16 Cybersecurity Startups Selected for Google Growth Academy
Including IT-Harvest!
Most of the 6,666 readers of this substack will have noticed a change in the IT-Harvest Dashboard over time. If you tuned in early you saw screenshots and features of a platform for researching the entire cybersecurity industry. In a post titled Journey to a Data-Driven Analyst Firm, I indicated the direction we were going in January 2022. When we launched that March it was called the Analyst Dashboard and the intended users were VCs, private equity firms, and other industry analysts.
Our first use of AI came only six weeks after OpenAI launched ChatGPT. Maximillian connected to OpenAI 3.5 via API and had it write company descriptions for over 3,000 vendors in 72 hours; a task that would have taken me thousands of hours to complete. Unlike the Pitchbooks of the world we do not employ hundreds of humans to cut and paste company descriptions from websites. :-) It was then that we began to grasp that AI coupled with a dataset would give us super powers.
In the fall of 2023 one of our API customers requested data on cybersecurity products. Once again Maximillion overcame a seemingly impossible task. He coupled screen scraping services with various LLMs to capture and catalog products from every vendor’s website. Keep in mind that we are the only ones able to do this because IT-Harvest has the only clean database of product vendors. He ingested 10,000+ product names, descriptions and feature sets. Here is the December, 2023 substack post: How Many Cybersecurity Products Are There?
We spent the first half of 2024 talking to CISOs and their teams about what they wanted to see in a decision support tool for cybersecurity products. The most frequent request, after seeing the MITRE ATT&CK alignments, was for NIST CSF controls.
Everything changed when we introduced those NIST mappings in July. Yes, We Have NIST!
Since July the interest from security teams has been overwhelming. There is a surprising appetite for our data, thus more API sales. We have successully pivoted our ICP from investors to end user organizations. (Not to imply that investor interest has declined, it’s just that enterprise demand is higher.)
We added CIS Controls last week too. See this image of CIS mappings for Black Duck Supply Chain Edition.
You can see why security teams want to get their hands on our data. Consultants too can use the data to map a client’s security stack to a framework to identify gaps and redundancies.
We continue to leverage AI models in new ways every day. A month ago we introduced HarvestIQ.ai, an AI assistant that is tied to our data and can do amazing tasks like create a SWOT in 90 seconds or compare products. You can even create battle cards for your competitors.
The transition to a cybersecurity product vendor is complete. This week Google included IT-Harvest in the 2025 Google for Startups Growth Academy: AI for Cybersecurity cohort. We are one of 16 startups that will be participating in face to face meetings and custom mentoring sessions with Googlers.
I created a Google Sheet to make it easier to track all of them.
Note the diverse countries the cohort is from. Only five are US based.
Averlon (Washington, United States): Averlon, a cloud security startup, uses AI to automatically find and prioritize risks, respond to incidents and scale with businesses.
Cerby (California, United States): Cerby connects apps to existing security systems, eliminating manual workarounds and improving security compliance.
CounterCraft (San Sebastian, Spain): CounterCraft lures attackers away with a fake network environment, providing real-time threat intelligence.
DeepTrust (California, United States): DeepTrust helps protect against deepfakes and social engineering with real-time identification and training.
Equixly (Florence, Italy): Equixly startup provides AI-powered API penetration testing that focuses on finding and managing critical security risks.
ESProfiler (Manchester, United Kingdom): ESProfiler helps optimize security investments and maximize product adoption.
IT-Harvest (Michigan, United States): IT-Harvest provides a platform for researching cybersecurity vendors and products.
Mitigant (Potsdam, Germany): Mitigant provides comprehensive security for cloud-native infrastructure.
Moxso (Copenhagen, Denmark): Moxso uses AI to automate phishing simulations and training, helping build a strong security culture.
Qalea (Barcelona, Spain): Qalea simplifies security management with a single platform and AI automation.
Qualifire (Tel Aviv, Israel): Qualifire evaluates LLM-based applications in real time, ensuring safety, reliability and compliance.
Secretarium (London, United Kingdom): Secretarium provides a secure and auditable environment for running applications with sensitive data.
Steryon (Barcelona, Spain): Steryon helps organizations better understand and manage cyber risks within their operational technology environments.
System Two Security (California, United States): System Two Security is an AI-powered cybersecurity platform that automates threat detection and response.
Wodan AI (Brussels, Belgium): Wodan AI provides data privacy and security to AI users.
XFA (Antwerp, Belgium): XFA identifies devices used in an organization, informs users about risks and verifies compliance.
Two of the cohort were founded only last year. The “oldest” is CounterCraft founded ten years ago. (What about IT-Harvest? That was technically founded in 2006. Well, we became a product company in March of 2022 and brought on Maximillian as co-founder shortly after.)
CounterCraft is based in Spain and provides deception solutions.
Our AI ingestion tool writes: Cerby, founded in 2020 and based in the United States, is an IAM cybersecurity vendor specializing in access management for nonstandard applications that do not support common identity and security standards. Cerby integrates these applications into existing workforce identity platforms like Okta and Azure AD, eliminating the need for enterprise password managers.
Several of the cohort were unkown to us and we are initiating coverage. Our automation has progressed to the point that we can enter a vendor and have all the data populated in less than 24 hours.
If you are involved in product evaluation, selection, and management, reach out today to get a demo of dashboard.it-harvest.com.
One last thing: If you are drving on the 101 in the Bay Area this week keep your eye open for our bill boards! Let me know if you see them.
Well done Richard. Recognition well deserved.