Top 9 cybersecurity startups from TechCrunch Disrupt’s Startup Battlefield

TL;DR

TechCrunch published nine cybersecurity companies chosen among the Startup Battlefield 200 selectees for Disrupt 2025. The list highlights startups focused on AI-driven defense, offensive testing, deepfake detection, ransomware recovery and cloud vulnerability management.

What happened

TechCrunch compiled nine cybersecurity startups drawn from the Startup Battlefield 200, the group of companies selected from thousands of applicants for Disrupt’s pitch competition. The broader Battlefield process narrows entrants to 200 contenders; the top 20 advance to the main stage to compete for the Startup Battlefield Cup and a $100,000 cash prize, while the remaining selectees compete in category competitions. The nine cybersecurity firms TechCrunch spotlighted include AIM Intelligence (AI-based adversary testing and AI safety planning), Corgea (AI-driven code scanning and agent-generated code security), CyDeploy (automated asset discovery, mapping and digital-twin sandboxing), Cyntegra (hardware-plus-software ransomware recovery), HACKERverse (autonomous AI agents that simulate attacker behavior), Mill Pond Research (detection of unmanaged AI in the enterprise), Polygraf AI (small language models tuned for security use cases), TruSources (real-time deepfake detection for identity use cases) and ZEST Security (AI-powered cloud vulnerability and unified vulnerability management). Each was selected for a specific technical focus noted by TechCrunch.

Why it matters

• AI is being applied both offensively and defensively across multiple startups, reflecting a shift in how security teams test and protect systems.
• Tools that detect unmanaged or unauthorized AI use target a growing blind spot as employees adopt AI assistants.
• Real-time deepfake detection and rapid ransomware recovery address rising threats that have operational and reputational impact for organizations.
• Unifying vulnerability management across clouds and apps responds to complexity in modern enterprise environments.

Key facts

• TechCrunch’s Startup Battlefield process starts from thousands of applicants and narrows to 200 selectees.
• The top 20 Battlefield entrants compete on stage for the Startup Battlefield Cup and a $100,000 prize.
• AIM Intelligence uses AI to run penetration tests optimized for AI-enabled attacks and offers an AI safety planning tool.
• Corgea scans code for security flaws and broken security logic, and enables AI agents to secure code across popular languages.
• CyDeploy automates discovery and mapping of apps and devices, builds digital twins for sandbox testing, and supports AI automation of security processes.
• Cyntegra combines hardware and software to lock away secure backups and restore systems quickly after ransomware incidents.
• HACKERverse deploys autonomous AI agents to simulate known attacker techniques in isolated environments to verify vendor tools.
• Mill Pond Research detects unmanaged AI tools that may access sensitive data or create security risks inside enterprises.
• Polygraf AI provides small language models tuned for cybersecurity tasks; TruSources focuses on real-time detection of audio, video and image deepfakes.
• ZEST Security offers an AI-powered platform to find and help remediate cloud and application security issues, unifying vulnerability management.

What to watch next

• Whether any of these companies advance from the Battlefield 200 into the top 20 or win the Startup Battlefield Cup — not confirmed in the source.
• Adoption rates for AI-driven offensive testing and autonomous red-team agents in enterprise security programs — not confirmed in the source.
• Real-world deployment speed and effectiveness of ransomware restoration appliances and deepfake detectors in production environments — not confirmed in the source.

Quick glossary

• Penetration test: A simulated cyberattack against a system to identify exploitable vulnerabilities.
• Digital twin: A virtual replica of an asset, system or environment used for testing and analysis without affecting the real system.
• Deepfake: Synthetic audio, image or video content generated or altered by algorithms to convincingly imitate real people or events.
• Unmanaged AI: AI tools and models used within an organization without central oversight, posing visibility and security risks.
• Ransomware recovery: Processes and tools that restore systems, applications and data following a ransomware attack.

Reader FAQ

How were these nine startups chosen?
They were part of TechCrunch’s Startup Battlefield 200 selectees; the article notes why each was selected for the cybersecurity category.

Which of these companies use AI in their products?
Several explicitly use AI: AIM Intelligence, Corgea, CyDeploy (for automation), HACKERverse, Mill Pond Research, Polygraf AI and ZEST Security; TruSources and Cyntegra are noted for their respective deepfake detection and ransomware recovery capabilities.

Who won the Startup Battlefield Cup this year?
Not confirmed in the source.

Are product availability, pricing or funding details provided?
Not confirmed in the source.

Every year, TechCrunch’s Startup Battlefield pitch contest draws thousands of applicants. We whittle those applications down to the top 200 contenders, and of them, the top 20 compete on the…

Sources

• The 9 top cybersecurity startups from Disrupt Startup Battlefield 
• The 9 top cybersecurity startups from Disrupt …
• The 9 top biotech startups from Disrupt Startup Battlefield

Related posts

• The standout cybersecurity investigations of 2025 we admired elsewhere
• Wi-Fi 8 to Prioritize Reliability and Low Latency Over Peak Speed
• US Trade Dominance Is Poised to Erode as Tariff Battles Intensify