- Return on Security
- Posts
- π° Security, Funded #145 - The Economic Shifts Heard Round the World
π° Security, Funded #145 - The Economic Shifts Heard Round the World
Insights for the week of May 20, 2024
Mike Privette
May 28, 2024 β’ Reading Time: 11 minutes
Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This weekβs issue is presented together with Tenchi Security.
Hey there,
I hope you had a great week last week and a long weekend if you live in the US or the UK.
The economic vibe around the world is continuing to shift up and down. The US is still hinting at rate cuts, but maybe now, not until 2025. The UK officially βexitedβ its current recession with 0.6% GDP growth, and inflation dropped 2.4% in the European Union area.
Youβre starting to see this play out in the public markets in the middle of Q2 earnings season, where revenue growth outside of the US is climbing at a higher clip than inside the US (more below). This waving up and down pattern is familiar as we climb out of the knock-on effects of monetary policies and the past several years. I even did a podcast episode that walks through this and its impact on the cybersecurity world in the Great Reads section.
Onward to this week's issue.
Submit a deal here: [email protected]
Table of Contents
π Vibe Check
What do you see as the biggest economic challenge for your company's security program over the next 12 months? |
Last issueβs vibe check:
Which sector inside of cybersecurity is ripe for the next set of M&A roll-ups and take-privates?
π¨π¨π¨π¨π¨β¬οΈ π§πΎβπ» Application Security (14)
π¨π¨π¨π¨β¬οΈβ¬οΈ βοΈ Cloud Security (11)
π¨π¨π¨π¨π¨β¬οΈ πΎ Data Security (15)
π¨β¬οΈβ¬οΈβ¬οΈβ¬οΈβ¬οΈ π» Endpoint Protection (3)
π©π©π©π©π©π© π IAM (16)
59 Votes
The βI(AM)βsβ have it! Last week, most people thought the IAM space was the next M&A target, and then CyberArk went and acquired Venafi to bring machine identities into the fold (details below). Data Security and Application Security were very close seconds and thirds, which means a lot of people expect a lot of consolidation.
π° Market Summary
14 companies raised $290.9M across 12 unique product categories in 4 countries
6 companies were acquired or had a merger event for $4.5B across 5 unique product categories
100% of funding went to product-based cybersecurity companies
One public cyber company had an earnings report
πΈ YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
The industry is back on the grind after a quiet week. With over a month left in the quarter, Q2 2024 funding has reached $3.1B and has surpassed both Q1 2024 and Q2 2023 funding totals.
M&A activity continues the consistent trend of transactions on par with last year but with bigger and higher price tags. Q2 2024 M&As are 16% below this same time last year.
π€ Earnings Reports
Here are notable earnings reports from public cybersecurity companies. This section is Powered by Quartr, where I track all the latest earning reports.
See the public cyber company tracker, which shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more.
Earnings reports this week: Palo Alto Networks
Palo Alto Networks (PANW)
Palo Alto was met with mixed results yet again, even after delivering strong quarterly results. The mixed results came because Palo Alto did not raise its forward-looking guidance for the rest of the year but did cite a stronger-than-expected sales pipeline. A few other financial facts:
Revenue was up 15% year-over-year
Operating income was up 25% year-over-year
Revenue in EMEA jumped 20% and in the Americas by 15%
Fiscal year revenue guidance increased 16%
Even though ARR for customers on the full platform (platformization) rose from $2 million to $14 million, analysts expected this to be higher (which I think is premature - let Nikesh cook! π§βπ³)
The struggle to sell the platformization messaging to analysts is real. You can tell Palo Alto is feeling frustrated when Nikesh starts laughing at an analyst's question.
Fun fact: Customers are not the street, and the street is often not the customer. Itβs the same way that people say the stock market is not the economy. However, it is a leading indicator and all about perception in the public equities world, flawed as it may be.
𧩠Funding By Product Category
$143.7M for Application Security across 2 deals
$35.0M for Identity Governance & Administration (IGA) across 1 deal
$27.5M for Artificial Intelligence (AI) Governance across 1 deal
$25.2M for Attack Surface Management (ASM) across 1 deal
$17.0M for Artificial Intelligence (AI) Security across 1 deal
$14.0M for Fraud and Financial Crime Protection across 1 deal
$9.7M for Software Supply Chain Security across 1 deal
$8.0M for Data Access Governance across 2 deals
$8.0M for Cloud Native Application Protection Platform (CNAPP) across 1 deal
$1.7M for Internet of Things (IoT) Security across 1 deal
$1.1M for Data Privacy across 1 deal
An undisclosed amount for Security Analytics across 1 deal
π’ Funding By Company
Chaitin Tech, a China-based web application security platform, raised a $140.6M Venture Round from Legend Capital and Shanghai International Asset Management. (more)
Lumos, a United States-based identity and access management (IAM) and identity governance platform, raised a $35.0M Series B from Scale Venture Partners. (more)
WitnessAI, a United States-based AI governance and safety platform, raised a $27.5M Series A from Ballistic Ventures and Google Ventures. (more)
SOCRadar, a United States-based attack surface management (ASM) platform, raised a $25.2M Series B from PeakSpan Capital. (more)
Patronus AI, a United States-based platform focused on automated adversarial testing and risk assessment of Large Language Models (LLMs), raised a $17.0M Series A from Notable Capital. (more)
Bolster AI, a United States-based anti-fraud and anti-counterfeit platform, raised a $14.0M Series B from M12 - Microsoft's Venture Fund. (more)
RunSafe Security, a United States-based software supply chain security platform, raised a $9.7M Venture Round. (more)
ActiveNav, a United States-based data access discovery and governance platform, raised a $8.0M Venture Round from Gresham House Ventures. (more)
Averlon, a United States-based cloud-native application protection platform (CNAPP), raised an $8.0M Seed from Voyager Capital. (more)
HoundDog.ai, a United States-based static code analysis platform focusing on sensitive data risks in code, raised a $3.1M Seed from E14and Mozilla. (more)
qomodo, a United Kingdom-based Internet of Things (IoT) security platform, raised a $1.7M Pre-Seed from Expeditions Fund. (more)
Metatate, a United States-based data privacy platform helping translate privacy regulations into data protection requirements, raised a $1.1M Seed. (more)
Anvilogic, a United States-based security operations and analytics platform, raised an undisclosed Venture Round from Snowflake Ventures. (more)
Velotix, an Israel-based data access governance platform, raised an undisclosed Seed from Barclays and Capri Ventures. (more)
π Funding By Country
$148.7M for the United States across 11 deals
$140.6M for China across 1 deal
$1.7M for the United Kingdom across 1 deal
An undisclosed amount for Israel across 1 deal
π€ Mergers & Acquisitions
AuditBoard, a United States-based audit, risk, and compliance monitoring and automation platform, was acquired by Hg for $3.0B. (more)
Venafi, a United States-based certificate and secrets management platform, was acquired by CyberArk Software for $1.5B. (more)
Aspisec, an Italy-based professional services firm focused on offensive security, was acquired by Abissi for an undisclosed amount.
Informer, a United Kingdom-based external attack surface management (ASM) platform, was acquired by Bugcrowd for an undisclosed amount. (more)
Netsurion, a United States-based managed detection and response (MDR), was acquired by Lumifi Cyber for an undisclosed amount. (more)
Pillr, a United States-based managed detection and response (MDR) platform, was acquired by OpenText for an undisclosed amount. (more)
π Great Reads
CyberBytes: RSA 2024 Edition - The CyberBytes podcast interviewed Shan Kulkarni, co-founder and CEO of Nullify, about the goal of building AI Agents to augment security teams and help them reach AppSec maturity faster with less.
*Alice in Supply Chains Newsletter - Issue #21 - Get the inside scoop on the Cyber Safety Review Board's Microsoft cloud breach report, the surprising Sisense breach, and the latest on third-party breaches, including the UnitedHealth Group ransomware attack.
The Future of Cybersecurity: Economic Impacts and AI Security - Daniel Miessler invited me to his podcast to discuss the lingering economic impacts of COVID-19, AI in application security, and trends in cybersecurity startups and investments.
AI and Problems of Scale - Generative AI means things that were always possible at a small scale now become practical to automate at a massive scale, and sometimes a change in scale is a change in principle.
*A message from our sponsor
π§ͺ Labs
What stopping you from unlocking the true potential of your cyber program? π€
If we add five different AI security vendors to our program, we'll have 100% protection from threats
β Mike Privette (@mikepsecuritee)
5:00 PM β’ May 14, 2024
How was this week's newsletter? |
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our own system at Return on Security, and we write all of the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and weβll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the βWhyβ here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Reply