- Return on Security
- Posts
- 💰 Security, Funded #141 - M&Ayhem
💰 Security, Funded #141 - M&Ayhem
Insights for the week of April 22, 2024
Mike Privette
April 29, 2024 • Reading Time: 12 minutes
Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Anvilogic and Subsalt.
Hey there,
I hope you had a great weekend!
2024 continues to be a confusing year from a global economic standpoint. On one hand, you’ve got weak economic data with less than stellar inflation and growth numbers:
The latest US GDP growth numbers from Q1 2024 came in at only a 1.6% increase (compared to the 2.4% expected)
US inflation is still ripping, but consumer spending is still up (going against what the US Fed expected)
The US Fed performing its best impression of a waffle 🧇 and may not be planning to decrease interest rates but possibly raise rates again
Investor sentiment regarding AI has never been higher, while at the same time, it is starting to show cracks. The speed of change in the AI industry is really unlike anything else we’ve seen in the tech world, with business materializing and then effectively “going to zero” the next month with the open sourcing of models.
It seems that irrespective of the broader stock market and economic signals, the cyber industry keeps chugging on. Rubrik's IPO last week and some major M&A and funding announcements are great examples of this, as the rest of the issue will show the same.
👋 Also, I’ll be out at BSides SF and RSA next week, so feel free to come over and say hello if you see me around and grab a sticker if you want one!
Onward to this week's issue.
Submit a deal here: [email protected]
TOGETHER WITH
Anvilogic Closes $45M Series C to Enable Security Data Lakes in the SOC
The Industry’s First Multi-Data Platform SIEM
Data is the new oil for security operations, and monolithic SIEMs are expensive to scale, leaving security operations teams grappling with detection gaps and high costs.
Anvilogic decouples security analytics from logging platforms, allowing seamless adoption of scalable and cost-effective data lakes without the need to rip-and-replace your existing SIEM.
Detect, hunt, and investigate threats across the data platforms you choose.
Table of Contents
😎 Vibe Check
Are you going to be at BSides SF and/or RSA next week?If yes, come say hello! |
Last issue’s vibe check:
Do you think we have seen the bottom of down rounds, valuations, and cheap M&A in cyber yet?
🟨⬜️⬜️⬜️⬜️⬜️ 😤 Yes (9)
🟨🟨🟨⬜️⬜️⬜️ 🤔 Not sure (13)
🟩🟩🟩🟩🟩🟩 😫 Nope (27)
49 Votes
On the M&A side, it's still a buyer’s market, and the industry's heavyweights are well-positioned to take advantage. Overall, there continue to be more distressed deals or "fire sales" than anything else. This is a continued hangover from the ZIRP era.
Some of the top comments last week were:
The rest of 2024 and early 2025 will be a frenzy of acquisitions and pivots.
"Cheap" is a pejorative term that most M&A teams avoid using. ;-)
💰 Market Summary
15 companies raised $315.6M across 13 unique product categories in 4 countries
6 companies were acquired or had a merger event for $11.7B across 4 unique product categories
93% of funding went to product-based cybersecurity companies
2 public cyber companies had an earnings report
1 cyber company went IPO
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
Another big for cyber funding, and I suspect there will be a few more significant funding rounds announced before the month is officially up.
Another record-breaking week for M&A activity, with totals for April (so far) reaching $11.9B. This is currently the second-highest month in 2024, coming in slightly under the $14.4B in M&A from January.
🤙 Earnings Reports
Here are notable earnings reports from public cybersecurity companies. This section is Powered by Quartr, where I track all the latest earning reports.
See the public cyber company tracker, which shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more.
Earnings reports this week: Check Point Software and Juniper Networks
Check Point Software (CHKP)
Check Point beat its earnings and revenue guides in its latest earning call, but the stock has been down ~5% ever since.
Revenue grew by 6% to $599 million, and net income rose by 8% year-over-year to $235 million.
Subscription revenues increased by 15% to $263 million, and operating income grew by 6% to $252 million.
Check Point also announced a strategic partnership with NVIDIA for AI infrastructure firewalls and threat protection.
Check Point also didn’t miss the chance to dunk ⛹️ on its competitors, who keep having critical product vulnerabilities, citing that it has not had any of the same challenges 👀 (it’s never good to throw stones in the cyber world, IMO).
Juniper Networks (JNPR)
Juniper Networks opted not to have an earnings call, but it did release a report, so that’s what we’ll look at. Here are some of the key numbers:
Juniper reported a small net loss of $0.8 million this quarter, a big shift from the net profit of $85.4 million a year ago.
Cash from operating activities rose to $325 million from $191.5 million.
Share-based compensation expenses increased to $79.9 million from $60.9 million.
The income numbers don’t look great, but the operational numbers do. This would make sense because, as you may remember from issue #126 back in January, Juniper is set to be acquired by HPE for around $14 billion. All of this signals that Juniper is trying to retain talent and remain attractive as an acquisition target.
Source: Google Finance
If the transaction goes through, it will be second second-highest cyber M&A transaction behind Cisco acquiring Splunk.
🤘 IPO-h Yeah
🧩 Funding By Product Category
$115.0M for Endpoint Protection across 1 deal
$50.0M for Security Orchestration and Automated Response (SOAR) across 1 deal
$31.2M for Security Operations across 3 deals
$23.0M for Cybersecurity Program Management across 1 deal
$22.7M for Secure Networking across 1 deal
$20.0M for Email Security across 1 deal
$17.4M for Data Security Posture Management (DSPM) across 1 deal
$15.0M for Data Protection across 1 deal
$15.0M for Brand Protection across 1 deal
$3.3M for Security Awareness across 1 deal
$2.6M for Threat Intelligence across 1 deal
$500.0K for Identity Verification across 1 deal
An undisclosed amount for Professional Services across 1 deal
🏢 Funding By Company
ThreatLocker, a United States-based endpoint protection platform, raised a $115.0M Series D from Unknown, General Atlantic. (more)
Tines, an Ireland-based low-code security orchestration and automated response (SOAR) platform, raised a $50.0M Series B from Accel and Felicis. (more)
Nagomi Security, a United States-based cybersecurity technology and program measurement and ROI platform, raised a $23.0M Series A from TCV. (more)
Zscaler, a United States-based suite of secure networking tools, raised a $22.7M post-IPO equity round.
Sublime Security, a United States-based email security platform, raised a $20.0M Series A from Index Ventures. (more)
Qohash, a Canada-based data security posture management (DSPM) platform, raised a $17.4M Series B from Fonds de solidarité FTQ. (more)
Dropzone AI, a United States-based AI-agent-enabled security operations monitoring platform, raised a $16.9M Series A from Theory Ventures. (more)
BforeAI, a France-based brand protection and threat intelligence platform, raised a $15.0M Series A from SYN Ventures. (more)
Turnkey, a United States-based API platform for managing private keys in smart contract and cryptocurrency deployments, raised a $15.0M Series A from Galaxy Interactive and Lightspeed Faction. (more)
Prophet Security, a United States-based AI-assisted security operations platform, raised a $11.0M Seed from Bain Capital Ventures. (more)
Amplifier Security, a United States-based AI copilot-assisted security operations platform, raised a $3.3M Pre-Seed from Cota Capital. (more)
BoxPhish, a United Kingdom-based phishing simulation and security awareness training platform, raised a $3.3M Venture Round from the Business Growth Fund. (more)
Intrusion, a United States-based cyber threat intelligence platform, raised a $2.6M post-IPO equity round. (more)
TLA Innovation, a United States-based identity authentication and verification platform, raised a $500.0K Grant from NJEDA. (more)
IANS, a United States-based professional services firm focused on cybersecurity industry research and education, raised an undisclosed Venture Round from Apax Digital. (more)
🌎 Funding By Country
$230.0M for the United States across 11 deals
$50.0M for Ireland across 1 deal
$17.4M for Canada across 1 deal
$15.0M for France across 1 deal
$3.3M for the United Kingdom across 1 deal
🤝 Mergers & Acquisitions
HashiCorp, a United States-based cloud automation and infrastructure security platform, was acquired by IBM for $6.4B. (more)
Darktrace, a United Kingdom-based suite of insider threat, phishing, and cloud security tools, was acquired by Thoma Bravo for $5.3B. (more)
Cloudaeris, a United States-based professional services firm focused on technology and cybersecurity advisory services, was acquired by Opkalla for an undisclosed amount. (more)
Coveware, a United States-based professional services firm focused on cyber-extortion incident response, was acquired by Veeam Software for an undisclosed amount. (more)
Egress Software, a United Kingdom-based email security platform, was acquired by KnowBe4 for an undisclosed amount. (more)
Securicon, a United States-based professional services firm focused on securing critical infrastructure, was acquired by Risk Mitigation Consulting (RMC) for an undisclosed amount. (more)
📚 Great Reads
Security is a Team Sport - Rami McCarthy talks about how to navigate the security field and how to grow and foster connections in your career that can help you advance.
The Rise of Large-Language-Model Optimization - Internet platforms need to recognize that creative human communities are highly valuable resources to cultivate, not merely sources of exploitable raw material for LLMs.
*The Frontlines of Data Privacy and Security - Join our webinar on May 2nd, 12 PM ET, with David Epperson (former CISO at CISA, now at H2O.ai) and Ben Winokur (CEO, Subsalt) to discuss the convergence of data privacy and cybersecurity in an AI world.
Plan Your Career Around Problems - Daniel Miessler talks about how working in an "industry" is no longer safe without knowing what problems you're solving.
*A message from our sponsor.
🧪 Labs
Remediating some classes of vulnerabilities can really have an outsized impact compared to others 😲
Thank goodness that we finally retired IE!
— Bojan Tunguz (@tunguz)
Mar 19, 2024
How was this week's newsletter? |
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
If you spot any errors, let us know, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Join the conversation