopher Regan<br />

Aaron J. Goodwin<br />

Nick Ryan<br />

Karine Hӧne<br />

Dawn-Marie Hutchinson<br />

Rick Doten<br />

Alan Berry<br />

Patrice Bordron<br />

Fred Bret-Mounet<br />

Alex Schuchman<br />

Medha Bhalodkar<br />

Thanh Thai<br />

Tammy Clotz<br />

Diego Souza<br />

Endre Jarraux Walls<br />

Chandra McMahon<br />

7-Eleven<br />

ABM Industries<br />

Academy Mortgage Corporation<br />

Academy Sports + Outdoors<br />

Acosta<br />

Acrisure<br />

ADM<br />

Adtran<br />

Advocare, LLC<br />

Aflac<br />

AMD<br />

Amwell<br />

Anglo American<br />

Ashland<br />

AutoNation<br />

B. Riley Financial<br />

Baker Tilly Virchow Krause, LLP<br />

Barloworld Limited<br />

BAT<br />

Carolina Complete Health<br />

Centene<br />

CHS<br />

Clarify Health Solutions<br />

Colgate-Palmolive<br />

Columbia University<br />

Constellis Group<br />

Covanta<br />

Cummins Inc<br />

Customers Bank<br />

CVS Health<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 58


David Ramirez<br />

Joe Voje<br />

Will Lazzaro<br />

Mohammed Darwish Azad<br />

Josh Knopp<br />

Bernardo Horta<br />

Christopher Leigh<br />

Kwame Fields<br />

Priya Sirwani<br />

Brian Minick<br />

Marc Ashworth<br />

Hardik Parekh<br />

Riad Amro<br />

Jason Benedict<br />

Jim Motes<br />

Steven Sim<br />

Michael Cunningham<br />

William Curtiss<br />

Richard Flahaven<br />

Jeffrey Vinson<br />

Hassan Asgar<br />

Marcos Marrero<br />

Joseph McComb<br />

Vikrant Arora<br />

Joanna Burkey<br />

Janet Heins<br />

Michael Madl<br />

Brent Conran<br />

Dane Warren<br />

Robert Pace<br />

Marene Allison<br />

DRW Holdings<br />

El Camino Health<br />

Embrace Pet Insurance<br />

EmiratesNBD Group<br />

Enterprise Holdings<br />

Erste Group Bank AG<br />

Eversource Energy<br />

Federal Home Loan Bank of San Francisco<br />

Fiera Capital<br />

Fifth Third Bank<br />

First Bank<br />

Five9<br />

FlightSafety International<br />

Fordham University<br />

GameStop<br />

Global PSA<br />

Graphic Packaging International<br />

Hanesbrands Inc.<br />

Harley-Davidson Motor Company<br />

Harris Health<br />

Hinge Health<br />

HIG Capital<br />

Holland & Hart LLP<br />

Hospital <strong>for</strong> Special Surgery<br />

HP<br />

iHeartMedia<br />

Indiana Wesleyan University<br />

Intel Corporation<br />

Intertek<br />

Invitation Homes<br />

J&J<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 59


Timothy Rohrbaugh<br />

Longinus Timochenko<br />

Jeff Maxon<br />

Dan Meacham<br />

Kemal Piskin<br />

Hadas Cassorla<br />

Lester Godsey<br />

Richard Yun<br />

Matt Long<br />

Kapil Madaan<br />

John Opala<br />

Michael Jacobs<br />

Bill Hill<br />

Marcel Lehner<br />

Christos Syngelakis<br />

Scot Miller<br />

Venkatesh Subramaniam<br />

David Cross<br />

Raj Bahdwar<br />

William Bogdan<br />

Idan Malei<br />

Chuck Markarian<br />

Bradley Schaufenbuel<br />

Greg Bee<br />

Ravi Mani<br />

Mimoent Haddouti<br />

Lauren Heyndrickx<br />

Daniel Temisanren<br />

Gary A. Gooden<br />

Karine Thibault<br />

Joe Ellis<br />

JetBlue Airways<br />

Kabum<br />

Kansas In<strong>for</strong>mation Security Office<br />

Legendary Entertainment<br />

LinQuest<br />

M1 Finance<br />

Maricopa County<br />

Masimo Corporation<br />

MasterCraft Boat Company<br />

Max Healthcare<br />

McCormick & Company<br />

MINDBODY, Inc.<br />

MITRE<br />

MM Group<br />

Motor Oil Hellas<br />

Mr. Cooper<br />

Olam International<br />

Oracle<br />

Oracle<br />

Orange County Sheriff's Department<br />

Ormat<br />

PACCAR<br />

Paychex<br />

Pekin Insurance<br />

Quest Diagnostics<br />

RaboBank<br />

Ralph Lauren Corporation<br />

Registrar-Recorder/County Clerk, Los Angeles<br />

Relativity Space<br />

Roper Technologies, Inc.<br />

Ryder<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 60


Ishaaq Jacobs<br />

Garrett Smiley<br />

Parthiv Shah<br />

John McClure<br />

Zachary Lewis<br />

Ernest Wohnig III<br />

Rex Wong<br />

Keith Turpin<br />

Dwayne Robinson<br />

Howard Whyte<br />

Kip James<br />

Tracey Brand Sanders<br />

Peter Rosario<br />

Daniella Traino<br />

Manas Giri<br />

Jeffrey Lolley<br />

Mac Esmilla<br />

Sasol<br />

Serco Inc.<br />

Signature Bank<br />

Sinclair Broadcast Group, Inc.<br />

St. Louis College of Pharmacy<br />

System 1, Inc.<br />

<strong>The</strong> Estée Lauder Companies Inc.<br />

<strong>The</strong> Friedkin Group<br />

Trader Joe's<br />

Truist<br />

TTEC<br />

UGI Corporation<br />

USI Insurance Services<br />

Wesfarmers<br />

WestJet Airlines<br />

Wilson Sonsini Goodrich & Rosati<br />

World Vision<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 61


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 62


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 63


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 64


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 65


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 66


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 67


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 68


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 69


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 70


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 71


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 72


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 73


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 74


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 75


About <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong><br />

<strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> is a once-per-year publication of the Cyber Defense Awards and Cyber<br />

Defense Magazine team, two leading plat<strong>for</strong>ms of the Cyber Defense Media Group. This is Cyber<br />

Defense Magazine’s 10th year of honoring cybersecurity innovators, in this case the <strong>Black</strong><br />

<strong>Unicorn</strong> Awards <strong>for</strong> <strong>2022</strong> on our Cyber Defense Awards plat<strong>for</strong>m. In this competition, judges <strong>for</strong><br />

these prestigious awards includes cybersecurity industry veterans, trailblazers and market<br />

makers Gary Miliefsky of CDMG, Robert R. Ackerman Jr. of Allegis Cyber, Dino Boukouris of<br />

MomentumCyber and with much appreciation to emeritus judges Robert Herjavec of Herjavec<br />

Group, Dr. Peter Stephenson of CDMG and David DeWalt of NightDragon.<br />

To see the complete list of finalists and winners <strong>for</strong> the <strong>Black</strong> <strong>Unicorn</strong> Awards <strong>for</strong> <strong>2022</strong> please<br />

visit https://cyberdefenseawards.com/black-unicorn-winners-<strong>for</strong>-<strong>2022</strong>/<br />

All rights reserved worldwide. Copyright © <strong>2022</strong>, Cyber Defense Magazine. All rights reserved.<br />

No part of this newsletter may be used or reproduced by any means, graphic, electronic, or<br />

mechanical, including photocopying, recording, taping or by any in<strong>for</strong>mation storage retrieval<br />

system without the written permission of the publisher except in the case of brief quotations<br />

embodied in critical articles and reviews.<br />

Because of the dynamic nature of the Internet, any Web addresses or links contained in this<br />

newsletter may have changed since publication and may no longer be valid. <strong>The</strong> views expressed<br />

in this work are solely those of the author and do not necessarily reflect the views of the publisher,<br />

and the publisher hereby disclaims any responsibility <strong>for</strong> them.<br />

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original<br />

author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of<br />

copyrighted material "<strong>for</strong> purposes such as criticism, comment, news reporting, teaching<br />

(including multiple copies <strong>for</strong> classroom use), scholarship, or research, is not an infringement of<br />

copyright."<br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 76


<strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> <strong>for</strong> <strong>2022</strong>, Copyright (C) <strong>2022</strong>, Cyber Defense Magazine, a division of<br />

CYBER DEFENSE MEDIA GROUP 276 Fifth Avenue, Suite 704, New York, NY 10001, Toll Free<br />

(USA): 1-833-844-9468 d/b/a CyberDefenseAwards.com, CyberDefenseMagazine.com,<br />

CyberDefenseNewswire.com, CyberDefenseProfessionals.com, CyberDefenseRadio.com and<br />

CyberDefenseTV.com, is a Limited Liability Corporation (LLC) originally incorporated in the United<br />

States of America. Our Tax ID (EIN) is: 45-4188465, Cyber Defense Magazine® is a registered<br />

trademark of Cyber Defense Media Group. DUNS# 078358935. All rights reserved worldwide.<br />

marketing@cyberdefensemagazine.com<br />

Cyber Defense Magazine<br />

276 Fifth Avenue, Suite 704, New York, NY 1000<br />

EIN: 454-18-8465, DUNS# 078358935.<br />

All rights reserved worldwide.<br />

marketing@cyberdefensemagazine.com<br />

www.cyberdefensemagazine.com<br />

www.cyberdefenseawards.com<br />

Cyber Defense Magazine – <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> rev. date: 10/27/<strong>2022</strong><br />

<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 77


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 78


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 79


<strong>2022</strong> | <strong>The</strong> <strong>Black</strong> <strong>Unicorn</strong> <strong>Report</strong> 80

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!