10 Hot IoT security startups to watch

The internet of things is growing at breakneck pace and may end up representing a bigger economic shift in networking than the internet itself did, making security threats associated with the IoT a major concern.

This worry is reflected by investments being made in startups that focus on stopping threats to the IoT, the industrial IoT (IIoT) and the operational technology (OT) surrounding them.

The 10 young companies profiled here are developing everything from IoT intrusion prevention tools to IIoT/OT cybersecurity suites to firmware-hardening services. As cyber-attackers shift their focus to the IoT, startups like these may well end up being your first line of defense.

What they do: Intrusion protection for IoT

Year founded: 2012

Funding: $14 million

Headquarters: Durham, N.C.

CEO: Kevin Senator, who previously served as VP of Sales and GM of SaaS Sales for Cal Amp

Problem they solve: Industrial network operators don’t typically have the internal expertise to effectively handle the security threats that continuously hit their networks. Many operators rely on IoT visibility tools to monitor risks, but those tools don’t actually provide real-time active protection against threats to their OT environments.

How they solve it: Bayshore Network’s industrial cyber protection software provides real-time, per-asset intrusion prevention throughout an industrial network. Bayshore appliances are deployed inline as a transparent bridge, so there is no need to rebuild all the of the IPs for the plant.

Bayshore’s security suite is built on top of a policy engine that works at the byte level. It ingests packet streams via their native protocols, disassembles them into a set of parameters and metadata, and then applies policy controls. These can be simple signature-based checks or the policies can be context-sensitive. 

Bayshore’s policy engine breaks down all the messages sent to a device, organizes the contents into logical containers and applies rules on a per-value basis. It can also apply external parameters via logical constructs. So, for example, an industrial customer might use Bayshore to apply virtual segmentation such as: Source IPs from subnet-A might be allowed to perform read and write operations, but IPs from subnet-B can only do reads.  

Bayshore can also apply context-sensitive actions where the context is defined as an amalgam of known baseline ranges – such as how hot an oven should run – and external threat conditions – such as an uptick in blocked activity targeting the oven’s PLC from external users.

Competitors include: Cisco, Palo Alto Networks, Tenable, Symantec and startups including Claroty, Nozomi Networks, Indegy and CyberX

Customers include: AT&T, GE, Kimberly Clark Corporation, Yokogawa

Why they’re a hot startup to watch: For a seven-year-old company, Bayshore Networks has a modest amount of funding. However, it has something even more important than eye-popping VC rounds: named customers – big ones.

The senior leadership team has a track record of successful exits. CEO Senator and CPO Toby Weir-Jones were both in management positions at Counterpane when it was acquired by BT. Other exits include Bluecurve’s sale to Red Hat (Senator) and ValiCert’s IPO (Weir-Jones).

What they do: Provide security for OT networks

Year founded: 2014

Funding: $93 million

Headquarters: New York, N.Y.

CEO: Amir Zilberstein. He formerly co-founded Waterfall Security Solutions and Gita Technologies

Problem they solve: As cyber-attacks explode in volume and become increasingly complex, the shortage of IT skills in OT environments is becoming a massive risk.

Not only are OT networks vulnerable to new, evolving attacks, but many industrial control systems (ICS) networks also lack even basic intrusion prevention, allowing potential attackers to case out networks undetected long before launching attacks.

How they solve it: Claroty’s IIoT cybersecurity platform discovers and eliminates vulnerabilities, misconfigurations and insecure connections in IIoT and OT environments. The Claroty platform offers granular visibility into IIoT and industrial control networks – understanding a device’s function in the network, its relationship to other devices and details about its layer 7 traffic – to improve uptime and enable a proactive security posture.

Its flagship Continuous Threat Detection platform provides real-time threat detection, including anomaly and signature-based detection. It establishes a real-time view of the network topology, including connections and traffic flow for both Ethernet and serial networks.

Continuous vulnerability-monitoring capabilities help operators uncover and remedy network configuration issues, while also discovering assets with known vulnerabilities. The platform can automatically generate current-state views of OT process communications, which enables it to automatically determine network segmentation strategies.

Claroty enables secure remote access with policy- and workflow-based access control and session monitoring. It can be integrated with common cybersecurity products, such as those from Cisco, Check Point and Splunk.

Finally, Claroty can be deployed in extremely remote, bandwidth- or compute-constrained environments. It relies on a sensor-based architecture to adapt to such use cases as protecting electric transmission lines, and oil and gas pipelines.

Competitors include: Cisco, Palo Alto Networks, Tenable, Symantec, Bayshore Networks, Nozomi Networks, Indegy and CyberX
Customers include:
None publicly disclosed.

Why they’re a hot startup to watch: Claroty has raised an eye-popping $93 million in funding, including a $60 million Series B announced in June 2018. The round was led by Temasek and included Rockwell Automation, Aster Capital, Next47, Envision Ventures and Tekfen Ventures. Original investors Bessemer Venture Partners, Team8, Innovation Endeavors and ICV all participated in the round, as well.