Cybersecurity · sub-niche
Cloud config drift detection.
Continuous detection of AWS / GCP / Azure config drift, plus AI-suggested remediation.
One-quarter buildSteady — one deal per month
Why now
Cloud bills + cloud risk both come from config drift. AI can finally explain a misconfig in plain language.
What the signal looks like
Repos with multi-cloud adapters, policy-as-code libraries, and remediation-workflow engines.
Public examples
We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.
- Cloudquery-style cloud scanners
- Wiz / Lacework shape
- Open-source policy-as-code
What this displaces
AWS Config + a quarterly external audit.
Our build-vs-invest call
Crowded category. Differentiate on remediation, not detection. Fund teams shipping auto-fix workflows for the top 50 misconfigs.
Common questions about this niche
- Isn't Wiz this?
- Wiz is enterprise. The mid-market and SMB slot is open.
- Pricing?
- Per cloud account / per resource scanned.
- Defensibility?
- Remediation library + integration footprint.
More inside Cybersecurity
- LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.
- Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.
- Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.
- OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.