Digital security has long been thought of as a defensive layer added to computer systems: antivirus, firewalls, intrusion detection systems. While this model remains essential, it shows its limits as software architectures become more distributed and data volumes explode.
Cloud, artificial intelligence, process automation and the proliferation of APIs have profoundly transformed information flows. Data now flows constantly between applications, cloud infrastructures, partners and third-party services. In this environment, security can no longer be limited to protecting IT perimeters, and must be integrated directly into the systems architecture.
It is in this context that a new generation of European startups is emerging whose ambition is to build the technological building blocks of what some describe as the digital trust infrastructure. Their approach no longer consists of simply defending systems against attacks, but of designing architectures in which sensitive data remains protected by default, often thanks to cryptographic mechanisms integrated into the software itself.
Several technological areas are converging in this transformation: advanced encryption, digital identity management, protection of critical communications and even securing cloud infrastructures and terminals. Together, these technologies are gradually forming a new layer of the digital stack.
🚨 SMARTJOBS
- MISTRAL – Account Executive, Enterprise, France – Paris
- ANTHROPIC – Startup Partnerships – France & Southern Europe
- CONTEXT – HR Director – Human Resources Director
- ECOLE POLYTECHNIQUE – Director/Deputy Director of International Relations (F/M)
- CLAROTY — Sales Development Representative
- FRACTTAL — Account manager (France)
- BRICKSAI — Founding Growth Manager
👉 Find all our offers on the DECODE MEDIA Jobboard
đź“© Are you recruiting and want to strengthen your employer brand? Discover our partner offers
Among the companies that embody this evolution are Evervault, Zama, Evertrust, Quantum Industries, Mirror Security, Soverli and even XFA. Although they operate in different segments of cybersecurity, they all participate in the construction of a digital architecture where trust is based more on the technical properties of systems than on external control mechanisms.
Evervault: integrating encryption into application architecture
Founded between Dublin and New York, Evervault develops a platform for developers to encrypt and orchestrate sensitive data directly in applications. The company offers tools to collect, process and transmit critical data without it appearing unencrypted in companies’ infrastructure.
This approach is based on a simple idea: to minimize situations in which sensitive data passes through computer systems in readable form. According to Shane Curran, founder and CEO of the company: “Most compliance frameworks assume that sensitive data will exist somewhere in the clear. But in an environment where data flows automated and at high speed, this becomes a vulnerability. »
Evervault is thus positioned as an infrastructure layer allowing companies to manipulate sensitive data, particularly in payments, while limiting their exposure to security or compliance risks.
The startup has just announced a raising of 21 million euros in series B, led by Ribbit Capital with the participation of Sequoia Capital and Index Ventures. This operation brings the company’s total financing to 39 million euros.
The funds should make it possible to expand its encryption infrastructure, accelerate product development and strengthen its engineering teams.
The company initially focused on payments, one of the most regulated environments in digital. Its platform combines encryption, 3D-Secure authentication, tokenization and card data enrichment in a single integration.
Evervault says it already processes several billion euros of transactions and generates more than 100 million encrypted tokens each month, while allowing its customers to significantly reduce their PCI compliance costs.
For Shane Curran, the objective goes beyond simple application security: “We are building an infrastructure that enables businesses to never handle sensitive data in the clear, starting with card payments and gradually extending encryption to digital wallets, identity and the healthcare industry. »
Zama: calculate without ever deciphering the data
In Paris, the startup Zama is working on a particularly ambitious cryptographic technology: Fully Homomorphic Encryption.
This technique allows calculations to be performed directly on encrypted data without it ever being decrypted during the process.
Although this approach still remains demanding in terms of computing resources, it opens up the possibility of carrying out processing on confidential data while guaranteeing their confidentiality. Potential applications include finance, cloud infrastructures, artificial intelligence and blockchains.
Founded by Rand Hindi and the cryptographer Pascal PaillierZama is a continuation of academic work in advanced cryptography. The company is particularly developing tools to integrate these technologies into industrial environments, particularly in the world of smart contracts and decentralized applications.
Evertrust: industrializing digital identity management
The security of digital infrastructures also relies on an often invisible element: digital certificates which allow systems to be authenticated and communications to be secure.
The French startup Evertrust specializes in the management of public key infrastructures (PKI) and the lifecycle of digital certificates. Its platform allows organizations to automate the creation, renewal and governance of their cryptographic certificates.
In large IT infrastructures, these certificates can number in the tens of thousands. Their management is becoming a major operational issue for companies, particularly in cloud and DevOps environments.
Evertrust is therefore developing tools to centralize and automate this management, in order to reduce the risks linked to expired or misconfigured certificates, which are among the frequent causes of security incidents.
Quantum Industries: securing communications in the quantum era
Some European startups are focusing on a more distant technological horizon, such as securing communications in the face of the emergence of quantum computing.
The Austrian company Quantum Industries develops quantum-secure communications technologies for critical infrastructures. These systems are based in particular on techniques such as quantum key distribution, making it possible to detect any attempt to intercept a communication.
The goal is to create networks capable of securing exchanges between data centers, energy infrastructures or government systems in the face of future cryptographic threats.
Mirror Security: Protecting AI Data Pipelines
The Irish startup Mirror Security is interested in the protection of artificial intelligence systems.
AI models today manipulate large volumes of data from multiple sources: documentary bases, customer data, operational flows or user-generated content. Securing these pipelines is becoming a major issue for organizations.
Mirror Security develops encryption and data flow protection technologies intended to secure these environments while allowing their exploitation by AI models.
Soverli: securing smartphones beyond the operating system
The Swiss startup Soverli is working on another critical link in digital security: mobile terminals.
The company is developing a security layer to protect communications and sensitive data on smartphones, even when the operating system is compromised.
This approach is particularly aimed at government, diplomatic or industrial environments where the compromise of a mobile device can expose sensitive information.
XFA: Map invisible devices in enterprise networks
Finally, the Belgian startup XFA addresses a problem that has become common in modern digital environments: the presence of unidentified devices in corporate networks.
Teleworking, cloud, connected objects and personal terminals are increasing the number of access points to IT systems. Certain devices can thus access infrastructures without being correctly identified or secured.
The platform developed by XFA makes it possible to detect these devices, map attack surfaces and improve security governance in hybrid environments.
A silent transformation of digital architecture
These companies do not all operate on the same technologies. Some are developing fundamental cryptographic advances, others digital identity infrastructures or terminal security solutions.
But they all contribute to the emergence of a digital architecture in which trust becomes an intrinsic property of computer systems.
As data volumes increase and architectures become more distributed, this technology layer could play a central role in shaping the future of digital. The startups that are now developing these technical building blocks are thus helping to redefine the very foundations of the global digital infrastructure.
