The number of data leaks and cyber security incidents is continuously increasing. Compare the blog article TOP 5 biggest hacks worldwide.

Therefore the Cyber Security industry is undoubtedly a growth market with a multitude of offerings such as Intrusion Prevention (IPS), Intrusion Detection (IDS), Phishing Prevention, Identity Access Management, Network Security and more. In the following, I will introduce seven exciting companies from the field of cyber security. Focus: Start-Ups in Germany, not older than 7 years.


Cyber security is a 24h job. In larger medium-sized companies and large enterprises there are specialists in the IT department. In Blue Chip companies you do even have a Security Operations Center (SOC). But what about the medium-sized mechanical engineering company with 150 employees or a law firm with 15 employees? An efficient cyber security requires anti-virus software, it requires regular checkups of the IT infrastructure and above all awareness training for each and every employee. Awareness training prevents intrusions via phishing mails (Worst Case: Spear Phising), a very common attack angle of Black Hat Hackers. And, of course, who will take over Crisis Management if an incident does occur after all?

Even such more or less all-inclusive carefree package is offered by Perseus. On top of that, the package includes insurance cover. Perseus is a spin-off of the well-known Berlin Fintech/InsurTech incubator FinLeap.

Foundation in 2016. In Berlin. Website:


The idea is easy to understand (though certainly not trivial to implement): Machine learning algorithms are excellent at recognizing patterns. ML algorithms are also good at detecting deviations from patterns. This is exactly what the cognitix Threat Defender uses to detect potential threats in enterprise networks: In a first step the software “learns” the patterns of data flows of a corporate network in “normal” mode. If deviations or unusual traffic occur, this could be an indication of a cyber incident. By the way, the same principle underlies the software Darktrace, which readers of the Economist magazine may be familiar with from full-time advertisements for a couple of weeks …

By the way, only two years after its foundation (sic!), Cognitix was acquired by the German manufacture of IT security software Genoa.

Foundation in 2017. In Leipzig. Website: cognitix-gmbh


Let’s start with a short definition of a key terms in Identity Management. Let’s take the everyday scenario of setting up of a new online bank account: On the online registration form, I enter my name (“Identification”), I do prove this identity by means of an identity card using the post-identification procedure (“Authentication”). A few days later I receive access authorization to my online bank account (“Authorization”).

Having said this, the StartUp XignSys is focused on offering authentication procedures that can be easily integrated into smartphone apps such as digital visits to authorities (eGovernment), time recording or even online bank access. These authentication procedures are designed for maximum cyber security and high convenience and do not require a password. The authentication process starts with a QR code, NFC, RFID, PUSH or similar. Further steps such as biometric factors, e.g. fingerprint, face recognition or iris scanner can be added as well. Customers of XignSys: Volkswagen, EON, City of Gelsenkirchen.

Foundation in 2016. In Gelsenkirchen. Website:


The StartUp has set up a platform where information from various monitoring tools can be merged and analyzed to identify relevant (security) incidents in the IT landscape. The platform provides off-the-shelf connectors to established tools such as Splunk (SIEM), Elastic and many more. Automatic alerting and incident management is included …

Foundation in 2016. In Frankfurt. Website:


The company Rhebo is focused on cyber security for industrial plants, it is part of the Industry 4.0 revolution. The company offers software for monitoring and anomaly detection in industrial networks. Its USP: The analysis of the data traffic goes very deep, not only identifying unusual communication patterns, but also analyzing the communication on the level of the data packets themselves for cyber threat indicators (“deep packet inspection technology”).

Foundation in 2014. In Leipzig. Website:

Finally Safe

This young company also offers a software platform for the protection of corporate networks. The company emerged from a research project of the BSI and the Institute for Internet Security, it’s a good example of a spin-off from Research. The start-up was acquired by Security Networks AG at the end of 2019.

Foundation in 2015. In Essen. Website:


The company Alyne provides a comprehensive toolkit or rather library of templates that facilitates decision-making, monitoring and process design in the areas of cyber security, risk management and compliance: It’s about checklists, material for training courses, evaluation lists for external service providers, guidelines for business continuity management, the introduction of cryptographic procedures, procedural and organisational policies to prevent data loss, for data protection and much more.

Foundation in 2015. In Munich. Website:

Promising StartUps in other industries

Sebastian Zang

The author is a manager in the software industry with international expertise: Authorized officer at one of the large consulting firms - Responsible for setting up an IT development center at the Bangalore offshore location - Director M&A at a software company in Berlin.