Your digital "Home of IT Security"
365 days a year: solutions, knowledge and networking.
Find and offer innovative IT security solutions, take part in our diverse action program and make and maintain contacts.
Become part of the it-sa 365 community!
Make an appointment with
So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.
Create an onsite appointment with
So that you can make an onsite appointment, the appointment request will open in a new tab.
LocateRisk is the winner of this year's ATHENE Startup Award UP24@it-sa. The team from Darmstadt impressed with its automated risk analysis. In the competition for the start-up prize for cybersecurity start-ups, the candidates addressed very different cybersecurity problems in their pitches at the it-sa Expo&Congress.
Start-ups presented new approaches during the anniversary edition of it-sa Expo&Congress.
This year's ATHENE Startup Award UP24@it-sa shows that perseverance pays off. The winner LocateRisk took part for the fourth time. All the candidates who took part in the pitch at it-sa Expo&Congress impressed with their exciting technological developments.
The ATHENE Startup Award UP@it-sa, which has been presented since 2018, is considered the most important start-up prize for cybersecurity start-ups from the DACH region, Germany, Austria, Switzerland. This year, LocateRisk came out on top with its approach to automated risk analyses. The company, founded by Lukas Baumann in 2020, took part in the competition for the fourth time. This time, the Darmstadt-based startup won the first prize of 7,500 euros.
Risk analyses are an important building block for security managers when selecting suitable security measures. LocateRisk analyses the current security status of a company based on its toplevel domain. This way the external infrastructure is analysed for this purpose. "This is fully automated," explains Kristina Breuer, head of communications at LocateRisk. The results can be used to rectify any vulnerabilities that are discovered. The results of the analysis are presented in two reports, "one technical for the IT specialists and one for the management", says Breuer. These reports also contain optimisation suggestions that are already prioritised and weighted and broken down into individual subtasks and can therefore be implemented very easily, she explains. This is well suited to the SME sector, but according to Breuer, the target group extends further, "from small craft businesses to large corporations, as well as public institutions, authorities and administrations", says the communications expert. The risk analyses can also include the supply chain. In the future, the start-up would like to become even more international, but this will not happen without growth. "That's why we're working on designing our processes in such a way that they can scale," explains Breuer.
Trend towards automation
Second place in the ATHENE Startup Award UP24@it-sa also went to a startup that specialises in the automation of IT security: RedMimicry. Companies invest a lot of money in IT security without knowing how effective the protection actually is, reports Stefan Steinberg, one of the two founders of RedMimicry. There is only a real test of security in the event of a targeted attack. This is exactly what RedMimicry simulates, using its own malware. What sounds dangerous at first is harmless in reality, because "our malware does no damage," Steinberg reassures. The special thing about this attack simulation, however, is that customers can see how their security solutions react to it. "The customer can execute each individual step of the attack separately via the control interface," says Steinberg and comes to a core feature: "At the same time, they can look into their defence systems and check when the attack is detected or even repelled there." It is perhaps this capability that has led to even DAX companies showing interest in this solution, as Steinberg mentions almost in passing.
The third prize winner, the start-up CyberDesk, offers an automated solution, too. During their previous work in the IT sector, the two founders repeatedly encountered the problem of securely and granularly managing identities and their access rights in the cloud environment. "Identities are the weakest link in cyber defence," Tobias Lieberum, one of the two founders, points out. However, more than 95 percent of data access rights are not used nowadays, he adds. To minimise this attack surface, CyberDesk helps to automatically control who can access which sensitive data and how. The CyberDesk approach goes far beyond typical IAM solutions, notes Lieberum.
Security-as-a-Service (SaaS) widely represented
The other two participants in the seventh round of the start-up prize for cybersecurity start-ups also presented exciting concepts. AlpenShield presented a SaaS offering with many special features based on Microsoft Sentinel, a cloud-based SIEM (Security Information and Event Management) platform. "Every security alert is presented to the user in an understandable way," says co-founder Denis Rak, describing one of these features.
Mitigant also presented a SaaS solution. The four founders want to eliminate security deficits in cloud use by analysing the cloud infrastructure. In addition, "our customers can also use our tools to simulate attacks against their cloud," adds Nils Karn, Managing Director and one of the four founders. The tool is so simple that customers can work with it independently, he says. The future will show which start-ups will be successful. At the same time, the application phase for the next round of the upcoming it-sa Expo&Congress, which will take place from 7 to 9 October in Nuremberg 2025, will start in early summer.
Author: Uwe Sievers
