Thirteen companies shaping the future of digital trust.

EclecticIQ builds the intelligence-led security operations platform used by threat analysts to collect, correlate, and act on structured threat data across STIX/TAXII feeds and proprietary telemetry. We backed EclecticIQ in 2019 as our Fund I thesis investment — the earliest expression of our conviction that machine-speed threat intelligence is a fundamental infrastructure layer, not an add-on to a SIEM.

Hadrian runs continuous autonomous red-team operations against enterprise attack surfaces, discovering exploitable paths before human attackers do — without requiring a penetration testing engagement each time the environment changes. We invested at Seed in 2022 because the core insight is architecturally correct: if your external attack surface changes daily, so must your testing cadence.

Detectify delivers continuous external attack surface management by combining automated web application scanning with a crowdsourced ethical hacker research programme — turning findings from 400+ security researchers into detection modules updated weekly. We backed Detectify in 2020 because the external attack surface was growing faster than security teams could manually track, and Detectify's dual model of automation plus human intelligence gave it a defensible discovery edge over signature-only scanners.

Sekoia builds a unified SOC platform combining SIEM, XDR, SOAR, and cyber threat intelligence into a single analyst environment — with AI-guided triage that routes alerts to the right workflow and surfaces relevant threat context automatically. We invested at Seed in 2021 because the fragmented multi-tool SOC was a structural problem for mid-market security teams, and Sekoia's integrated model with a French-rooted CTI feed offered a meaningfully different approach for European enterprises under NIS2.

Ondato delivers a unified KYC and AML compliance platform — covering identity document verification, biometric liveness checks, sanctions screening, and business onboarding — built specifically for the European regulatory environment under eIDAS and AMLD5. We backed Ondato at Pre-Seed in 2021 because identity verification in Europe requires handling over 180 document formats across member states with different data residency requirements, and Ondato had built the document intelligence layer to do that correctly at scale.

Zivver provides encrypted email and secure file transfer for organisations operating under strict data protection obligations — healthcare, legal, financial services, and government — where a misdirected email is not an inconvenience but a notifiable data breach under AVG/GDPR. We led Zivver's round in 2022 because the human-error dimension of data loss in regulated communication was structurally underserved, and Zivver's approach to accessible encryption for non-technical end-users was distinctive.

Aikido Security consolidates SAST, SCA, container scanning, and secrets detection into a single platform built for developer workflows — surfacing only the vulnerabilities that are reachable and exploitable, rather than generating the high-noise output that causes security fatigue in engineering teams. We invested at Seed in 2023 because the shift-left security category was overcrowded with CISO-facing tools while the actual problem was developer adoption, and Aikido's product thinking was explicitly developer-first.

Orbit Security uses unsupervised ML models to establish behavioural baselines for cloud workloads — Kubernetes pods, serverless functions, and containerised services — and detect anomalies that signature-based detection misses entirely. We backed Orbit at Seed in 2024 because the cloud workload threat surface has expanded faster than traditional CWPP tooling can address, and behavioural detection trained per-environment is the correct architectural response.

Sprinto automates compliance readiness for SOC 2, ISO 27001, GDPR, and related frameworks — continuously monitoring controls, collecting evidence, and maintaining audit-trail documentation without requiring dedicated compliance headcount. We invested at Pre-Seed in 2024 because the compliance burden on early-stage software companies selling into enterprise accounts was becoming a meaningful deal-blocker, and Sprinto's approach to autonomous compliance monitoring addressed the root cause rather than just the paperwork.

Eye Security delivers managed detection and response to mid-market European organisations — the segment too large to ignore security obligations under NIS2 but too small to staff a 24/7 SOC internally. We backed Eye Security at Seed in 2020 because the European mid-market MDR gap was real, the NIS2 compliance timeline created a durable demand catalyst, and Eye's operational model was purpose-built for the cost structure mid-market buyers can sustain.

Sonar (SonarSource) provides static analysis tooling — SonarQube and SonarCloud — that surfaces code quality issues, security vulnerabilities, and cognitive complexity in the IDE and CI pipeline before they reach production. We invested at Seed in 2021 on the premise that code quality and security analysis are the same discipline approached from different risk tolerances, and that the developer toolchain was the correct enforcement point for both.

Sequretek offers a unified threat management platform combining XDR, SIEM, and SOAR capabilities with an AI-driven analysis layer designed for complex enterprise environments with heterogeneous security tooling. We backed Sequretek at Seed in 2023 because the enterprise market's frustration with point-solution sprawl was generating real demand for a unified detection and response layer that could ingest and correlate across a fragmented existing stack.

Cossack Labs builds cryptographic engineering tooling — including Themis, an open-source encryption library — that allows development teams to implement field-level and record-level encryption within their cloud data stores without requiring deep cryptography expertise. We invested at Pre-Seed in 2022 because application-layer encryption is the correct response to shared-tenancy cloud risk, and Cossack Labs was solving the usability gap that prevents most engineering teams from deploying it correctly.