The most active cybersecurity accelerators and venture studios in 2026 are a shorter list than the directories admit, and a more interesting one. On the studio side, three firms lead the company building: Team8, whose partners have built and invested in over 40 companies, Cyberstarts with $1.4 billion raised across seven funds, and DataTribe, the Maryland foundry that seeded Dragos. On the accelerator side, the active cyber-dedicated programs include MACH37, which just launched its Fall 2025 cohort, 8200 EISP in Israel, NATO's DIANA and a Google program, while some of the category's best-known companies never touched a dedicated program at all and came through the generalist B2B machines instead, from Y Combinator's 104 security startups to Alchemist and TinySeed.
The two models get lumped together and should not be. An accelerator takes an existing startup and runs it through a program: weeks of mentorship, a network, sometimes a small check for a single-digit equity stake, often no equity at all when a government or corporate sponsor pays. A venture studio builds the company itself: it picks the problem, validates it with buyers, recruits the founders, writes a six or seven figure first check, and takes a stake several times larger than any accelerator would. One is a finishing school. The other is a factory. Neither is automatically the better deal, and this piece is not going to pretend otherwise.
I read this market from an operator's seat, because I run growth for MSPs and cyber firms, and I also mentor at 500 Global, the accelerator I still think of by its old name, 500 Startups, so I have seen the accelerator machine from the inside as well as through the portfolio data. This piece sits below the cybersecurity VCs and growth funds in the capital stack, before the seed round, and it connects to the private equity firms waiting at the exit. The honest summary: the first wave of dedicated cyber accelerators has largely wound down, most of it on schedule rather than in failure, a studio wave is rising in its place, and the jury is still out on whether studios are the durable answer or this cycle's fashion. What a founder can do is understand what each machine actually provides, verified and priced, which is what follows.
One company out of a foundry: the Dragos case
The cleanest way to see what a studio actually does is to follow one company out of it. Robert M. Lee founded Dragos, the operational technology security firm, inside DataTribe's foundry. The official account is explicit about what that meant: DataTribe provided the seed capital plus marketing, product management, sales, engineering, legal and finance expertise, around a founder who had the domain knowledge from US intelligence work and none of the company-building apparatus.
Dragos went on to raise at a $1.7 billion valuation in 2021, the highest-profile outcome the foundry model has produced in cyber. In December 2023 Lee came back as a DataTribe venture partner while still running Dragos: the outcome funding and staffing the next generation, which is the studio flywheel working as designed. That loop is specific to the studio structure. An accelerator with a two percent stake rarely stays that entangled with an alumnus a decade on, for better and for worse.
The first cyber accelerator wave ended, mostly on schedule
Every list of cybersecurity accelerators still circulating on the web names programs that no longer run, so it is worth being precise about what actually happened. Most of these endings were planned conclusions, not collapses, and the delivered numbers were real.
LORCA, the London Office for Rapid Cybersecurity Advancement, was the UK government's flagship. It was tasked with helping its companies raise £40 million over three years; they passed £150 million by the second anniversary and finished above £200 million across five cohorts and 72 companies between 2018 and 2022, five times the target. The government published its evaluation and closed the mandate. NCSC For Startups, which began in 2017 as the NCSC Cyber Accelerator, is described in the NCSC's own 2025 annual review as having "officially concluded" after 75 graduates, £526 million raised and 1,700 jobs. Cyber Runway, the third UK program, delivered five editions as the country's largest cyber accelerator, with its evaluation published in September 2025 and no confirmed successor cohort yet. Three flagship programs, one delivery partner (Plexal), all wound down or paused by 2026, which is part of why Osney Capital's £60 million seed fund now matters so much for early UK cyber.
CyLon is the private-market version. Founded in 2015 as Europe's first dedicated cyber accelerator, it put 102 companies through hubs in London and Singapore, counted Tessian and Immersive Labs among its alumni, and at one point ranked among the five most active cyber investors in the world. The accelerator cohorts stopped, its managing director moved to Octopus Ventures in 2021, and what remains is CyLon Ventures, a small programmatic pre-seed investor. A strong portfolio was not enough to sustain a standalone accelerator business, which says more about accelerator economics than about the companies.
The pattern across the survivors is worth more than any verdict. The cyber programs still running each own an asset a founder cannot rent elsewhere: a government customer path, a corporate channel, an alumni network, or a capital stack with follow-on money. The programs that offered mentorship and a demo day alone struggled in cyber, because the typical strong cyber founder, a second-time operator or a Unit 8200 or NSA alumnus, already knows how to build product and raise money. What they lack is buyers, and security sales cycles of six to eighteen months are unmoved by a pitch night. That is a lesson about what to look for in a program, not proof that one model beats another.
The venture studios: compounding fast, still unproven
Venture creation inverts the accelerator. Instead of filtering inbound startups, the studio starts from a validated problem and manufactures the company. Cyber suits the model unusually well: a deep bench of technical founder talent out of intelligence units, and CISO networks that can validate a problem before a line of code exists. But say the quiet part plainly: the model is young. Team8 dates to 2014, Cyberstarts to 2018, most studio-built companies have not yet lived a full market cycle, and each flagship studio still leans on one or two headline outcomes. What follows is what the model has verifiably produced, and where the open questions sit.
Team8
The Tel Aviv venture-creation group is the purest expression of the factory. Team8 holds more than $1 billion in assets after a $500 million raise across 2024 and 2025, and its partners have built and invested in over 40 companies, including Dig Security and Talon, both sold to Palo Alto Networks. Its engine is the CISO Village, a network of roughly 600 chief information security officers who stress-test company ideas before Team8 builds them; its 2025 summit drew more than 100 of them to Florida and was billed, with only mild exaggeration, as the Davos of cybersecurity.
The strongest endorsement of the model came from outside it. In December 2024, Team8 co-founder Nadav Zafrir, a former commander of Unit 8200 who was involved in building 17 cyber companies at the studio, became CEO of Check Point, one of the largest security vendors in the world. A public company handing itself to a studio operator says where the industry currently thinks company-building competence lives. It also cost the studio its best-known partner, which is the flip side of a model built on a few exceptional operators.
Cyberstarts
Gili Raanan's firm sits between seed fund and studio, and its methodology is the part worth studying. Cyberstarts has raised more than $1.4 billion across seven funds and co-led the roughly $20 million Wiz seed that returned a couple of hundred times its money at the $32 billion Google exit. Its Sunrise program formalized what Team8 does informally: a bench of about 75 CISOs who validate problems and shape products for portfolio companies from day zero, which is venture creation in everything but name.
Then the incentives caught up with it. In 2024, Forbes reported that Sunrise included profit-sharing with the participating security executives, some of whom worked at companies that bought products from the startups the program advised. Raanan suspended the payments in a letter to the 75 CISOs while insisting the program itself would continue. I flag this not to dunk on Cyberstarts but because it is the honest cost of the design-partner model: when the people validating the product also share in the upside, you have manufactured product-market fit, and buyers eventually ask whose fit it is. Follow the incentives in any studio pitch you hear.
DataTribe
The Maryland foundry is the smallest of the three and the most distinctive. DataTribe manages roughly $200 million with a $41 million third fund closed in 2025, writes $2 million to $3 million foundry checks for stakes near 25 percent, and commercializes technology built by alumni of the NSA and adjacent agencies, 23 investments over its life. Dragos is the flagship, and the model keeps running: DataTribe led Frenos's $3.88 million seed in January 2025. Its annual DataTribe Challenge is the closest thing the model has to an open call: five finalists, up to $2 million in seed capital for a winner willing to co-build, with Evercoast taking the eighth edition in November 2025.
New entrants keep arriving: in March 2025, GenLab Venture Studios and Europe's DCSO announced a new venture studio for agentic AI cyber defense. And one detail from the Cyera cap table shows how attractive studio credit has become: both Team8 and Cyberstarts describe the $12 billion data-security company as their co-creation. When two firms want credit for the same company, the model is fashionable. Whether it is durable through a downturn, when concentrated stakes in a few self-built companies cut both ways, is genuinely open.
The cyber accelerators still standing
The active dedicated programs share one trait: each owns an asset a founder cannot get elsewhere, and several of them charge no equity at all for it.
MACH37
America's first cyber-dedicated accelerator, launched in September 2013 with $2.5 million from the Commonwealth of Virginia, and the proof that the first wave could adapt rather than end: it moved into private hands and kept going. Now owned and operated by the innovation firm VentureScope, it has made 58 investments with nine exits, including Adlumin, which the MSP platform N-able acquired in November 2024. Its most recent cohort launched in Fall 2025, the same year it accepted its first non-US company. Its asset is the northern Virginia national-security ecosystem it sits inside.
8200 EISP
Israel's first accelerator, founded in late 2010 by the Unit 8200 alumni association, and still the most selective non-equity program in cyber. Over 15 years it has supported more than 200 startups that raised over $1.5 billion, with more than ten acquired, running one cycle a year and taking nothing: it is a nonprofit whose asset is privileged access to the 14,000-strong 8200 alumni network, the same talent pool that feeds the studios and that I covered in the operator-VC piece. If founders are the scarce resource in cyber, EISP sits at the tap.
NATO DIANA
The state has not left the accelerator business, it has moved up a level. DIANA, NATO's Defence Innovation Accelerator, runs across 200 plus accelerator sites and test centres, pays a €100,000 Phase 1 grant with a €300,000 Phase 2 for top performers, and takes no equity. Selectivity is brutal: 73 companies from more than 2,600 proposals for the 2025 cohort, then a record 150 from 3,700 applications for 2026. Cyber is one challenge area among several, so this is a dual-use play rather than a pure cyber program, but its asset is one nobody else can offer: a path toward allied defence ministries as customers.
Google for Startups Growth Academy: AI for Cybersecurity
The corporate program with staying power. A three-month, equity-free growth program for seed to Series A companies applying AI to security, whose third cohort of 16 companies from eight countries was announced at the Munich Cyber Security Conference in February 2025. Google's asset is obvious, distribution and its own tools, and the read-across is that a program like this also gives Google an early look at what is being built in the category, the same appetite that showed up at full scale in the $32 billion Wiz deal.
Plug and Play
The volume player, in transition. Plug and Play, the corporate innovation platform founded in Silicon Valley in 2006, long ran cybersecurity as one of its industry verticals, and its model is the inverse of a studio: no equity taken and no program fee, because Fortune 500 corporate partners pay for the program to source vendors and pilots, and the firm's venture arm invests separately when it wants a position. Worth noting: as of this writing its dedicated cybersecurity industry page returns a 404, and security startups now enter through the broader enterprise programs. The value was never the curriculum anyway, it is a warm path into enterprise buyers who are already paying to be in the room.
The generalist B2B accelerators that also back cyber
Here is the part the cyber-only lists miss entirely: some of the category's best outcomes never touched a cyber-dedicated program. They came through the generalist B2B machines, where security is just another line of enterprise software. I have skin in this game, as a mentor at 500 Global, and I keep a separate ranking of Europe's top 30 accelerators on the NUOPTIMA side. My video below walks through my ten favorite accelerators for SaaS founders and how to actually get accepted.
Y Combinator
The biggest cyber backer nobody calls a cyber investor. YC's own directory lists 104 security startups, and its standard deal is public: $125,000 for 7 percent plus $375,000 on an uncapped MFN safe, $500,000 in total for a 12-week batch. The flagship security outcome is Vanta, the compliance automation platform founded in 2017, which reached a $4.2 billion valuation on a $150 million Series D in 2025; Teleport is another YC security alumnus. Vanta matters for this article's argument: it took a generalist program's standard deal, kept its cap table clean, and grew into one of the category's biggest private valuations. The generalist route works in cyber when the product sells like software rather than like security.
Alchemist Accelerator
The enterprise specialist among the generalists. Alchemist, founded in 2012 by Ravi Belani in San Francisco, only takes startups whose revenue comes from enterprises, which makes it a natural fit for security founders selling to businesses. It has put roughly 515 startups through the program with 61 exits, more than half of its graduates close an institutional round within 12 months of its demo day, and its cyber portfolio includes Arkose Labs, the enterprise fraud and bot-defense firm that went on to a $70 million Series C, and BreachRx, the incident-response platform that raised a $15 million Series A in May 2025. Arkose is the quiet proof point: a B2B accelerator alum competing head-on with venture-studio-built security companies.
TinySeed
The opposite end of the ambition spectrum, and deliberately so. TinySeed, founded in 2018 by Rob Walling, calls itself the first accelerator for B2B SaaS founders who do not want the venture treadmill: remote, built for companies aiming at sustainable scale rather than unicorn status, with more than 210 companies backed and a Spring 2026 batch open. It has security names too: GlitchSecure, a continuous penetration-testing platform from its Fall 2022 cohort, went on to raise a CAD $2 million seed. Most of the security market is not unicorn-shaped, and a bootstrapper-friendly accelerator is an honest match for a pentest or compliance tool with a $3 million ARR ceiling that still makes its founder wealthy.
500 Global and Techstars
The volume generalists. 500 Global, formerly 500 Startups, manages $2.3 billion and runs its flagship four-month program on a $150,000 for 6 percent standard deal, with around 60 percent of each cohort from outside the US, and cyber appears as a named sector in programs it operates, including the Sanabil accelerator it runs in Saudi Arabia. I mentor there, and the honest observation from inside is that security startups in a generalist batch get something the cyber-only programs cannot offer: a peer group of buyers, because half the batch needs SOC 2 and somebody to secure their stack. Techstars runs the same play at $120,000 across three-month programs in dozens of cities. For a security founder, the generalist trade is simple: you give up the specialist CISO network and gain brand, reach and a broader investor funnel.
The channel turn: programs built for MSP distribution
Everything above targets the enterprise buyer or the general software market. The newest programs make a different bet, one regular readers will recognize: SMB technology spend now outgrows enterprise, small businesses buy their security through MSPs rather than from vendors, and until recently almost no early-stage machinery existed to build companies for that channel.
Vibe Studio by Top Down Ventures
Vibe is the clearest expression of the thesis. It is a 12-week venture-building sprint for founders building AI-native tools at the intersection of MSPs and SMBs: $250,000 invested across two SAFEs, one company selected per quarterly cohort over two years, full-stack product and engineering support to a production-ready MVP, and go-to-market through MSP distribution rather than enterprise sales. The parent firm, Top Down Ventures, was founded by ScalePad founder Chris Day and closed its $28 million Founders Fund I above target, the first institutional fund dedicated exclusively to early-stage MSP software and AI companies, with over 100 limited partners drawn largely from the MSP ecosystem itself and operating advisors like former ScalePad CEO Dan Wensley.
Structurally this is the Team8 playbook with the nouns swapped: the design partners are MSP owners instead of CISOs, the LPs are the future customers, and the distribution channel is baked in before the product exists. Whether the MSP market can support venture-scale outcomes is the open question, and I mapped the honest answer in where the $1 billion of MSP software funding went: the channel is real, the exits so far are mostly strategic rather than public. But as a machine for getting a product into a few hundred MSPs fast, no other program currently offers that combination.
ConnectWise PitchIT
The accelerator variant of the same bet, run by a platform vendor rather than a fund. PitchIT is ConnectWise's 16-week accelerator for startups building in its MSP ecosystem, now in its seventh year, with access to a 45,000-partner network as the real prize; the $70,000 grand prize that Strategy Overview took at IT Nation Connect 2025 is almost incidental next to the stage time in front of thousands of MSPs. The 2026 cohort launched in May. For a security vendor targeting SMBs, one PitchIT run can be worth more than any enterprise program on this page, because the channel is the buyer.
The economics: what each model pays and takes
Put the models side by side and the trade gets clearer. None of these is a bargain or a rip-off in the abstract; each prices a different missing ingredient. The specialist seed funds from the VC tier above sit at the top of the ladder.
| Model | Capital | Equity taken | What you actually get | Named examples |
|---|---|---|---|---|
| Government / corporate accelerator | €0 to €300K grants | None | A government or enterprise customer path, credibility | NATO DIANA, Google Growth Academy, Plug and Play, 8200 EISP |
| Generalist B2B accelerator | $120K to $500K | 6 to 7% | Brand, batch network, broad investor funnel; cyber one vertical among many | Y Combinator, Alchemist, 500 Global, Techstars, TinySeed |
| Cyber / channel accelerator | Small checks, prizes | 0 to single digits | Sector ecosystem access, buyer proximity | MACH37, ConnectWise PitchIT |
| Venture studio / foundry | $250K to $3M first money | Roughly 25% and up | Validated problem, recruited team, design partners, follow-on path | Team8, Cyberstarts, DataTribe, Vibe |
| Specialist seed VC (next tier) | $4M to $15M | Around 20% | Capital and a CISO network, you bring the company | Cyberstarts funds, YL, SYN, Ballistic |
The studio stake draws the most argument, so price it honestly from both sides. A quarter of the company for the first check is triple what a generalist accelerator takes. The studio's answer is that the comparison that matters is dilution to milestone, not dilution per check: a studio company starts with a problem validated across a 600-strong CISO network, a recruited team and design partners installed, which can save the year or more a cold-start startup spends discovering its first idea was wrong. That argument is real, and so is the counter: Vanta took a generalist program's standard deal, kept its equity, and built one of the category's most valuable private companies anyway. A founder who already has the problem, the team and the first buyers gains little from studio scaffolding and pays a fortune for it. Neither side of the trade is wrong. The price is only wrong when it buys something you already have.
What it means if you are choosing a program
The practical read, if you are building in security in 2026. First, check the program is alive before you build a target list: directory pages updated as recently as June 2026 still describe CyLon as "the world's leading cyber security accelerator", five years after its last cohort, and the big listicles carry LORCA-era programs the same way. Anything without a dated 2025 or 2026 cohort deserves a status check before it goes on your list.
Second, pick by what you lack, not by model or brand. Deep technical founder without company-building experience or buyer access: that is the studio profile, if you can stomach the stake. Working product that sells like software: the generalist B2B programs have produced major cyber winners, Vanta above all, at a fraction of the equity. National security angle: MACH37 or DIANA, where the support comes with a defence customer path. Israeli founder: 8200 EISP costs nothing and connects you to everything. SMB product: the channel programs, because the MSP ecosystem is where your buyer already shops, and Vibe or PitchIT will put you in front of them faster than any enterprise program.
Third, read the incentives before you sign, whatever the model. The Sunrise episode is the caution for the whole design-partner economy: when advisors are paid in upside, their enthusiasm is data about the deal, not the product. Ask any program who its mentors and design partners are and how they are compensated; the good ones answer plainly. And wherever you enter, the next stop is the same: the specialist seed funds, then eventually the buyers I cover on the private equity side. The machinery on this page decides which companies exist for that pipeline at all.
FAQ
An accelerator takes an existing startup through a fixed program, typically 12 to 16 weeks, with mentorship and network access, for zero to single-digit equity. A venture studio builds the company itself: it validates the problem with buyers, recruits the founding team, invests the first $250,000 to $3 million, and takes a stake of roughly 25 percent or more. Team8, Cyberstarts and DataTribe are the studio benchmark in cyber; MACH37, 8200 EISP and NATO DIANA are notable active accelerators, alongside generalists like Y Combinator and Alchemist.
LORCA and NCSC For Startups have both concluded: LORCA ran five cohorts from 2018 to 2022, beat its investment target five times over and closed with its mandate complete, and NCSC For Startups officially concluded per the NCSC's 2025 annual review after 75 graduates raised £526 million. Cyber Runway delivered five editions and, as of mid-2026, has no confirmed successor cohort. CyLon, Europe's first cyber accelerator with 102 companies through its programs, stopped running cohorts and survives as a small ventures arm. Many online directories still list these as active.
Neither model wins outright, and the studio model is young enough that the jury is still out. Studios manufacture what cyber founders most often lack, validated problems and buyer access through CISO networks, and produced Dragos and Cyera. But the generalist route has produced major winners too, Vanta above all ($4.2 billion valuation from a standard Y Combinator deal), with founders keeping far more equity. The right choice depends on what the founder is missing: company-building scaffolding points to a studio, buyer access on a working product points to an accelerator.
Yes, and some of the category's best-known outcomes came that way. Y Combinator's own directory lists 104 security startups, including Vanta and Teleport. Alchemist, the enterprise-only accelerator, counts Arkose Labs and BreachRx in its portfolio. TinySeed, the bootstrapper-friendly B2B SaaS accelerator, backed GlitchSecure. 500 Global runs cyber as a named sector in programs like its Sanabil accelerator. For security products that sell like enterprise software, the generalist route is a proven path.
It depends on what you are buying with it. Measured per check it is triple a generalist accelerator stake. Measured as dilution to milestone it can be fair: a studio company starts with a confirmed problem, a recruited team and installed design partners, potentially saving a year of wandering. DataTribe typically writes $2 million to $3 million for stakes near 25 percent, and its best-known foundry outcome is Dragos, last valued at $1.7 billion. But a founder who already has the problem, team and early buyers gains little from the scaffolding, and Vanta shows how far the cheaper route can go.
Sunrise connected around 75 CISOs with Cyberstarts portfolio startups as design partners, and Forbes reported in 2024 that it included profit-sharing with those executives, some of whose employers bought products from the startups involved. Founder Gili Raanan suspended the payments in a letter to the CISOs while keeping the program running. It remains the clearest warning about incentives in the design-partner model: paid enthusiasm is not the same signal as organic demand.
Yes, and they are the newest category. Vibe Studio by Top Down Ventures invests $250,000 across two SAFEs in one company per quarterly cohort, with product support and go-to-market through MSP distribution; its parent closed a $28 million fund with over 100 mostly MSP-ecosystem LPs. ConnectWise PitchIT runs a 16-week accelerator with access to 45,000 channel partners and a $70,000 grand prize. For SMB security products the channel is the buyer, so these programs can outperform any enterprise program.
Several, each funded by someone other than the founder. NATO DIANA pays €100,000 grants (€300,000 in phase two) with no equity, funded by allied governments. 8200 EISP is a nonprofit run by the Unit 8200 alumni association. Google's Growth Academy for AI in cybersecurity and Plug and Play's corporate-sponsored programs are also equity-free, paid for by Google and Fortune 500 partners respectively. The trade is that these programs offer access rather than capital, so most companies still raise a conventional seed round.