Credit cards, social security numbers, social media logins and medical records all have immense value on the dark web. That’s why cybersecurity attacks are so costly and dangerous. In fact, it usually takes a company about 196 days to even discover that they were breached and another $7.91 million to fix the damage. But the real damage lies far beyond financial figures. In those six plus months of going undetected, cyber criminals steal countless identities, company secrets, private health records and anything else of value, leading to immeasurable consequences for both company and consumer.
Luckily, San Francisco cybersecurity companies are here to put our minds at ease. The Bay Area, as one of the world’s foremost security hubs, is working on outsmarting cybercriminals through advanced tech, like multi-factor authentication, malicious bot scanning software and post-perimeter monitoring to prevent attacks before they can even happen. Check out below 15 San Francisco cybersecurity companies going above-and-beyond to protect our data from the bad guys.
Founded: 2009
What they do: OneLogin’s identity and access management platform securely connects workforces and customers to devices and apps in a businesses’ tech ecosystem. The company has a suite of cybersecurity tools that allow employees, contractors and customers to sign in anywhere with a single sign-on, multi-factor authentication and device trust management systems.
Founded: 2011
What they do: Fastly helps businesses grow, scale and secure their cloud capabilities with their edge cloud platform. The company’s edge cloud protects against vulnerabilities, DDoS and bot attacks using real-time monitoring and predictive detection. Pinterest, Airbnb, TicketMaster and The New York Times all use Fastly’s edge cloud cybersecurity solution to stamp out malicious behavior in their networks.
Founded: 2007
What they do: Lookout’s post perimeter security monitors cybersecurity risks at the endpoint for mobile devices. The suite of security tools, focused on the protection of corporate data, uses pattern recognition technology to indicate threats, find vulnerabilities in software and monitor suspicious behavior. The company also has tools that protect users from phishing attacks by blocking malicious links through email, text and content.
Founded: 2013
What they do: Sysdig is a cloud-native visibility and security platform giving users an in-depth view into their tech ecosystems. The company’s platform delivers secure, containerized applications in one place, so IT teams don’t have to manage dozens of separate container and monitoring tools. With Sysdig Secure, containers are protected with image scanning, up-to-date compliance measures, run-time protection and vulnerability forensics.
Founded: 2012
What they do: HackerOne is a security platform that connects businesses with cybersecurity researchers and penetration testers. These cybersecurity experts and ethical hackers are able to discover vulnerabilities, perform project-based penetration tests and launch bug bounty programs for continuous cybersecurity monitoring. GM, Starbucks and Spotify have all used HackerOne’s ethical hackers to identify weak points and bolster their cyber defenses.
Founded: 2012
What they do: HashiCorp’s Vault cybersecurity suite lets companies secure, store and control access to sensitive corporate data. With HashiCorp, IT and security teams are able to tightly control access to sensitive tokens, passwords, encryption keys and certificates through low-trust networks in public clouds. Hulu, Adobe, Splunk and Cruise all use HashiCorp’s Vault to store and manage access to private data.
Founded: 2012
What they do: Bugcrowd crowdsources cybersecurity solutions from thousands of industry experts for a quicker, more-holistic dive into a businesses’ infrastructure. Companies looking to find vulnerabilities in their systems design the parameters they want researched. Then, a group of white hat hackers find and document bugs they found. The company will then patch the system and reward the hunters with money or a public “kudos.”
Founded: 2012
What they do: Expanse provides a constant, in-depth look at the security status of all Internet-connected assets within an organization. The Expanse Global Internet Intelligence Platform continuously collects and analyzes both active and passive data from every Internet-connected device to see who is accessing them and from where. The data collected by the platform is used to remediate exposures and build up cyber infrastructure.
Founded: 2015
What they do: The ValiMail Trust Layer is an identity-driven platform for stopping inbound and outbound phishing and business email compromise (BEC) attacks. The company’s technology combines a clearinghouse of trusted domain and email platforms with an authentication tool that focuses on who the email sender is, rather than what the email contains. By focusing on sender identification, ValiMail is able to protect against both inbound and outbound malicious phishing attempts.
Founded: 2009
What they do: Cloudflare is a web performance and security company. The company’s suite of cybersecurity solutions include DDoS attack protection, customer data breach prevention tools and even technology to stop malicious bot attacks. More than 20 million Internet properties trust Cloudflare to optimize their site performance and security, including Zendesk, DigitalOcean and Crunchbase.
Founded: 2016
What they do: Tigera provides zero-trust network security for applications on the Kubernetes platform. Since Kubernetes-based applications make heavy use of a network for service and service communication, Tigera continuously monitors the networks, and their traffic, using service-to-service authentication that is executed via encrypted channels. The platform will then monitor network flows and log security policy violations and anomalies.
Founded: 2009
What they do: RiskIQ provides digital threat management tools to prevent attacks and investigate vulnerabilities across mobile, web and social channels. The company has cybersecurity solutions that range from incident response to threat intelligence and mobile app monitoring. Amazon, Disney, Facebook, United and Pepsi are just a few of the global brands that use RiskIQ’s cybersecurity protocols to monitor and strengthen their cyber infrastructure.
Founded: 2013
What they do: Remediant provides enterprises with Privileged Access Management (PAM) software that protects accounts from being compromised. Using Just-in-Time Administration and Principle of Least Privilege, Remediant grants file access to those who are pertinent to a project and only for a limited amount of time. Other platform features include continuous monitoring, endpoint security, two-factor authentication and access vulnerability management.
Founded: 2010
What they do: The ForgeRock Access and Identity Platform features a plethora of digital access management tools that securely connect employees, customers and devices. The company’s suite helps manage identities across networks, secures all devices in an ecosystem and even features edge computing security for IoT devices.
Founded: 2014
What they do: Solebit’s cybersecurity measures help companies protect against malware, zero-day threats and advanced cyber attacks through real-time, malicious code detection software. The platform, using advanced flow analysis and deep content evaluation, proactively protects against malicious or hidden code within incoming data files either on a network or in the cloud. If a threat is deemed credible, the Solebit platform will take action and immediately update security staff with forensics and post-attack reporting. Cloud-based security company Mimecast acquired Solebit in 2018.