💰 Security, Funded #144 - The Sound of Silence

Hey there,

I hope you had a great week last week and a great weekend.

It was an especially quiet time on the funding front last week, so I made up a little diddy that encapsulated everything that happened to the tune of Sound of Silence by Simon & Garfunkel:

🎵Hello, darkness, my old friend
It’s quiet after RSA again
A vision of AI creeping into my SIEM
Consolidating while I was sleeping
And the gains from private equity
Still elude my company
Within the sound of [funding] silence 🎵 

In positive economic news, US inflation eased slightly, and the public stock markets (and meme stocks) have been on a tear. If the trend continues, this positive sign can lead to “good economic vibes” around the world and more investments and growth across all sectors. That’s good for everyone.

In other news, I started a YouTube channel last week! My first video is a walkthrough of my April 2024 cybersecurity report (see below). I’d be honored if you “like and subscribe,” as the kids say these days. If you have any feedback or other ideas on what else you might like to see there, just reply to the newsletter and let me know.

Onward to this week's issue.

😎 Vibe Check

Last issue’s vibe check:
If you went to RSA, how well do you feel like you understand "AI Security" and "Security for AI" as a whole now?
🟨⬜️⬜️⬜️⬜️⬜️ 😵‍💫 Still unsure (3)
🟨🟨🟨⬜️⬜️⬜️ 🥲 Slightly worse (6)
🟩🟩🟩🟩🟩🟩 🥹 Slightly better (12)
🟨🟨⬜️⬜️⬜️⬜️ 😎 Dialed in (5)
26 Votes

It looks like all those conversations about AI and Security at RSA helped people, at least somewhat. While I think we still can’t have the best grasp on what it will take to secure AI just due to the simple nature that it keeps evolving so quickly, I think it’s great to see so many people in the cybersecurity community trying to get their heads around it.

At the same time, I think it’s discouraging to see so much AI regulation. How can we rush to regulate something we can’t yet define? I think we should monitor up-and-coming risks and manage (i.e., regulation in some cases) existing risks.

The top comment from the week:

“Lots of snakeoil vendors on the exhibit hall floor but there were some good talks around ensuring the correct usage of both AI Security and Security for AI. Outside of this bubble, there are A LOT of organisations who just don't get it unfortunately...”

💰 Market Summary

📸 YoY Snapshot

An unusually low volume and transaction amount week, even with baking in the RSA Conference effect (where everyone announced rounds the 2-3 weeks prior). This is the lowest funding total for a given week of 2024, and the last time we saw a total lower than this was the final week of 2023. I think this is purely just a timing thing and nothing else.

Same story, different data on the M&A front. However, this week, as with much of 2024 so far, the transactions that have come through have been nothing short of headline-grabbing. This week’s SIEM Shuffle™️ was one for the books, and the late-stage acquisitions will only continue.

🤙 Earnings Reports

🧩 Funding By Product Category

• $11.0M for Security Operations across 1 deal

• $5.4M for Managed Security Services Provider (MSSP) across 1 deal

• $1.7M for Internet Security across 1 deal

• $503.6K for Threat Intelligence across 1 deal

• An undisclosed amount for Personal Cybersecurity across 1 deal

🏢 Funding By Company

• Hypernative, an Israel-based security operations platform for Web3 transactions and applications, raised an $11.0M Venture Round.

• Bridge Core, a United States-based managed security services provider (MSSP) focused on the federal space, raised a $5.4M Venture Round. (more)

• c/side, a United States-based client-side security platform for monitoring and securing third-party website scripts, raised a $1.7M Seed from Scribble Ventures. (more)

• Tego Cyber, a United States-based cyber threat intelligence platform, raised a $500.0K post-IPO equity round. (more)

• Truyu, an Australia-based personal cybersecurity company that monitors and alerts customers of misuse of their personal data online, raised an undisclosed Pre-Seed from x15ventures. (more)

🌎 Funding By Country

• $11.0M for Israel across 1 deal

• $7.6M for United States across 3 deals

• An undisclosed amount for Australia across 1 deal

🤝 Mergers & Acquisitions

• IBM QRadar, a United States-based security information and event management (SIEM) platform, was acquired by Palo Alto Networks for an undisclosed amount. (more)

• LogRhythm, a United States-based security information and event management (SIEM) platform, was acquired by Exabeam for an undisclosed amount. (more)

• rThreat, a United States-based continuous threat exposure management (CTEM) platform, was acquired by Reveald for an undisclosed amount. (more)

📚 Great Reads

• Cybersecurity Market Update: April 2024 - Check out April 2024's cybersecurity market trends, cybersecurity investments, major acquisitions, and global insights.

• *CI/CD Pipeline Security Best Practices - Want to bolster your CI/CD pipeline? This new cheat sheet covers best practices with actionable items in Infrastructure security, code security, secrets management, access and authentication, and monitoring and response.

• The dark side of the moon: demystifying cybersecurity business management for CISOs and security practitioners - Zooming in on the business side of doing security, what it means, why we as an industry have not been great at understanding the business, and what we ought to be doing to move our field forward.

• assumptions_made - Joseph Thacker discusses how standardizing and explicitly listing AI assumptions can significantly enhance communication, accuracy, and adaptability in multi-agent systems.

_{*A message from our sponsor}

🧪 Labs

Hecked up if true smh