Cybersecurity remains one of the most dynamic areas in tech. The attack surface keeps expanding as companies move deeper into cloud infrastructure, AI systems, and complex software supply chains. Global spending reflects that urgency: the cybersecurity market is expected to surpass $300 billion in 2026, while cybercrime damages are projected to exceed $10 trillion annually.
January 2026 already signaled where the market is heading. Aikido Security reached a $1 billion valuation after a $60 million Series B, Europe’s first cybersecurity unicorn of the year, reporting more than 100,000 teams using its platform and fivefold revenue growth. The company focuses on consolidating multiple security tools into a single developer-first platform, a direction many enterprises are increasingly looking for as security stacks become fragmented.
To understand which startups could follow that trajectory, we asked investors from TIN Capital, Coinvest Capital, Kibo Ventures, and PortfoLion to name the cybersecurity companies they believe are worth watching in 2026.
Roel Reijnen, Partner at TIN Capital
- AISLE, Czech Republic
Founded by industry veterans Ondrej Vlcek, Jaya Baloo, and Stanislav Fort, the company is targeting one of the most persistent headaches for CISOs: vulnerability management. Its AISLE platform goes beyond detection, identifying software vulnerabilities, assessing real-world exploitability, and delivering remediation that plugs directly into existing CI/CD pipelines.
Powered by advances in agentic AI, the approach reflects a fast-emerging category that could ultimately extend into broader application security. While AI hype is everywhere, this is one domain where it is poised to deliver tangible, operational impact.
*This company has also been chosen by the PortoLion VC team — there is something to watch here for sure!
- Dawnguard, the Netherlands
Following Google’s acquisition of Wiz, attention is shifting to what comes next in cloud security. While players like Tamnoon focus on automated remediation of CNAPP misconfigurations, an alternative path is emerging — one that pushes security further left by ensuring cloud workloads are deployed correctly from the outset.
Dutch startup Dawnguard takes this approach by using AI-generated Infrastructure-as-Code to prevent security risks before they materialize. Executed well, this model aligns the priorities of CISOs, CIOs, and infrastructure teams, while sidestepping direct competition with entrenched CNAPP platforms.
- Dattak, France
Following the first wave of US cyber insurance startups — such as Coalition, At-Bay, and Cowbell Cyber — a new cohort of European entrants is emerging. These companies pair cyber liability insurance with managed detection and response, preventive controls, and security awareness training. The model resonates with SMEs, larger enterprises, and public-sector organisations that, amid persistent talent shortages, increasingly choose to outsource cybersecurity while securing competitively priced insurance coverage.
Paris-headquartered Dattak has built strong traction in the French market and is now preparing for international expansion.
- AI Score, the UK
Many CISOs recognise that their organisations are rapidly adopting a growing array of AI tools, yet lack the visibility and controls needed to effectively govern their use. This gap in AI observability has drawn both incumbents and startups, all racing to deliver solutions that strengthen governance, ensure compliance, and reduce risk across AI adoption.
London-based early-stage startup AI Score sits squarely in this emerging category, offering real-time risk detection, shadow AI monitoring, and GDPR compliance checks. The company was founded by Alex Harland and Benita Tibb, who bring deep cybersecurity and legal expertise, supported by advisors and investors with strong national security and cybersecurity backgrounds.
Viktorija Trimbel, Managing Director of Coinvest Capital
- Copla, Lithuania
Founded by serial startup entrepreneurs with multiple successful exits, led by Aurimas Bakas, Copla aims to simplify cybersecurity compliance with automated workflows, audits, and risk management. The founding team has an excellent reputation and industry competencies; they‘ve already raised a few oversubscribed rounds and are scaling impressively.
- Wayren, Estonia
A company delivering a resilient communication platform that keeps mission-critical teams and assets connected in the most challenging and jammed environments. Wayren was selected for Phase 2 of the NATO DIANA programme, with additional funding, continued access to NATO test centres, and tailored support from experts. They also closed a €7.9 million funding deal in 2025.
- RIPPLC, Lithuania
Ripplc is a Lithuanian startup founded in early 2024, specializing in an AI-driven investigations platform. Based in Vilnius, it empowers defense, intelligence, and crisis response teams with advanced AI analysis tools developed by founder Žygimantas Medelis, who brings over 15 years of expertise in AI and NLP product development.
- Januus, the UK
Januus is a London-based startup founded in 2021 that builds the world's largest cryptocurrency wallet-to-identity database. It aggregates data from across the internet to link crypto wallets with real-world identities, bridging blockchain anonymity and practical use cases. This enables financial institutions and fintech firms to accelerate crypto adoption through better compliance and monitoring via APIs.
- AlongID, Lithuania
AlongID is a Lithuanian startup developing a cross-border digital identity platform backed by a secure wallet. Developed by Deverium, it secured €2 million in EU funding to create reusable, privacy-first identities compliant with eIDAS 2.0, enabling verification once and reuse anywhere. The platform tackles high KYC costs — over €5.7 billion annually for European firms — through blockchain-based orchestration and partnerships with leaders like GBG, Regula, and iProov.
Javier Torremocha, co-founder & Managing Partner at Kibo Ventures
- Acoru, Spain
Acoru specialises in AI-driven bank account monitoring. Founded in late 2023 by cybersecurity veterans Pablo de la Riva Ferrezuelo and David Morán (ex-Buguroo/Revelock founders), it specializes in AI-driven real-time account monitoring for fraud and money mule detection.
- Nymiz, Spain
Nymiz is a pioneering startup offering a real-time data anonymization and privacy engine. Its cutting-edge platform processes both structured and unstructured data to ensure compliance with global regulations like GDPR and CCPA. By dynamically masking sensitive information without compromising data utility, Nymiz enables secure data sharing for AI training, analytics, and collaboration across industries.
- Neural Trust, Spain
NeuralTrust was founded in July 2022. It specializes in AI security platforms for generative AI and LLM applications. Its core offering, TrustGate, uncovers GenAI vulnerabilities, blocks attacks such as prompt injections and data leaks, monitors performance, and ensures regulatory compliance for tools like chatbots, copilots, and call centers.
- Quo Intelligence, Germany
Frankfurt-based cybersecurity company focused on threat intelligence and geopolitical risk analysis for organizations operating in complex digital environments. Founded in 2021, the startup provides Threat Intelligence-as-a-Service, combining artificial intelligence with human analyst expertise to deliver contextual intelligence rather than raw data feeds.
PortfoLion VC team
- Axoflow, Hungary
The exited Balabit team is building the security data layer for the cloud era, with serious local and regional signals from names like Notion Capital, Credo, and e2vc. Security data volume is exploding as AI workloads, multi-cloud, and machine identities multiply, telemetry faster than teams can manage, and every security tool downstream depends on clean, structured data — whoever controls normalization and routing effectively shapes the rest of the stack.
- Chainloop, the US
Chainloop is in a cyber segment where regulation is turning into demand: SBOM is moving from “nice to have” to procurement requirement, pushed by US executive orders and the EU Cyber Resilience Act. Their angle — auditable supply chain visibility embedded directly into CI/CD — aligns with how modern software actually ships.
Founder DNA matters here: ex-Bitnami and VMware operators who’ve lived inside DevOps ecosystems and understand how open source dependencies flow into production.
- R6 Security, the US
Cloud-native attack surfaces are expanding faster than security teams can hire, so shifting from reactive detection to architectural prevention is logical. R6 is positioning itself closer to design phase risk reduction rather than post-breach cleanup. A big part of why this is worth watching is Zsolt Nemeth — one of the strongest regional experts we know at PortfoLion — and the consistent inbound interest suggests his perspective carries weight.
- Re:lock, Poland
The company starts with founder market fit: Marcin ran into session hijacking and token theft firsthand, built a fix, then realized the real gap wasn’t MFA — it was continuous, session-level verification — and productized it. That framing is directionally aligned with where identity security is heading. Bringing in Prem, a strong commercial lead with deep US market experience, gives the team both technical authenticity and clear GTM intent.
- Wisebee, Bulgaria
WiseBee has the rare combination of scaled category experience and repeated founder hunger: Stoyan and Taha were core to SecurityScorecard’s path from single-digit millions to 15x+ ARR, owning product, data, and revenue-critical infrastructure. They’re now applying that lived experience to a structurally underserved segment — mid-market companies that need enterprise-grade security without enterprise headcount — and rebuilding the stack around AI-native agents, where new platforms are emerging.
