• Return on Security
  • Posts
  • 💰 Security, Funded #114 - Practitioners Unite: Down with Acronyms, Up with Funding!

💰 Security, Funded #114 - Practitioners Unite: Down with Acronyms, Up with Funding!

A deep dive on cybersecurity funding and industry news from the week of October 2nd, 2023.

Hey there,

Before jumping into the newsletter, I would like to extend my deepest sympathies and thoughts to all communities impacted by the horrible terrorist attacks that occurred in Israel over the weekend.

In this week’s issue, we’ve got:

  • 🔥 Fire sales increasing

  • 🤝 Everybody hates buzzword marketing

  • 💰️ 11 companies raised $217.2M, 7 companies acquired

  • 🎯 Global cybersecurity funding crosses big milestone for 2023

Onward to this week's issue.


Close more enterprise deals

Automate security and privacy compliance

With a streamlined workflow and expert guidance, Secureframe automates the entire compliance process end-to-end. What makes Secureframe different?

  • Get audit-ready and achieve compliance in weeks, not months, with built-in remediation guidance and 100+ integrations.

  • Stay compliant with the latest regulations and requirements, including ISO 27001, GDPR, HIPAA, PCI, and other standards.

  • Automate responses to RFPs and security questionnaires with AI.

  • Trusted by hyper-growth organizations: AngelList, Ramp, Lob, Remote, and thousands of other businesses.

🗣️ Now Accepting Sponsors for 2024

Want to get your brand in front of 5,000+ cybersecurity leaders, CISOs, decision-makers, and investors? Email [email protected], and let’s get this bread together in 2024 🥖 !

Vibe Check - People vs. Tools

If you had to choose, which would you rather have for your cybersecurity program? Why?

Login or Subscribe to participate in polls.

Last week’s poll:

Vibe Check - CISOs
Which cybersecurity product acronym do you hate more?

This has probably been my favorite vibe check to date. “X” anything has to go. Nothing brings people closer together than a shared disdain for bad marketing, and the commentary last week did not disappoint. Some of my favorites were:

“its tacky and i hate it”

“Anything with an X immediately sets off BS alarms...and that's before the Twitter rebrand

“I wish you were trolling us on these but I'm afraid you are not.”

If you want to add commentary to your poll answer, leave an answer when you cast your vote or email me at [email protected]. 

🔮 Earnings Reports

A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies.

No public earnings calls to report on from last week! 🫡

📅 YTD Funding

A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.

With the first week of Q4 2023 behind, global cybersecurity funding YTD has now hit the 8-figure mark at ~10.5B. 🚀 The quarterly average for 2023 so far has been ~$2.9B compared to ~$4.7B in 2022.

Acquisitions are continuing their upward trajectory as the year goes on. I expect these numbers to increase and stay relatively high as more companies enter into the final throes of their runway and start looking for that strategic acquisition lifeline. A number of companies that raised in 2021 and 2022 that haven’t made up traction are approaching fire sale season. 🔥 👀 

💰 Funding Summary

  • 11 companies raised $217.2M across 11 unique product categories

  • 7 companies were acquired or had a merger event across 5 unique product categories

🧩 Funding By Product Category

  • $204.3M for Identity and Access Management (IAM) across 1 deal

  • $4.4M for Network Detection and Response (NDR) across 1 deal

  • $4.0M for Open-Source Intelligence (OSINT) across 1 deal

  • $2.7M for Artificial Intelligence (AI) Privacy Assurance across 1 deal

  • $1.0M for Managed Security Services Provider (MSSP) across 1 deal

  • $400.0K for Threat Detection and Response (TDR) across 1 deal

  • $382.6K for Professional Services across 1 deal

  • An undisclosed amount for Security Operations across 1 deal

  • An undisclosed amount for Security Awareness across 1 deal

  • An undisclosed amount for Security and Compliance Automation across 1 deal

  • An undisclosed amount for Attack Surface Management (ASM) across 1 deal

🏢 Funding By Company

  • Yubico, a United States-based hardware-based multi-factor authentication (MFA) device company, raised a $204.3M Venture Round. (more)

  • Nano Corp, a France-based network detection and response (NDR) platform, raised a $4.4M Seed from Giesecke+Devrient Ventures. (more)

  • 443ID (also known as Take 2 Identity), a United States-based open-source intelligence (OSINT) company, raised a $4.0M Seed. (more)

  • Vera, a United States-based platform for preventing the leakage of confidential data to generative AI systems, raised a $2.7M Pre-Seed from Differential Ventures. (more)

  • Evo Security, a United States-based managed identity and access management platform for MSSPs, raised a $1.0M Venture Round from Strategic Cyber Ventures. (more)

  • CyViation, an Israel-based threat detection and response platform for airplanes, raised a $4.0M Seed round. (more)

  • Apollo Secure, an Australia-based professional services firm focused on cybersecurity assessments and training for SMBs, raised a $382.6K Pre-Seed from Brisbane Angels and Sydney Angels. (more)

  • BRIGHTSIDE, a Switzerland-based personalized security awareness training platform using AI, raised an undisclosed Venture round.

  • C2SEC, a United States-based attack surface management (ASM) platform, raised an undisclosed Venture Round from Tech4Trust.

  • ComplyAce, a Canada-based platform using a narrowly trained AI model to help early-stage companies answer security and compliance questions, raised an undisclosed Pre-Seed from Badhouse Ventures.

  • Mitiga, an Israel-based cloud-based incident response platform, raised an undisclosed Venture Round from  Cisco Investments. (more)


Adopt a SIEM-less SOC Architecture At Your Own Pace with Anvilogic

Build & tune custom detections in minutes across multiple security data lakes

Looking to incrementally adopt a security data lake alongside your legacy SIEM? Need to implement detection-as-code?

Instead of requiring you to centralize all of your data in one place, Anvilogic works as your security analytics layer on top of the data lake(s) you choose.

Our platform bridges your legacy SIEM and security data lake, giving you the choice to incrementally migrate over time resulting in 80% cost savings on average (based on 1TB+ of data).

🌎 Funding By Country

  • $212.0M for United States across 5 deals

  • $4.4M for France across 1 deal

  • $400.0K for Israel across 2 deals

  • $382.6K for Australia across 1 deal

  • An undisclosed amount for Switzerland across 1 deal

  • An undisclosed amount for Canada across 1 deal

🤝 Mergers & Acquisitions

  • Trustwave, a United States-based managed security services provider (MSSP), was acquired by Chertoff Group for $205.0M. (more)

  • Advanced Network Systems, Inc., a United States-based managed security services provider (MSSP), was acquired by Magna5 for an undisclosed amount. (more)

  • Avirtek, a United States-based IT asset discovery and management platform, was acquired by Loch Technologies for an undisclosed amount. (more)

  • Beyond Binary, an Australia-based professional services firm focused on offensive security testing and training, was acquired by Tesserent for an undisclosed amount. (more)

  • Blue Lava, a United States-based cybersecurity assessment and program maturity platform, was acquired by Zyston for an undisclosed amount. (more)

  • Imagosoft Identity Management Solutions, a Canada-based professional services firm focused on identity and access management (IAM) services, was acquired by KPMG for an undisclosed amount. (more)

  • Uno, a United States-based password management platform, was acquired by Okta for an undisclosed amount. (more)

📚 Great Reads

  • Overcoming Security Obstructionism - Matt Jay talks about Security Obstructionism and shares why we're our worst enemy in information security.

  • *Privacy-First Development - Privacy-first development is essential for healthcare tech companies to protect sensitive patient data and maintain trust with users. Privacy Dynamics offers robust solutions for data minimization, maintaining data utility, and integrating privacy into the development lifecycle.

  • The Security Research Product Function - Deep dive post by Zack Allen. Security research product function is essential to keep up with the latest threats and vulnerabilities. It helps product teams build features that detect and prevent attacks.

  • The Evolution of the BISO Role: Challenges and Opportunities - The Business Information Security Officer (BISO) role is essential in bridging the gap between cybersecurity and business, but it faces challenges. Learn what it takes to excel in this role and how to overcome its limitations.

*Sponsored content and/or affiliate link.

🧪 Labs

Love it when my attackers are direct and just say what they really want

How was this week's newsletter?

Login or Subscribe to participate in polls.

Join the conversation

or to participate.