Energy Impact Partners

Picnic is a cybersecurity firm that proactively protects people and companies against the biggest threat vector in cyber today: attacks by social engineers. Social engineers are hackers who use public information about you, your family, and your company to craft attacks that include phishing scams, ransomware, impersonation, identity theft, malware, elder fraud, and many others. Picnic proactively finds and removes the information about businesses and people that can be harvested by social engineers. Our technology works automatically, seamlessly, and continuously to protect you, your organization, and also your family. We make you less visible and reduce your attack surface. This is next-generation security—security at the human level. Get in touch to learn more about how we preemptively safeguard enterprises and individual employees from social engineering attacks.

Xona Systems, Inc. is a developer of a zero-trust user access platform specifically designed for remote industrial operations and critical infrastructure systems. Founded in 2013 and headquartered in Annapolis, Maryland, with a research and development center in Ann Arbor, Michigan, the company focuses on enhancing cybersecurity and operational efficiency for remote industrial control system operators worldwide. Xona's platform features integrated multi-factor authentication, user-to-asset access controls, and protocol isolation, which together eliminate common cyber attack vectors. Its technology allows authorized users to securely access operational technology from any location or device, ensuring seamless control and enabling critical operations to be conducted with confidence.

Coro is a developer of a comprehensive security platform designed to protect against a wide range of cyber threats, including malware, ransomware, phishing, and bots, across various devices and cloud applications. The platform utilizes artificial intelligence to autonomously detect and remediate security threats, minimizing the need for IT personnel to intervene in the investigation or resolution of issues. By securing the entire Software-as-a-Service (SaaS) chain—from users and devices to the network and cloud services—Coro eliminates the necessity for multiple security solutions, thereby reducing total cost of ownership. The cloud-based nature of the platform allows for quick deployment without the need for hardware installation, enabling organizations to enhance their cyber resilience efficiently.

Finite State, Inc. is a cybersecurity company focused on securing Internet of Things (IoT) devices, networks, and supply chains. Founded in 2017 and headquartered in Columbus, Ohio, the company provides a platform that analyzes firmware within IoT devices to identify vulnerabilities and security weaknesses. Its offerings include a comprehensive risk assessment that generates an overall risk score, a software bill of materials, and detailed reports on known vulnerabilities, hard-coded credentials, unsafe function calls, and other risk factors. Finite State serves a diverse range of markets, including enterprise, telecommunications, energy, healthcare, and critical infrastructure, utilizing advanced techniques such as static and dynamic analysis, reverse engineering, and machine learning to enhance security measures for connected devices.

Coro is a developer of a comprehensive security platform designed to protect against a wide range of cyber threats, including malware, ransomware, phishing, and bots, across various devices and cloud applications. The platform utilizes artificial intelligence to autonomously detect and remediate security threats, minimizing the need for IT personnel to intervene in the investigation or resolution of issues. By securing the entire Software-as-a-Service (SaaS) chain—from users and devices to the network and cloud services—Coro eliminates the necessity for multiple security solutions, thereby reducing total cost of ownership. The cloud-based nature of the platform allows for quick deployment without the need for hardware installation, enabling organizations to enhance their cyber resilience efficiently.

RangeForce is a software-as-a-service (SaaS) company that specializes in human cyber defense readiness. It provides a learning platform designed to enhance cybersecurity training by simulating cyberattacks and other threats within a cloud-based environment. This platform enables businesses to conduct realistic cybersecurity simulations and exercises, allowing information technology employees to develop and refine their defensive skills against evolving threats. By offering a sandbox environment, RangeForce helps organizations better prepare for actual cyber incidents, ensuring their teams are equipped to respond effectively.

Oort is an identity threat detection and response platform focused on enhancing enterprise security. Recognizing that over 60% of security breaches involve the abuse of valid identity credentials, Oort positions identity as a critical aspect of cybersecurity. The company offers a Software as a Service (SaaS) platform that allows cybersecurity and IT professionals to efficiently manage their identity and access management (IAM) programs. With a quick deployment process and a focus on reducing identity vulnerabilities at scale, Oort provides organizations with enhanced visibility and control over their identity attack surface. It operates as a fully remote startup based in Boston, MA, and its innovative solutions help clients secure their digital supply chains. Oort is supported by prominent investors and aims to equip security teams with the tools needed to combat identity threats effectively.

Network Perception, Inc. is a technology company specializing in network device configuration analysis software to enhance network management and security. Founded in 2013 and based in Chicago, Illinois, the company offers tools for firewall auditing and continuous monitoring, enabling corporate compliance and cybersecurity managers to visualize their network effectively. Its platform automates the analysis of network device configuration files, providing comprehensive audits and assessments that help organizations ensure their configurations align with best practices and regulatory standards. By delivering these innovative solutions, Network Perception assists businesses in managing cybersecurity vulnerabilities and maintaining compliance within their network environments.

Picnic is a cybersecurity firm that proactively protects people and companies against the biggest threat vector in cyber today: attacks by social engineers. Social engineers are hackers who use public information about you, your family, and your company to craft attacks that include phishing scams, ransomware, impersonation, identity theft, malware, elder fraud, and many others. Picnic proactively finds and removes the information about businesses and people that can be harvested by social engineers. Our technology works automatically, seamlessly, and continuously to protect you, your organization, and also your family. We make you less visible and reduce your attack surface. This is next-generation security—security at the human level. Get in touch to learn more about how we preemptively safeguard enterprises and individual employees from social engineering attacks.

SCYTHE Inc. is a cybersecurity company based in Arlington, Virginia, founded in 2017. It specializes in designing and developing an adversary emulation platform tailored for enterprises and cybersecurity consulting markets. The SCYTHE platform empowers organizations to construct and simulate a variety of adversarial campaigns swiftly, enabling Red, Blue, and Purple teams to assess and validate their security controls effectively. By allowing organizations to continuously evaluate their risk posture and exposure to cyber threats, SCYTHE helps enhance the performance of security teams and ensures that clients can implement appropriate cybersecurity measures and frameworks.

Dragos is an industrial cybersecurity company specializing in protecting critical infrastructure worldwide. It develops software that provides real-time visibility into Industrial Control Systems (ICS) and Operational Technology (OT) networks, enabling early detection of threats and proactive mitigation strategies. The company's solutions are optimized for emerging technologies like the Industrial Internet of Things (IIoT), serving clients across power and water utilities, energy, and manufacturing sectors to enhance their overall security posture.

Corelight, Inc. is a provider of network visibility solutions aimed at enhancing cybersecurity for enterprises, government entities, and educational institutions. Founded in 2013 and headquartered in San Francisco, California, the company develops a suite of products that includes Corelight sensors and a fleet management system. Its flagship offering is based on Bro, an open-source network analysis framework that delivers actionable, real-time data, enabling security professionals to comprehensively understand network traffic and effectively detect and mitigate cyber threats. In addition to its headquarters, Corelight maintains offices in Santa Clara, California, and Columbus, Ohio, further supporting its commitment to improving network security across various sectors.

Noetic Cyber specializes in cyber asset and controls management through its cloud-based platform, which enhances the security posture of organizations. The platform provides unified visibility of all assets, whether in the cloud or on-premises, allowing security teams to effectively monitor and manage their environments. By offering continuous, automated remediation, Noetic Cyber helps close coverage gaps and enforce security policies. This empowers security teams to make quicker and more informed decisions, ultimately reducing cyber risk and improving the overall security ecosystem.

42Crunch specializes in API security, offering an enterprise-grade platform designed to address the comprehensive security needs of API infrastructure throughout development, testing, and deployment phases. The company's solution focuses on ensuring confidentiality, integrity, and availability by automatically generating appropriate security policies for application orchestrations. This includes managing programming keys, passwords, and other sensitive data, thereby helping clients secure their API-based systems and software effectively.

Dragos is an industrial cybersecurity company specializing in protecting critical infrastructure worldwide. It develops software that provides real-time visibility into Industrial Control Systems (ICS) and Operational Technology (OT) networks, enabling early detection of threats and proactive mitigation strategies. The company's solutions are optimized for emerging technologies like the Industrial Internet of Things (IIoT), serving clients across power and water utilities, energy, and manufacturing sectors to enhance their overall security posture.

Swimlane, Inc. specializes in developing cyber security automation solutions for enterprise teams. Established in 2014 and based in Louisville, Colorado, the company offers a security operations management platform that centralizes security alerts, automates their resolution, and provides metrics-based dashboards and reports. Swimlane's platform is designed to alleviate common challenges faced by security teams, such as alert fatigue and staffing shortages, by providing a low-code environment that serves as a comprehensive system of record for the entire security organization. This allows various stakeholders within the organization to contribute their expertise to enhance overall security efforts, streamlining processes and improving operational efficiency across security operations.

RangeForce is a software-as-a-service (SaaS) company that specializes in human cyber defense readiness. It provides a learning platform designed to enhance cybersecurity training by simulating cyberattacks and other threats within a cloud-based environment. This platform enables businesses to conduct realistic cybersecurity simulations and exercises, allowing information technology employees to develop and refine their defensive skills against evolving threats. By offering a sandbox environment, RangeForce helps organizations better prepare for actual cyber incidents, ensuring their teams are equipped to respond effectively.

Finite State, Inc. is a cybersecurity company focused on securing Internet of Things (IoT) devices, networks, and supply chains. Founded in 2017 and headquartered in Columbus, Ohio, the company provides a platform that analyzes firmware within IoT devices to identify vulnerabilities and security weaknesses. Its offerings include a comprehensive risk assessment that generates an overall risk score, a software bill of materials, and detailed reports on known vulnerabilities, hard-coded credentials, unsafe function calls, and other risk factors. Finite State serves a diverse range of markets, including enterprise, telecommunications, energy, healthcare, and critical infrastructure, utilizing advanced techniques such as static and dynamic analysis, reverse engineering, and machine learning to enhance security measures for connected devices.

Attivo Networks, Inc. is a cybersecurity company that specializes in advanced threat detection technology for both on-premise and cloud-based deployments. Founded in 2011 and based in Fremont, California, the company focuses on providing visibility and actionable alerts to detect, isolate, and defend against various cyber threats, including advanced credential, insider, and ransomware attacks. Its Deception and Response Platform utilizes dynamic deception techniques to misdirect attackers, revealing their activities and intentions. The platform enhances threat management through automated investigation, lateral movement tracking, and evidence-based alerting, alongside detailed forensic reporting. Attivo Networks also offers a multi-dimensional correlation engine that identifies infected endpoints, maps out infection pathways, and assesses the source of attacks. The company serves both corporate and government clients worldwide, providing tailored solutions for diverse environments, including data centers, IoT, and Industrial Control Systems.

Swimlane, Inc. specializes in developing cyber security automation solutions for enterprise teams. Established in 2014 and based in Louisville, Colorado, the company offers a security operations management platform that centralizes security alerts, automates their resolution, and provides metrics-based dashboards and reports. Swimlane's platform is designed to alleviate common challenges faced by security teams, such as alert fatigue and staffing shortages, by providing a low-code environment that serves as a comprehensive system of record for the entire security organization. This allows various stakeholders within the organization to contribute their expertise to enhance overall security efforts, streamlining processes and improving operational efficiency across security operations.

Dragos is an industrial cybersecurity company specializing in protecting critical infrastructure worldwide. It develops software that provides real-time visibility into Industrial Control Systems (ICS) and Operational Technology (OT) networks, enabling early detection of threats and proactive mitigation strategies. The company's solutions are optimized for emerging technologies like the Industrial Internet of Things (IIoT), serving clients across power and water utilities, energy, and manufacturing sectors to enhance their overall security posture.

Swimlane, Inc. specializes in developing cyber security automation solutions for enterprise teams. Established in 2014 and based in Louisville, Colorado, the company offers a security operations management platform that centralizes security alerts, automates their resolution, and provides metrics-based dashboards and reports. Swimlane's platform is designed to alleviate common challenges faced by security teams, such as alert fatigue and staffing shortages, by providing a low-code environment that serves as a comprehensive system of record for the entire security organization. This allows various stakeholders within the organization to contribute their expertise to enhance overall security efforts, streamlining processes and improving operational efficiency across security operations.