• Return on Security
  • Posts
  • 💰 Security, Funded #109 - Earnings Spicy, Tools Dicey, Cash Pricey! 🌶️

💰 Security, Funded #109 - Earnings Spicy, Tools Dicey, Cash Pricey! 🌶️

A review of cybersecurity funding and industry news from the week of August 28th, 2023.

Hey there,

Happy Tuesday, and I hope you had a great weekend and a long one if you celebrated Labor Day.

This week, we’ve got:

  • 🔥 Shots fired on earnings calls

  • 📚 Tool overload and identity basics

  • 📅 Seasonal downtick in macro trends

  • 💰 $65.9M raised, 2 companies acquired

Plus lots of great content to check out. Thank you to everyone who has been voting on the recent addition of the Vibe Check polls and for all the helpful commentary that has come with it. If you’ve got questions you want me to ask, send them over, I love getting suggestions!

Onward to this week's issue. First time reading, or was this email forwarded to you? Sign up here.

Vibe Check #4 - AI Security Tools

Are you starting to evaluate or purchase this new wave of tools focused on the security or privacy of AI or LLM usage? Bonus points if you tell me why!

Login or Subscribe to participate in polls.

Last week’s poll:

Vibe Check #3 - Tool consolidation
If you are a practitioner, is your program currently focused on tool, vendor, or service consolidation?

80% of respondents said that tool consolidation was a big focus or a medium focus. This kind of focus is typically reserved for large companies with large security programs and budgets and with many groups making buying decisions. Practitioners and companies are always in various stages of “point solutions FTW” vs. “one vendor to rule them all” modes. I see this happen every 2-3 years across the industry, and it’s a cycle that won’t stop any time soon.

If you want to add commentary to your poll answer, leave an answer when you cast your vote or email me at [email protected]. All responses will be kept anonymous 🤫 


Automate security and privacy compliance

With a streamlined workflow and expert guidance, Secureframe automates the entire compliance process, end-to-end. What makes Secureframe different?

  • Get audit-ready and achieve compliance in weeks, not months, with built-in remediation guidance and 100+ integrations.

  • Stay compliant with the latest regulations and requirements, including ISO 27001, GDPR, HIPAA, PCI, and other standards.

  • Automate responses to RFPs and security questionnaires with AI.

  • Trusted by hyper-growth organizations: AngelList, Ramp, Lob, Remote, and thousands of other businesses.

🔮 Earnings Reports

A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies:

  • CrowdStrike ($CRWD) - beat earnings estimates, as expected, on the back of consolidation and continued customer expansion on its subscription platform. CrowdStrike cited success in a new observability use case, an area typically reserved for the Datadogs of the word, as another driver of their success.

    Like Ice Cube said, “[earnings] day was a good day.

    CrowdStrike also fired some shots, openly challenging competitors (see below) and going after Microsoft's complex and costly systems.

  • SentinelOne ($S) - This one was a spicy one! 🔥 SentinelOne squashed the rumors about being acquired by Wiz and called Wiz a “nice little company” but said they intended to remain a public and independent company.

    The general vibe from the earnings call went something like this (using my own words):

    • CrowdStrike lies a lot

    • Don’t compare us to CrowdStrike

    • We’re going to do the exact same things as CrowdStrike

    Despite the exciting commentary, SentinelOne beat its earnings estimates (even though they are still operating at a loss, just not as bad of a loss), and the shares rose 3% after hours.

  • Okta ($OKTA) - beat its earnings estimates on the back of increased new customer acquisition at larger stage companies, expanding Privileged Access Management (PAM) offerings, and continued growth in the US Federal sector.

    IAM continues to have momentum and enjoys being one of the most deeply entrenched fields in cyber with respect to business operations. It’s constantly a board-level matter and has tangible impacts on things like organizational design, M&A, and audits. Federal mandates really help propel this, too, as all the government and 3-letter agencies have identity offices.

    The [growth in identity] will continue until morale improves.

📅 YTD Funding

A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.

As you can see from last year’s data, this week was the bottom in 2022. In 2023, I think this is one part of typical downtime as founders are getting ready for that Q4 funding roadshow push. I expect this to come back up to the second half of the 2023 baseline we’ve seen so far.

The same holds true on the acquisition front for seasonal downtime of acquiring. If I were on the corp VC buy side, I’d wait until after Labor Day or Burning Man, too 👀 🔥 🕺 

💰 Funding Summary

  • 7 companies raised $65.9M across 7 unique product categories

  • 2 companies were acquired or had a merger event for $3.9M across 2 unique product categories

🧩 Funding By Product Category

  • $40.0M for Continuous Compliance across 1 deal

  • $11.9M for Cyber Insurance across 1 deal

  • $6.4M for Anti-Bot across 1 deal

  • $4.3M for Secure Remote Access across 1 deal

  • $2.0M for Application Security across 1 deal

  • $1.3M for Fraud and Financial Crime Protection across 1 deal

  • An undisclosed amount for Data Protection across 1 deal

🏢 Funding By Company

  • Hyperproof, a United States-based automated compliance monitoring and security platform, raised a $40.0M Venture Round from Riverwood Capital. (more)

  • Dattak, a France-based cyber risk insurance company, raised a $12.0M Series A.

  • Fraud0, a Germany-based anti-bot and ad fraud detection platform, raised a $6.4M Seed from Signals Venture Capital. (more)

  • Alarum Technologies, an Israel-based secure remote access for consumers and enterprises, raised a $4.3M post-IPO equity round. (more)

  • Fianu Labs, a United States-based software security and governance platform, raised a $2.0M Seed from DataTribe. (more)

  • OneID, a United Kingdom-based identity verification platform, raised a $1.3M Seed from ACF Investors. (more)

  • Rubrik, a United States-based data management platform focusing on zero-trust data protection, raised an undisclosed Secondary Market round from Irving Investors.

🌎 Funding By Country

  • $42.0M for United States across 3 deals

  • $11.9M for France across 1 deal

  • $6.4M for Germany across 1 deal

  • $4.3M for Israel across 1 deal

  • $1.3M for United Kingdom across 1 deal


Unlock next-level growth

Whether you're a newbie or a seasoned pro, get insider tips to stand out, network like a champ, and seize opportunities at every stage.

Grab this course now and set your career on 🔥

🤝 Mergers & Acquisitions

  • Osirium, a United Kingdom-based privileged access management (PAM) platform, was acquired by SailPoint for $3.9M. (more)

  • Cyberillium, an Israel-based professional services firm focused on vulnerability research and penetration testing, was acquired by CYE for an undisclosed amount. (more)

📚 Great Reads

  • The problem with buying too many security tools - Learn from Alex McGlothin about the challenges of striking the perfect balance in securing your tech stack. Discover how to mitigate risks without falling into the trap of excessive vendor reliance and tool overload.

  • The building blocks of modern enterprise identity - Former security leader at Netflix, Jason Chan, explains the fundamentals of a modern enterprise identity program and how any founder or security leader can start building one for their business

  • What Does ‘AI in Security’ Actually Mean? - For leaders in the security space, there’s a lot of pressure to incorporate generative AI into security systems. If we don’t use AI, the thinking goes, the attackers eventually will.

  • *Start a Newsletter - If you’re thinking about starting a newsletter, I can't recommend Beehiiv highly enough.

Also, consider checking out this other newsletter called Take Off 👇️ 

Take OffThe TakeOff analyzes emerging market trends, actionable insights and venture capital flow in technology.

*Sponsored content and/or affiliate link.

🧪 Labs

Big brain moves only

Let’s Work Together

  1. Promote your business to a hard-to-reach audience of cybersecurity and investment professionals by sponsoring this newsletter.

  2. Schedule a 1:1 call for your company’s product strategy or GTM approach, reaching CISOs and security leaders, or anything else.

How was this week's newsletter?

Login or Subscribe to participate in polls.

Join the conversation

or to participate.