Cybersecurity · sub-niche
Zero-trust network mesh.
Tailscale + Cloudflare Access shape — zero-trust networking for the agent era.
Team-sized buildSteady — one deal per month
Why now
Hybrid work + AI agent access from anywhere = network perimeter is dead. The mesh approach is winning.
What the signal looks like
Repos with WireGuard / WireGuard-derived implementations, identity-aware proxy code, and SSO integrations.
Public examples
We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.
- Tailscale shape
- Twingate / NetBird
- Cloudflare Access patterns
What this displaces
A VPN that 2/3 of the team has misconfigured.
Our build-vs-invest call
Heavy build. Fund only with prior networking background. The wedge is a specific developer ritual — 'access prod for 30 minutes' or 'agent gets time-bounded scope.'
Common questions about this niche
- Isn't Tailscale winning?
- Tailscale won the developer wedge. Enterprise + agent-specific is open.
- Pricing?
- Per seat or per resource.
- Defensibility?
- Networking primitives + integration ecosystem + audit features.
More inside Cybersecurity
- LLM firewall tooling — WAF for AI agents — prompt injection blocking, output sanitization, policy enforcement at the API boundary.
- Supply chain attack detectors — Catch malicious npm / PyPI packages before they land in production.
- Secret rotation automation — Secrets that rotate themselves — across HashiCorp Vault, AWS Secrets Manager, GitHub, and your CI.
- OSS vulnerability graphs — The dependency graph for open source vulnerabilities, indexed for AI agents and humans.