💰 Security, Funded #105 - Cloudy with a Chance of Earnings: A Wild Week of Wallets & Workloads ☁️💸
A review of cybersecurity funding and industry news from the week of July 31st, 2023.
Happy Monday and Happy Hacker Summer Camp week to all those who celebrate!
🏃♂️ The Rundown
A meta roundup of all the important things affecting cybersecurity and the macroenvironment:
🤯 Crazy YTD funding and acquisition stats
🎩 Happy Black Hat and Hacker Summer Camp Week
🏢 18 companies secure $408.2M, 11 companies acquired
🤖 AI incidents, ChatGPT prompt attacks, federal regulations
⛈️ Fortinet missed earnings and new cloud workload yearnings
This week’s issue is coming live and direct from Black Hat in Las Vegas! 🎲 🎲
Me trying to do this newsletter in my hotel room after a 10-hour flight with no WiFI
I fully expect generative AI to be the main theme of this year’s conference, but I think we’ll see a lot more than just the standard “AI-enabled chatbot” features (not that any of those are bad, just common now). Will report back what the vibe and themes were like in next week’s issue.
Coming into this week we’ve got another large traunch of funding and acquisitions as the year continues to accelerate.
If you see me around, feel free to come up and say hello. I’d love to meet you! I’ve also got a super low number of Security, Funded stickers left to hand out, so find me if you want one.
Onward to this week's issue.
🔮 Earnings Reports
A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies:
Fortinet ($FTNT) - stock got clapped ~26% after it missed its Q2 revenue estimate and lowered forward-looking guidance for the rest of the year. Fortinet did see growth in the US federal sector, one of the “required spend” categories, but saw negative growth in the retail sector.
Fortinet, and other traditional network firewall vendors, are starting to get eaten by the SASE (Secure Access Service Edge) that takes on a whole different architecture, cost model, and lends itself to a more distributed workforce. Even still, investor haven’t counted Fortinet out just yet and the stock is making a rebound.
Also of note - Amazon ($AMZN) smashed its Q2 earnings report. Why include this, you ask? Because what the cloud heavyweights do or don’t do is a leading indicator of enterprise software sales overall, including security. Amazon saw less cost-cutting and more new business models driven by AI.
Less cloud cost savings + new business models driven by AI = new cloud workloads ☁️ and more things to secure 🧠
📅 YTD Funding
A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.
Another huge week of funding in terms of volume. Want to know what’s crazy? At only 6 weeks into Q3, total funding for this quarter is only ~11% less than ALL of the funding for Q3 2022 and there is still 8 weeks left to go.
Huge week for acquisitions as well, and we’re continuing to see the buy vs. build strategy play out for 2023. 2023 acquisitions have already surpassed all of 2022 acquisitions year to date. 🤯
It’s a great time to go get acquired or do some acquiring.
💰 Funding Summary
18 companies raised $408.2M across 15 unique product categories
11 companies were acquired or had a merger event across 7 unique product categories
🧩 Funding By Product Category
$175.0M for Secure Networking across 1 deal
$90.0M for Software Supply Chain Security across 2 deals
$38.0M for Breach & Attack Simulation (BAS) across 1 deal
$24.0M for Threat Intelligence across 1 deal
$15.0M for Cyber Insurance across 1 deal
$14.2M for Network Security across 1 deal
$12.5M for Threat and Risk Prioritization across 1 deal
$10.2M for Data Protection across 2 deals
$10.0M for Professional Services across 1 deal
$8.0M for Application Security across 1 deal
$5.3M for Identity and Access Management (IAM) across 1 deal
$3.0M for Security Orchestration and Automated Response (SOAR) across 1 deal
$3.0M for Cybersecurity Education & Training across 1 deal
$100.0K for Managed Security Services Provider (MSSP) across 1 deal
An undisclosed amount for Threat & Vulnerability Management (TVM) across 2 deals
🏢 Funding By Company
Endor Labs, a United States-based software supply chain security platform, raised a $70.0M Series A from Dell Technologies Capital, Section 32, Lightspeed Venture Partners, and Coatue Management. (more)
Is7-Intel, a United States-based managed security services provider (MSSP), raised a $100.0K Seed.
Guyuan Technology, a China-based threat and vulnerability management (TVM) platform, raised an undisclosed Seed.
MITRE Corporation, a United States-based non-profit behind the Common Vulnerabilities and Exposures (CVE) scoring system that catalogs publicly disclosed cybersecurity vulnerabilities, raised an undisclosed Grant from the U.S. Department of Energy.
🌎 Funding By Country
$381.0M for United States across 14 deals
$14.2M for China across 2 deals
$10.0M for Australia across 1 deal
$3.0M for Germany across 1 deal
🤝 Mergers & Acquisitions
📚 Great Reads
AI Incident Database - The AI Incident Database is dedicated to indexing the collective history of harms or near harms realized in the real world by the deployment of artificial intelligence systems.
Promptmap - By Utku Sen: A tool that automatically performs prompt injection attacks on ChatGPT instances by analyzing ChatGPT rules and generating creative attack prompts tailored to the target.
*SBOM & the Software Supply Chain - EdgeBit’s take on federal regulation around supply chain security on the Cloudcast podcast. Background on why the government is stepping in and how their actions will likely change SOC2/ISO standards in the future.
MITRE ATLAS - A knowledge base of adversary tactics, techniques, and case studies for machine learning (ML) systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research.
*Sponsored content and/or affiliate link.
The attacker is logging in from inside the building 😱
— mRr3b00t (@UK_Daniel_Card)
Aug 3, 2023
How was this week's newsletter?
✅ Let’s Work Together
Whenever you’re ready, I’ve got a few ways I can help support you: