💰 Security, Funded #141 - M&Ayhem

Insights for the week of April 22, 2024

Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Anvilogic and Subsalt.

Hey there,

I hope you had a great weekend!

2024 continues to be a confusing year from a global economic standpoint. On one hand, you’ve got weak economic data with less than stellar inflation and growth numbers:

  • The latest US GDP growth numbers from Q1 2024 came in at only a 1.6% increase (compared to the 2.4% expected)

  • US inflation is still ripping, but consumer spending is still up (going against what the US Fed expected)

  • The US Fed performing its best impression of a waffle 🧇 and may not be planning to decrease interest rates but possibly raise rates again

Investor sentiment regarding AI has never been higher, while at the same time, it is starting to show cracks. The speed of change in the AI industry is really unlike anything else we’ve seen in the tech world, with business materializing and then effectively “going to zero” the next month with the open sourcing of models.

It seems that irrespective of the broader stock market and economic signals, the cyber industry keeps chugging on. Rubrik's IPO last week and some major M&A and funding announcements are great examples of this, as the rest of the issue will show the same.

👋 Also, I’ll be out at BSides SF and RSA next week, so feel free to come over and say hello if you see me around and grab a sticker if you want one!

Onward to this week's issue.

Submit a deal here: [email protected]


Anvilogic Closes $45M Series C to Enable Security Data Lakes in the SOC

The Industry’s First Multi-Data Platform SIEM

Data is the new oil for security operations, and monolithic SIEMs are expensive to scale, leaving security operations teams grappling with detection gaps and high costs.

Anvilogic decouples security analytics from logging platforms, allowing seamless adoption of scalable and cost-effective data lakes without the need to rip-and-replace your existing SIEM.

Detect, hunt, and investigate threats across the data platforms you choose.

😎 Vibe Check

Are you going to be at BSides SF and/or RSA next week?

If yes, come say hello!

Login or Subscribe to participate in polls.

Last issue’s vibe check:
Do you think we have seen the bottom of down rounds, valuations, and cheap M&A in cyber yet? 
🟨⬜️⬜️⬜️⬜️⬜️ 😤 Yes (9)
🟨🟨🟨⬜️⬜️⬜️ 🤔 Not sure (13)
🟩🟩🟩🟩🟩🟩 😫 Nope (27)
49 Votes

On the M&A side, it's still a buyer’s market, and the industry's heavyweights are well-positioned to take advantage. Overall, there continue to be more distressed deals or "fire sales" than anything else. This is a continued hangover from the ZIRP era.

Some of the top comments last week were:

The rest of 2024 and early 2025 will be a frenzy of acquisitions and pivots.

"Cheap" is a pejorative term that most M&A teams avoid using. ;-)

💰 Market Summary

  • 15 companies raised $315.6M across 13 unique product categories in 4 countries

  • 6 companies were acquired or had a merger event for $11.7B across 4 unique product categories

  • 93% of funding went to product-based cybersecurity companies

  • 2 public cyber companies had an earnings report

  • 1 cyber company went IPO

📸 YoY Snapshot

This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.

Another big for cyber funding, and I suspect there will be a few more significant funding rounds announced before the month is officially up.

Another record-breaking week for M&A activity, with totals for April (so far) reaching $11.9B. This is currently the second-highest month in 2024, coming in slightly under the $14.4B in M&A from January.

🤙 Earnings Reports

Here are notable earnings reports from public cybersecurity companies. This section is Powered by Quartr, where I track all the latest earning reports.

See the public cyber company tracker, which shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more.

Earnings reports this week: Check Point Software and Juniper Networks

Check Point Software (CHKP)

Check Point beat its earnings and revenue guides in its latest earning call, but the stock has been down ~5% ever since.

  • Revenue grew by 6% to $599 million, and net income rose by 8% year-over-year to $235 million.

  • Subscription revenues increased by 15% to $263 million, and operating income grew by 6% to $252 million.

  • Check Point also announced a strategic partnership with NVIDIA for AI infrastructure firewalls and threat protection.

Check Point also didn’t miss the chance to dunk ⛹️ on its competitors, who keep having critical product vulnerabilities, citing that it has not had any of the same challenges 👀 (it’s never good to throw stones in the cyber world, IMO).

Juniper Networks (JNPR)

Juniper Networks opted not to have an earnings call, but it did release a report, so that’s what we’ll look at. Here are some of the key numbers:

  • Juniper reported a small net loss of $0.8 million this quarter, a big shift from the net profit of $85.4 million a year ago.

  • Cash from operating activities rose to $325 million from $191.5 million.

  • Share-based compensation expenses increased to $79.9 million from $60.9 million.

The income numbers don’t look great, but the operational numbers do. This would make sense because, as you may remember from issue #126 back in January, Juniper is set to be acquired by HPE for around $14 billion. All of this signals that Juniper is trying to retain talent and remain attractive as an acquisition target.

Source: Google Finance

If the transaction goes through, it will be second second-highest cyber M&A transaction behind Cisco acquiring Splunk.

🤘 IPO-h Yeah

  • Rubrik, a United States-based data management and data protection platform, priced its IPO at $32/share, raising $752.0M at a $5.6B valuation. (more)

🧩 Funding By Product Category

  • $115.0M for Endpoint Protection across 1 deal

  • $50.0M for Security Orchestration and Automated Response (SOAR) across 1 deal

  • $31.2M for Security Operations across 3 deals

  • $23.0M for Cybersecurity Program Management across 1 deal

  • $22.7M for Secure Networking across 1 deal

  • $20.0M for Email Security across 1 deal

  • $17.4M for Data Security Posture Management (DSPM) across 1 deal

  • $15.0M for Data Protection across 1 deal

  • $15.0M for Brand Protection across 1 deal

  • $3.3M for Security Awareness across 1 deal

  • $2.6M for Threat Intelligence across 1 deal

  • $500.0K for Identity Verification across 1 deal

  • An undisclosed amount for Professional Services across 1 deal

🏢 Funding By Company

🌎 Funding By Country

  • $230.0M for the United States across 11 deals

  • $50.0M for Ireland across 1 deal

  • $17.4M for Canada across 1 deal

  • $15.0M for France across 1 deal

  • $3.3M for the United Kingdom across 1 deal

🤝 Mergers & Acquisitions

  • HashiCorp, a United States-based cloud automation and infrastructure security platform, was acquired by IBM for $6.4B. (more)

  • Darktrace, a United Kingdom-based suite of insider threat, phishing, and cloud security tools, was acquired by Thoma Bravo for $5.3B. (more)

  • Cloudaeris, a United States-based professional services firm focused on technology and cybersecurity advisory services, was acquired by Opkalla for an undisclosed amount. (more)

  • Coveware, a United States-based professional services firm focused on cyber-extortion incident response, was acquired by Veeam Software for an undisclosed amount. (more)

  • Egress Software, a United Kingdom-based email security platform, was acquired by KnowBe4 for an undisclosed amount. (more)

  • Securicon, a United States-based professional services firm focused on securing critical infrastructure, was acquired by Risk Mitigation Consulting (RMC) for an undisclosed amount. (more)

📚 Great Reads

  • Security is a Team Sport - Rami McCarthy talks about how to navigate the security field and how to grow and foster connections in your career that can help you advance.

  • The Rise of Large-Language-Model Optimization - Internet platforms need to recognize that creative human communities are highly valuable resources to cultivate, not merely sources of exploitable raw material for LLMs.

  • *The Frontlines of Data Privacy and Security - Join our webinar on May 2nd, 12 PM ET, with David Epperson (former CISO at CISA, now at H2O.ai) and Ben Winokur (CEO, Subsalt) to discuss the convergence of data privacy and cybersecurity in an AI world.

  • Plan Your Career Around Problems - Daniel Miessler talks about how working in an "industry" is no longer safe without knowing what problems you're solving.

*A message from our sponsor.

🧪 Labs

Remediating some classes of vulnerabilities can really have an outsized impact compared to others 😲 

How was this week's newsletter?

Login or Subscribe to participate in polls.

Data Methodology and Sources

  • All of the data is captured point-in-time from publicly available sources.

  • All financial figures are converted to U.S. dollars (USD) when collected.

  • Company country locations are pulled from publicly available sources.

  • Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.

  • Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.

  • If you spot any errors, let us know, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn or Twitter to never miss Return on Security updates.

Join the conversation

or to participate.