Massachusetts Mutual Life Insurance Company

VIA Science, Inc. is a technology company that develops an artificial intelligence (AI) application tailored for the energy sector. Founded in 2016 and headquartered in Somerville, Massachusetts, with an additional office in Montreal, Canada, VIA provides a blockchain-based application called Trusted Analytics Chain. This platform aggregates company-wide data, allowing organizations to analyze information across multiple locations securely. VIA focuses on addressing asset management and operational challenges in collaboration with key stakeholders in the energy industry, including governments and large utilities. Its innovative solutions leverage AI and causal analytics to prioritize risks to critical infrastructure, facilitating encrypted analysis of sensitive data and enhancing initiatives such as predictive maintenance and contingency planning.

AI fighting AI. CISOs face an impossible risk landscape today. 80% of cybersecurity breaches start because of employee error. The problem is exacerbating with generative AI, as a single hacker can specifically target thousands of employees in the same amount of time that they used to specifically target tens of employees with social engineering. CISOs lack tools to deal with employee risk and are held accountable when a breach inevitably happens. By leveraging AI at each step, Dune Security empowers organizations to quantify individual risk through analyzing user behavior, context, learning patterns, and third party data. This allows the automation of tailored cybersecurity measures to each individual, transforming vulnerabilities into strengths. Dune is the central engine of all employee risk data, which is a solution that is not just timely for organizations but necessary in navigating the present cybersecurity landscape. This gives the CISO the capability to understand who are the high risk employees, to what extent, and why - as well as automatically remediate and restrict access to keep their organization safe. Today, Dune Security uniquely replaces legacy and ineffective security awareness training by pinpointing the crucial 8% of employees responsible for 80% of the risk, ensuring all employees receive personalized, machine learning-driven training tailored to their risk profile. CISOs also have easy access to quantifiable data via robust reporting and API-out capability, enabling them to both report to compliance auditors, regulators, and insurance underwriters, as well as restrict access to high-risk employees through other security systems.

Scrut Automation is a Bangalore‑based company founded in 2021 that offers an information security compliance platform. The platform automates labor‑intensive compliance tasks by integrating with cloud and SaaS tools and automatically gathering evidence artifacts that would otherwise require weeks of manual effort. It blends technology with human expertise to handle complex cases and provides a single interface for accessing external resources such as auditors and penetration testers. This enables organizations to streamline collaboration, controls, and monitoring related to compliance.

Scrut Automation is a Bangalore‑based company founded in 2021 that offers an information security compliance platform. The platform automates labor‑intensive compliance tasks by integrating with cloud and SaaS tools and automatically gathering evidence artifacts that would otherwise require weeks of manual effort. It blends technology with human expertise to handle complex cases and provides a single interface for accessing external resources such as auditors and penetration testers. This enables organizations to streamline collaboration, controls, and monitoring related to compliance.

Mine is a technology company focused on empowering individuals to take control of their personal data online. The platform allows users to quickly identify companies that hold their sensitive information, including personal, financial, and health data. By integrating with users' email, Mine scans interactions to determine potential data holdings and facilitates a simple process for users to request data deletion from those companies. This capability supports users' rights to privacy and helps minimize their online exposure, reducing potential risks associated with data breaches and misuse. Ultimately, Mine promotes the concept of data ownership as a fundamental human right, ensuring that individuals can manage their personal information effectively.

Prove specializes in smartphone-based identity verification, offering phone-centric solutions that enable businesses to securely acquire new consumers and engage with existing ones. Its solutions reduce friction, enhance security, and protect consumer privacy.

HarfangLab specializes in developing advanced software aimed at enhancing the detection and neutralization of cyberattacks on corporate endpoints. Their cloud-based platform integrates with third-party cybersecurity solutions to provide comprehensive visibility across systems. The software facilitates real-time threat identification, investigation, and elimination, significantly improving the efficiency of threat management. HarfangLab's team comprises specialists with extensive experience in both defensive and offensive cyber operations, having previously worked with the French National Agency for the Security of Information Systems, the French Ministry of Defense, and leading cybersecurity firms. This expertise positions HarfangLab as a key player in delivering robust cybersecurity solutions for organizations seeking to protect their digital assets.

Zluri is a SaaS management platform that empowers modern enterprises by providing tools for managing, securing, and ensuring compliance across multiple SaaS applications. It helps IT teams regain control over their expanding SaaS landscape.

Phosphorus Cybersecurity is an IoT security management and breach prevention platform for the xTended Internet of Things. Designed to secure the rapidly growing and often unmonitored world of Things across the enterprise xIoT landscape, our Unified xIoT Security Management Platform delivers attack surface management across every industry vertical, providing intelligent active discovery and risk assessment, hardening and remediation, and detection and response. It brings enterprise xIoT security to every cyber-physical system in your enterprise environment. With unrivaled IoT Intelligent Active Discovery and risk assessment, Phosphorus automates the remediation of the most significant IoT, OT, IoMT, and IIoT device vulnerabilities – including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates.

Zluri is a SaaS management platform that empowers modern enterprises by providing tools for managing, securing, and ensuring compliance across multiple SaaS applications. It helps IT teams regain control over their expanding SaaS landscape.

CloudSEK provides a predictive cybersecurity platform that integrates cyber‑crime monitoring, brand monitoring, attack surface monitoring, and supply‑chain intelligence. The system delivers a unified dashboard that allows organizations to triage and visualize digital threats in one place. Artificial intelligence tools help identify, assess, and mitigate risks such as phishing, data breaches, and supply‑chain attacks, enabling real‑time monitoring and proactive threat management. The platform also offers workflows and integrations to streamline remediation and improve overall security posture.

SecZetta, Inc. specializes in identity lifecycle management and identity and access management software and services. Founded in 2006 and headquartered in Newport, Rhode Island, with an additional office in Bellingham, Massachusetts, the company offers a range of solutions designed to manage non-employees and their access to organizational resources. Key products include NE Profile, which helps identify third-party relationships and associated risks; NE Access, which manages third-party identities; and ID Proxy, which analyzes and processes employee data. SecZetta also provides consulting services focusing on governance, risk management frameworks, and security audits, alongside implementation and managed services for identity and access management. The company serves various sectors, including retail, healthcare, finance, and education, aiming to enhance security and streamline the onboarding process for non-employees.

Mine is a technology company focused on empowering individuals to take control of their personal data online. The platform allows users to quickly identify companies that hold their sensitive information, including personal, financial, and health data. By integrating with users' email, Mine scans interactions to determine potential data holdings and facilitates a simple process for users to request data deletion from those companies. This capability supports users' rights to privacy and helps minimize their online exposure, reducing potential risks associated with data breaches and misuse. Ultimately, Mine promotes the concept of data ownership as a fundamental human right, ensuring that individuals can manage their personal information effectively.

Prove specializes in smartphone-based identity verification, offering phone-centric solutions that enable businesses to securely acquire new consumers and engage with existing ones. Its solutions reduce friction, enhance security, and protect consumer privacy.

RiskIQ, Inc. is a cybersecurity company that specializes in developing cloud-based Software-as-a-Service solutions aimed at helping organizations detect and respond to various online security threats, including phishing, fraud, and malware. Its flagship product, RiskIQ Illuminate, allows organizations to map and monitor their digital attack surface, facilitating the understanding and mitigation of vulnerabilities. Additional offerings include RiskIQ PassiveTotal, which connects internal data to external threat indicators, and RiskIQ Digital Footprint, designed to visualize and protect the attack surface. The company also provides RiskIQ Executive Guardian, which tracks potential threats to company executives, and RiskIQ SIS, a data set that identifies cyber threats. RiskIQ’s products support a range of applications, including compliance, incident response, and brand protection, serving diverse industries such as finance, healthcare, and technology. Founded in 2003 and headquartered in San Francisco, California, RiskIQ also has offices in Lenexa, Kansas, and London, United Kingdom.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Digital Guardian is a data security solutions provider founded in 2003 and headquartered in Waltham, Massachusetts. The company specializes in protecting data from both insider and outsider threats through its comprehensive Data Protection Platform. This platform operates across corporate networks, traditional endpoints, and cloud applications, utilizing big data security analytics to detect and block threats to sensitive information. Digital Guardian offers solutions for data loss prevention, regulated data management, and various other data protection needs, including application control, device control, encryption, email control, malware protection, and more. The company serves multiple sectors such as energy, financial services, government, manufacturing, healthcare, life sciences, and technology. Its solutions can be deployed on-premises, as a managed service, or in a hybrid model. Digital Guardian also provides professional services for threat protection implementation and training.

Prove specializes in smartphone-based identity verification, offering phone-centric solutions that enable businesses to securely acquire new consumers and engage with existing ones. Its solutions reduce friction, enhance security, and protect consumer privacy.

RiskLens, Inc. is a provider of cyber risk management software based in Spokane, Washington. Founded in 2011, the company offers a suite of applications designed to help organizations quantify and manage their cyber risk from a business perspective. Its key products include Cyber Risk Maturity, which assesses an organization's risk management capabilities and compliance; Cyber Risk Triage, a tool for rapid risk assessment; Cyber Risk Third-Party, which evaluates the risk management practices of external partners; and Cyber Risk Quantification, a decision-support application that calculates financial exposure to cybersecurity events. Additionally, RiskLens provides professional services, training, and certification to support its clients. The company's solutions are aimed at various sectors, including financial services, government, healthcare, education, and technology, empowering executives and risk officers to make informed cybersecurity investment decisions and manage their cyber risk effectively.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Solebit is a cybersecurity company that specializes in the identification and prevention of zero-day malware and unknown threats. Its flagship product, SoleGATE, is a cutting-edge software platform that utilizes a patented, real-time engine known as DvC™ (data vs. code). This innovative approach enables Solebit to detect and neutralize malicious code without relying on traditional methods such as sandboxing, signatures, or behavioral analysis, which are often slow and ineffective. Instead, DvC identifies threats by analyzing data files for any suspicious executable code, effectively blocking a wide range of malicious content, including encrypted and polymorphic payloads. Founded in 2014 by cybersecurity experts from elite technology units of the Israel Defense Forces, Solebit serves a diverse clientele, including leading financial organizations, technology firms, defense contractors, security vendors, and cloud service providers. By offering a proactive solution that operates on various platforms—whether on-premise or in the cloud—Solebit empowers organizations to safeguard their networks against potential threats before they can cause harm.

Prove specializes in smartphone-based identity verification, offering phone-centric solutions that enable businesses to securely acquire new consumers and engage with existing ones. Its solutions reduce friction, enhance security, and protect consumer privacy.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

RiskIQ, Inc. is a cybersecurity company that specializes in developing cloud-based Software-as-a-Service solutions aimed at helping organizations detect and respond to various online security threats, including phishing, fraud, and malware. Its flagship product, RiskIQ Illuminate, allows organizations to map and monitor their digital attack surface, facilitating the understanding and mitigation of vulnerabilities. Additional offerings include RiskIQ PassiveTotal, which connects internal data to external threat indicators, and RiskIQ Digital Footprint, designed to visualize and protect the attack surface. The company also provides RiskIQ Executive Guardian, which tracks potential threats to company executives, and RiskIQ SIS, a data set that identifies cyber threats. RiskIQ’s products support a range of applications, including compliance, incident response, and brand protection, serving diverse industries such as finance, healthcare, and technology. Founded in 2003 and headquartered in San Francisco, California, RiskIQ also has offices in Lenexa, Kansas, and London, United Kingdom.

CyberGRX is a cybersecurity company based in Denver, Colorado, that specializes in third-party cyber risk management. The company offers a comprehensive platform designed to help organizations identify, assess, mitigate, and monitor their cyber risk exposure across their entire partner ecosystem. By leveraging automation and advanced analytics, CyberGRX enables enterprises to effectively manage and monitor risks associated with their vendors, partners, and customers. The platform provides a cost-effective and scalable solution, allowing organizations to gain complete visibility into their risk portfolio while facilitating real-time decision-making and predictive capabilities.

Pwnie Express is a company specializing in IoT security, focused on closing the security gaps created by the deployment of Internet of Things devices in enterprises. Founded by industry veterans in 2009, it offers a platform that provides comprehensive threat detection for all wired and wireless devices within and around the workplace. The company is unique in its ability to identify rogue, misconfigured, and unauthorized devices across various spectrums, thereby helping businesses prevent potential IoT threats that could disrupt operations. Pwnie Express emphasizes the importance of security assessment and simplifies the process of identifying vulnerabilities through its automated solutions and award-winning sensors, enabling security teams to obtain timely and effective insights into their networks.

Digital Guardian is a data security solutions provider founded in 2003 and headquartered in Waltham, Massachusetts. The company specializes in protecting data from both insider and outsider threats through its comprehensive Data Protection Platform. This platform operates across corporate networks, traditional endpoints, and cloud applications, utilizing big data security analytics to detect and block threats to sensitive information. Digital Guardian offers solutions for data loss prevention, regulated data management, and various other data protection needs, including application control, device control, encryption, email control, malware protection, and more. The company serves multiple sectors such as energy, financial services, government, manufacturing, healthcare, life sciences, and technology. Its solutions can be deployed on-premises, as a managed service, or in a hybrid model. Digital Guardian also provides professional services for threat protection implementation and training.

Recorded Future is a threat intelligence company that provides real-time, multi-source insights to help organizations anticipate and defend against cyber threats. Its Intelligence Cloud collects and analyzes data from the open web, dark web, and technical sources to deliver contextualized information on adversaries, infrastructure, and targets, enabling security teams to detect indicators of compromise, monitor brand and assets, and respond faster. The platform supports threat intelligence teams and security operations centers with automated alerts, dashboards, and on-demand reports, and offers services such as analyst-backed research and goal-driven intelligence. It also provides dark web monitoring, executive protection capabilities, and integrations with security tools, including a Palo Alto Networks lookup app for log searches. Recorded Future maintains headquarters in Somerville, Massachusetts, with offices in McLean, Virginia, and Gothenburg, Sweden. Founded in 2009, the company uses machine learning to deliver real-time, contextualized intelligence and reduce cybersecurity risk.

CloudSEK provides a predictive cybersecurity platform that integrates cyber‑crime monitoring, brand monitoring, attack surface monitoring, and supply‑chain intelligence. The system delivers a unified dashboard that allows organizations to triage and visualize digital threats in one place. Artificial intelligence tools help identify, assess, and mitigate risks such as phishing, data breaches, and supply‑chain attacks, enabling real‑time monitoring and proactive threat management. The platform also offers workflows and integrations to streamline remediation and improve overall security posture.