- Return on Security
- Posts
- 💰 Security, Funded #139 - Custard Tarts and Valuations
💰 Security, Funded #139 - Custard Tarts and Valuations
Insights for the week of April 8, 2024
Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Wiz and Anvilogic.
Hey there,
I hope you had a great weekend!
I was on holiday last week in Portugal for the first time, and it was great. The weather was incredible, and there was a lot to see and learn about. Thanks to everyone who shared their favorite places to visit, eat, and drink!
My breakfast every day but with 2 more espressos
Onward to this week's issue.
Submit a deal here: [email protected]
TOGETHER WITH
Google Cloud Security Foundations for Dummies Guide
Best Practices for Securing Google Cloud
Wiz created an in-depth eBook focused on GCP security fundamentals. This guide goes back to the basics and dives into how to secure everything you build and run on Google Cloud.
You’ll learn how to:
Manage complexity in the cloud
Understand Shared Fate and Zero Trust principles
Meet developers earlier in the development process
Secure the supply chain
Table of Contents
😎 Vibe Check
What area of security feels more important than ever right now?Bonus points if you tell me why! |
Last issue’s vibe check:
How much time are you spending educating your executive team on AI and Security?
🟨🟨🟨⬜️⬜️⬜️ 😬 Not really at all
🟩🟩🟩🟩🟩🟩 🙂 Small portion of my time
🟨🟨⬜️⬜️⬜️⬜️ 😫 Medium portion of my time
🟨⬜️⬜️⬜️⬜️⬜️ 😵💫 It's all I do now (2)
Surprising results from last week. Despite being the only topic in the news, most people who responded to this poll are only using a small portion of their time or not that much at all to educate their executive team on AI and Security. It could be that it’s already well covered elsewhere, or it could be that things are moving and changing so fast that people aren’t really trying to keep up with it.
My favorite comment from last week:
“I know there's lots of noise. I'm just trying to trap the worst of it.”
💰 Market Summary
14 companies raised $573.6M across 13 unique product categories in 4 countries
5 companies were acquired or had a merger event across 2 unique product categories
86% of funding went to product-based cybersecurity companies
No notable public cyber companies had an earnings call
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
Sometimes, it’s all about the announcement timing. While last week appeared to be down in the dumps, this week is riding sky-high. We are currently within reach of the upcoming RSA Conference in the US, so deal announcements are ratcheting up. 🚀
It was a strong week for services-based businesses on the funding and M&A front. With all of the high-price-tag acquisitions happening, it has become common to refer to what the acquired company was previously valued at as a sort of success measuring stick. I think this association needs to be paused for a while.
While I think this can sometimes be a useful metric, if a company raised money in the last 4-5 years, those old valuations no longer represent today’s reality. Valuations of 2019-2022 (and earlier) were figments, mirages, and specters. The past was the past, and the future hit everyone square in the mouth in the second half of 2022. Forget what happened in the ZIRP era and focus on the future.
🤙 Earnings Reports
Here are notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies. This section is Powered by Quartr.
See the public cyber company tracker, which shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more.
Earnings reports this week: No notable earnings calls.
🧩 Funding By Product Category
$300.0M for Data Security Posture Management (DSPM) across 1 deal
$150.0M for Data Protection across 1 deal
$28.0M for Security Analytics across 1 deal
$22.0M for Security Operations across 2 deals
$20.0M for Trust & Safety across 1 deal
$20.0M for Security and Compliance Automation across 1 deal
$15.3M for Professional Services across 1 deal
$8.0M for Data Access Governance across 1 deal
$4.0M for Managed Security Services Provider (MSSP) across 1 deal
$3.3M for Artificial Intelligence (AI) Governance across 1 deal
$3.0M for Data Privacy across 1 deal
An undisclosed amount for Operational Technology (OT) Security across 1 deal
An undisclosed amount for Connected and Autonomous Vehicle Security (CAVS) across 1 deal
🏢 Funding By Company
Cyera, a United States-based data security posture management (DSPM) platform, raised a $300.0M Series C from Coatue. (more)
Cohesity, a United States-based data protection and disaster recovery platform, raised a $150.0M Series F from NVIDIA and IBM. (more)
ONUM, a Spain-based security analytics and data observability platform, raised a $28.0M Series A from Dawn Capital. (more)
Alethea, a United States-based trust and safety platform focused on disinformation mitigation, raised a $20.0M Series B from Google Ventures. (more)
Sprinto, an India-based security and compliance automation platform, raised a $20.0M Series B from Accel. (more)
Andesite AI, a United States-based professional services firm focused on national security and cyber defense readiness, raised a $15.3M Seed from Red Cell Partners and General Catalyst. (more)
StrikeReady, a United States-based contextual awareness and collaboration platform for security operations, raised a $12.0M Series A from 33N Ventures. (more)
Simbian, a United States-based custom Large Language Model (LLM) designed for security operation activities, raised a $10.0M Seed from Cota Capital, Icon Ventures, and Rain Capital. (more)
PVML, an Israel-based data access governance and protection platform, raised an $8.0M Seed from NFX. (more)
Ostra Cybersecurity, a United States-based managed security services provider (MSSP), raised a $4.0M Series A from Rally Ventures. (more)
Knostic, an Israel-based identity and access management (IAM) platform for using GenAI applications and LLMs, raised a $3.3M Seed from Shield Capital, Pitango VC, DNX Ventures, and Seedcamp. (more)
Nymiz, a Spain-based privacy platform focusing on GDPR regulations, raised a $3.0M Seed from Swanlaab Venture Factory. (more)
Salvador Technologies, an Israel-based operational technology (OT) security platform focused on resiliency and recovery, raised an undisclosed Seed from Hubraum. (more)
Upstream Security, an Israel-based security platform for connected and autonomous vehicle (CAVS) fleets, raised an undisclosed Venture Round from Cisco Investments. (more)
🌎 Funding By Country
$511.3M for the United States across 7 deals
$31.0M for Spain across 2 deals
$20.0M for India across 1 deal
$11.3M for Israel across 4 deals
🤝 Mergers & Acquisitions
Btech, a United States-based managed security services provider (MSSP), was acquired by Secur-Serv for an undisclosed amount. (more)
Connetical, an Italy-based professional services firm focused on IoT, ICS, and network security services, was acquired by Planetel for an undisclosed amount. (more)
Foghorn Consulting, a United States-based professional services firm focused on cloud migration and security, was acquired by nClouds for an undisclosed amount. (more)
Ipseity Security, a Canada-based professional services firm focused on cyber resiliency consulting, was acquired by CYDERES for an undisclosed amount. (more)
Siveb, a Finland-based professional services firm focused on cyber risk assessments, was acquired by Fogmaker for an undisclosed amount. (more)
📚 Great Reads
A Letter from the Future - A futuristic short story from Phil Venables that is something like a Neal Stephenson cyberpunk novel from a not-so-distant future where cyber and physical conflicts are intertwined.
*Defrosting Snowflake SIEM Cost Factors: How does Snowflake perform against the top 8 SIEM cost factors security teams should consider? Data lakes are dramatically more cost-effective and scalable than all-in-one SIEM alternatives. This post breaks it down.
The Joy and Pain of Coding with AI When You Suck at Coding - Daniel Jeffries shares the trials and tribulations he had when he set out to create a complex application as someone who is not a developer. It's a really interesting read for coders and non-coders alike.
Robots Dream of Root Shells—Ben Hawkes discusses the evolution of AI in cybersecurity, focusing on the DARPA competitions CGC and AIxCC, which aim to use AI to find and fix security vulnerabilities autonomously.
*A message from our sponsor.
🧪 Labs
The more you know 🌈
How is everyone else doing today?
— rootsecdev (@rootsecdev)
Apr 5, 2024
How was this week's newsletter? |
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
If you spot any errors, let us know, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.
Join the conversation