Start-ups in 2025

Abnormal’s base product, Inbound Email Security, uses behavioral AI to detect and stop advanced threats that legacy tools often miss, like BEC, VEC, and phishing. With one-click API deployment, Abnormal blocks never-before-seen attacks, automates response, and delivers clear, explainable insights—which frees your team for strategic priorities. We aren’t just solving for email threats. We’re pioneering a modern security universe, powered by our behavioral intelligence. Today, the Abnormal extends beyond email to secure SaaS applications and power AI security agents across the cloud.

ACDS specializes in offensive and defensive cybersecurity. Our mission is to reduce your cyber risks by providing complete visibility into your vulnerabilities, whether external, internal, or mobile, and delivering concrete solutions to address them.

• Visibility: we uncover vulnerabilities that others simply miss.
• Modular approach: combine Observatory with Mobile EDR, EmailGuard, or FileGuard based on your priorities.
• Time savings & peace of mind: your teams stay focused on what they do best while we monitor and secure your environments.

Actadata, French start-up, Software publisher created in Occitanie in 2021.

Specialising in the field of compliance as a whole ; Offering over 350 business applications --- > Cybersecurity, Compliance & Corporate Social Responsibility.

Support & Assistance for CEOs, CIOs, CISOs, DPOs, RRSE, etc. Private & Public Sector, within ecosystems - Health, Construction, Education, Accommodation/Tourism, EPCI, Agglomeration, Telecom Operator, etc.

BlueSecure is a cybersecurity awareness SaaS platform that helps train employees through engaging and gamified experiences. Our service includes phishing simulation campaigns, interactive e-learning modules, and immersive experiences (escape games, videos, quizzes). BlueSecure helps organizations strengthen their cybersecurity culture. The solution offers precise results tracking, campaign automation, and personalized support. Adapted to all user profiles, BlueSecure combines pedagogy, realism, and innovation to turn cybersecurity into a collective reflex.

Brightside AI helps companies stop AI-powered cyberattacks and deepfakes before they happen. Hackers exploit publicly available employee data to breach organizations—Brightside AI finds and fixes these vulnerabilities before hackers abuse them. Our platform runs hyper-realistic AI-driven attack simulations using employees' own digital footprints, training teams to recognize text, voice, and video fraud. Personalized privacy portals help employees secure their exposed data, reducing human risk at scale. With automated, organization-tailored recommendations and data removal tools, Brightside AI makes human cybersecurity proactive, engaging, and frictionless.

Cato provides the world's most robust single-vendor SASE platform, converging Cato SD-WAN and a cloud-native security service edge, Cato SSE 360, into a global cloud service. Cato SASE Cloud optimizes and secures application access for all users and locations everywhere. Using Cato, customers easily replace costly and rigid legacy MPLS with modern network architecture based on SD-WAN, secure and optimize a hybrid working from anywhere, and enable seamless cloud migration. Cato enforces granular access policies, protects users against threats, and prevents sensitive data loss. Cato protects endpoints and helps detect and remediate threats with the most powerful SASE-based XDR. All Cato services are easily managed from a single pane of glass. With Cato your business is ready for whatever's next.

Open source software dominates software development, representing over 90% of all code. In many ways, open source software is more secure than proprietary software, but the way open source is built and distributed makes it vulnerable to attack. This leads to countless hours of engineering toil patching software, risks of compliance failures, and breaches that can cause irreparable harm to organisations. Chainguard helps organisations eliminate threats in their software supply chains by providing guarded open source software, built from source and updated continuously.

Chainguard offers open source software that unlocks mission-critical business priorities;

• A secure foundation for open source software
• Reducing the cost of engineering toil
• Achieving and maintaining continuous compliance
• Accelerating revenue by building better products faster

Galink – Reinventing Third-Party Risk Management for cyber teams in the post-AI era With Galink, your vendor assessments become up to 10x faster and more efficient. Say goodbye to endless Excel files, manual follow-ups, and scattered tracking: everything is simplified.

Our platform combines:

• A simple, intuitive interface
• An intelligent AI agent to analyze and monitor your vendors
• Workflows tailored to your business rules

👉 Immediate result: clear visibility into the risk and cyber maturity of each vendor. Short on time or expertise? Activate our turnkey managed service: with just one click, we assess your vendors (questionnaire + evidence) using our proven standard.

🔒 With Galink, your security teams are freed from the process so they can focus on what really matters: analyzing, deciding, acting.

Haryon is a cybersecurity software vendor that provides CISOs with consolidated, continuous visibility over their IT systems. Its penetration testing orchestration and automation platform centralizes results to build a dynamic map of assets, vulnerabilities, and their evolution over time. With a transparent and customizable engine, it brings modularity and flexibility to campaigns, adapting to your priorities. This gives you tangible evidence to prioritize and showcase your actions, while turning pentesting into an industrialized, agile, and manageable process that strengthens your security posture.

Kerys provides an innovative solution that allows multiple work environments to be pooled on a single computer in a completely secure manner.

Kerys' clients enjoy significant and immediate economic benefits through the reduction of computer hardware used by employees, along with the resulting gain in workspace and optimized productivity.

Kerys creates a new, fluid, and ergonomic usage that reduces the repetitive and tedious tasks of employees who were previously required to use two computers: switching from one operating system to another with a simple click on a single workstation.

As a mission-driven company, Kerys significantly reduces the carbon footprint by decreasing the amount of computer hardware purchased and used.

NANO Corp has developed a next-generation, AI-driven network security platform, designed exclusively for OEM integration into market-leading solutions. Our patented high-throughput software probe provides unparalleled real-time visibility across complex IT, OT, and hybrid environments (cloud, multi-cloud, on-prem).

At the core is our on-premise AI engine, which autonomously learns network behavior to detect sophisticated threats with high fidelity, eliminating alert fatigue. We are pioneering the future of SecOps with our Network Agentic AI, a conversational interface that enables natural language investigation of security incidents. We provide the foundational intelligence to make our partners' platforms smarter, faster, and more secure.

OGO Security is a French company offering protection and acceleration services for websites, applications, and APIs.
Its solution combines WAF/WAAP, AI, Anti DDOS, Bot Mitigation, and international CDN (200 PoP), while guaranteeing the sovereignty of your data.

Our advantages:

1. Protection: Greater efficiency with an extremely low FP rate
2. Simplicity: easy to implement and manage, freeing up your operational teams (no security rules to maintain)
3. Visibility: clear, concise, yet detailed overview of security incidents, malicious traffic, and the performance of your protected applications and APIs
4. Trust: the guarantee that your data remains within your own jurisdiction, in compliance with local regulations

The solution, available in SaaS mode, on-premise, or in a sovereign cloud, is GDPR compliant.

Qevlar AI builds AI SOC analysts powering the first real-time SOC. Autonomous agents investigate alerts end-to-end, reducing investigation time from 30 minutes to 3, and augmenting analysts in both Enterprise and MSSP SOCs. Winner of the Assises Public Prize, Qevlar delivers dynamic automation that transforms security operations from reactive to proactive units.

Qohash develops advanced data security solutions designed to help organizations identify, monitor, and protect sensitive information, especially unstructured data, with precision. Our platform addresses critical gaps in data security, privacy, and compliance by providing clear visibility into high-risk information and delivering actionable insights that reduce exposure and support informed decision-making.

By combining advanced analytics with automated policy enforcement, Qohash’s solutions proactively identify and remediate risks across on-premises, cloud, and hybrid environments. With operations across North America and Europe, Qohash’s mission is to protect the world’s most sensitive data, ensuring enterprises maintain a strong security posture and remain compliant with evolving regulations.

Risk Hunter offers the first AI-Driven GRC and Cybersecurity platform, designed to provide decision-makers with a centralized cockpit for managing risk, regulatory compliance, and cybersecurity.

With a unified, real-time view, organizations can monitor their risks, ensure ongoing compliance with standards (GDPR, NIS 2, ISO 27001, DORA…), and steer their key performance indicators with confidence. Risk Hunter enables business and operational teams to refocus on high-value activities while significantly boosting productivity.

The platform is built on a Zero Trust philosophy, applying least privilege and need-to-know principles, and adheres to OWASP secure development best practices. Available in both SaaS and On-Premise versions, it also features a fine-tuned GRC-specific LLM developed by our in-house experts.

Seclab was born to solve a basic problem that is impacting more and more industries: how to interconnect traditional OT (Operations technology) networks and IT (Information technology) networks:

By minimizing the risk of cyber-attacks

By continuing to use other existing cybersecurity technologies, in order to get closer to 0 risk.

Smartphones and tablets used by executives and VIPs are prime targets. Shindan is an automated security diagnosis solution for iOS/iPadOS and Android devices. It delivers an in-depth assessment of the device's security without accessing personal data and without interrupting its use. The solution detects compromises, risky behaviours, and configuration weaknesses by relying solely on native system capabilities.

Fast, discreet, and non-intrusive — the simple, effective way to protect executives' mobile devices.

Sonar Clarity is a European SaaS solution that enables organizations to detect, map, and manage all applications in use, whether IT-approved or not, in real time. It mitigates risks related to Shadow IT and AI, reduces costs by eliminating unused licenses, and ensures compliance with GDPR, DORA, and NIS2 regulations. Sonar Clarity leverages advanced detection systems by cross-referencing multiple data sources (IDP, browser, emails, APIs, etc.) to deliver a real-time 360° application map and AI-powered recommendations. It strengthens digital governance without altering existing infrastructure and can be deployed in under 15 minutes.

Symbiotic Security is the cybersecurity platform designed for the age of artificial intelligence. We secure code at the heart of new AI-driven workflows – from vibe coding to agentic development.

Our guardian agent, integrated into the IDE, detects and fixes vulnerabilities in real time while training developers along the way. Upstream, our agents ensure compliance and security policies, while downstream they validate and strengthen AI-generated code.

With this developer-first approach, we drastically reduce security debt and enable companies to innovate without compromising their security.

Upwind is the runtime-powered cloud security platform that leverages runtime telemetry to provide deep, actionable insights into your cloud risks. By prioritizing real threats based on actual impact and exposure, Upwind enables your security team to focus on what matters most. With Upwind, you can protect everything you run in the cloud in one centralized platform, covering all key areas of cloud security: CSPM, DSPM, CWPP, CDR, API security, vulnerability management, identity security, and container security. Upwind helps you pinpoint root causes in minutes and respond effectively with context and automation, driving true cloud resilience.

VirtualBrowser is a French cybersecurity vendor specializing in Remote Browser Isolation technologies. Spin-off from the Oodrive group since 2024, VirtualBrowser draws on more than 15 years of R&D and already protects more than 100,000 users against web threats.

Our technology isolates and secures web browsing by transmitting only a harmless visual representation of content to your users' browsers, preventing the execution of malicious code. This approach provides broad, secure Internet access for sensitive workstations (NIS2) and is a modern alternative to VPN for accessing internal applications from external workstations.

Available as a SaaS or on-premise solution, VirtualBrowser provides granular control over the actions that users are allowed to perform depending on the sites they visit.