Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight

Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.

BLACK HAT USA 2022 -- Las Vegas — At an intimate stage area in the Innovation City section located at the back of the Business Hall, Phylum beat out three other cybersecurity startups to take the title at the inaugural Innovation Spotlight competition, held on Wednesday evening at the 25th Black Hat USA.
The four finalists were
Phylum
, a software supply chain security company;
KeyCaliber
, a company that uses asset behavior analytics to help clients prioritize protective measures;
Normalyze
, which identifies sensitive data and vulnerable access paths ripe for exploitation; and
Tromzo
, with a product security operating platform (PSOP) for building applications more securely.
Dark Readings editor-in-chief, Kelly Jackson Higgins, hosted the awards. Judges picked finalists back in July after viewing video submissions from candidates -- companies that were 2 years old or less and had fewer than 50 employees.
The finalists presented in alphabetical order, starting with KeyCaliber.
Roselle Safran
, cofounder and CEO, explained how her companys analytics engine helps continuously identify and protect an organizations most valuable data, aka crown jewels — indeed, the companys brand representatives were men dressed in royal robes and costume crowns. Safran said KeyCalibers software can run on her companys network, on the customers network, or on premises, a flexibility that meets prospective clients need to balance resources and security.
Next up was Normalyze cofounder and CEO Amer Deeba. His company is in a similar risk management space as KeyCaliber, but emphasizes holistic data security rather than crown jewels. The company offers data-first cloud security that scans for sensitive data on Google Cloud, AWS, and Microsoft Azure. His co-founder, CTO
Ravi Ithal
, was standing to the side recording his partners presentation, in a perfect example of the supportive atmosphere of the event.
The specter of Log4j hung over the presentations, none more so than Phylums. Cofounder and president Peter Morgan said his company focuses on the security of
open source packages
, using deductive analysis of risk indicators to create what he likened to a credit score for packages. The company offers a community edition that has feature parity with the paid edition, limiting it to one user and five projects at a time. He said the automated analysis takes 12-15 minutes to complete. Were walking really well, and the system is learning to run as we speak, Morgan said.
The last to present was Harshil Parikh, CEO and cofounder of Tromzo, a product security operating platform designed to make the entire software development pipeline more secure. In response to a question from the judges, Parikh explained that the company wrote its own
no-code platform
for automating security processes and remediation.
First, all four finalists were winners in that they got booth space at Black Hat USA, as well as a receptive audience for their presentations and a consultation with an Omdia analyst. There were decision-makers in the audience Wednesday, with a few CEOs filling the seats and a standing-room crowd watching the competition.
Tromzo definitely had the flashiest presentation. Parikh opened by using a DVD as a prop to illustrate the outdated former cutting-edge technology. He closed by tossing the DVD over his shoulder, warning, Dont get left behind. That jazz might be why Tromzo took first place in the audience poll.
Ultimately, however, the opinions that mattered most in the contest were those of the judges, and they favored the open source-emphasizing Phylum. The seven judges were Ketaki Borade, senior analyst in Omdia’s Infrastructure Security research practice; Trey Ford, deputy CISO at Vista Consulting Group; Hollie Hennessy, senior analyst in Omdias IoT cybersecurity practice; Maria Markstedter, founder and CEO of Azeria Labs; Lucas Nelson, founding partner at Lytical Ventures; Robert J. Stratton III, principal & strategist at Polymathics and venture partner at Nextgen Venture Partners; and Rik Turner, principal analyst in Omdias IT security and technology team.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight