💰 Security, Funded #153 - You've Been CrowdStruck

Hey there,

I hope you had a great weekend!

If you were among the many unfortunate people who had to respond to the biggest global IT outage due to the CrowdStrike bug, my heart and support go out to you. Banks, transit systems, TV stations, and hospitals around the world were disrupted, showing our fragile global IT existence.

This is what everyone predicted would happen with Y2K when computer clocks around the world rolled over from the year 1999 to the year 2000, but it was a total non-event. The event last week, however, was larger than anyone could have predicted and created a perfect storm for businesses around the world. It wouldn’t surprise me if the collective revenue lost by businesses around the world was in the billions for that day.

CrowdStrike’s stock took an ~18% haircut on Friday. This comes on the heels of the great tech sector drawdown we’ve seen over the past few weeks (and the worst one this year), which this global outage only exacerbated. It’s not a good look for anyone right now, and will be interesting to see how the earnings calls for other public cyber companies go over the next few weeks (and I’ll be capturing it all here).

While the recovery may only last a few grueling days, the bigger issue is that conversations about arguments about what to do next will last for months. This kind of outage will also, unfortunately, dock the internal political capital of security teams, something that is not always at a surplus in many organizations.

While there have been good and bad takes on social media, this outage and the response from CrowdStrike really got me thinking about what can we learn about B2B Sales. 🤔 

Onward to this week's issue.

😎 Vibe Check

Last issue’s vibe check:
Do you think the potential acquisition of Wiz by Google will let Google compete against Microsoft Security?
🟩🟩🟩🟩🟩🟩 ✅ Yes (32)
🟨🟨🟨⬜️⬜️⬜️ 🙅‍♀️ Nope (20)
🟨🟨🟨⬜️⬜️⬜️ 🤷‍♂️ Different buyers (20)
72 Votes

55% of the people who voted in last week’s vibe check poll thought that the Google acquisition of Wiz would either not let Google compete against Microsoft Security or that they were still targeting different buyers. I’m personally in the “Different Buyers” camp on this one.

Some of the top comments from last week:

“Different buyers: Dinosaurs will remain Microsoft shops; new cool businesses will stay Google. Until they get bought by dinosaurs.”

“Nope: Microsoft security revenue comes from the fact that they own the underlying service/infrastructure and sell the security as a fully integrated add-on. In order to compete with MS in enterprise security, Google must first make more inroads as a cloud provider and productivity platforms in those same customers, something it hasn't managed to pull off with GCP or Google Workspace.”

“Yes: MSFT and PANW and Cisco. Before this they had a marginal SIEM- now they have the best CDR solution in the market.”

💰 Market Summary

📸 YoY Snapshot

Small, but mighty is the theme of this week’s funding. While there were fewer transactions this week than normal, there were two huge, late-stage funding rounds that led the charge. This week’s funding is up 71% from this time last year.

A very quiet week on the M&A front, with only one transaction. Q3 2024 M&A is off to a much slower start than the previous quarters, but if the Wiz deal goes through, it won’t really matter.

🤙 Earnings Reports

🧩 Funding By Product Category

• $100.0M for Mobile Device Management (MDM) across 1 deal

• $100.0M for Fraud and Financial Crime Protection across 1 deal

• $20.0M for Application Security Testing (AST) across 1 deal

• $10.0M for Security Awareness across 1 deal

• $5.1M for Managed Security Services Provider (MSSP) across 1 deal

• An undisclosed amount for Software Supply Chain Security across 1 deal

🏢 Funding By Company

• Kandji, a United States-based Apple mobile device management (MDM) and security platform, raised a $100.0M Series D from General Catalyst. (more)

• Pindrop, a United States-based voice authentication and biometric platform to prevent fraudulent and deepfake voices, raised a $100.0M Debt Financing from Hercules Capital. (more) 👈️ What’s old is new again, thanks to AI

• XBOW, a United States-based autonomous application security testing platform, raised a $20.0M Venture Round. (more)

• CultureAI, a United Kingdom-based security awareness and training platform, raised a $10.0M Series A from Mercia Ventures and Smedvig Ventures. (more)

• Metabase Q, a United States-based managed security services provider (MSSP), raised a $5.1M Venture Round. (more)

• Endor Labs, a United States-based software supply chain security platform, raised an undisclosed Venture Round from Citi Ventures. (more)

🌎 Funding By Country

• $225.1M for the United States across 5 deals

• $10.0M for the United Kingdom across 1 deal

🤝 Mergers & Acquisitions

• Emagined Security, a United States-based professional services firm focused on incident response and penetration testing, was acquired by Neovera for an undisclosed amount. (more)

📚 Great Reads

• Palo Alto isn’t going to buy everyone: the anatomy of cybersecurity startup exits - Ross Haleliuk and Mike Privette discuss the complexities of cybersecurity startup exits, debunk myths, and highlight the challenges in obtaining reliable M&A data.

• *5 myths about workflow automation, debunked - Concerned that automation will replace team members or lead to rash decisions during remediation? Tines CEO and former security leader at eBay and DocuSign Eoin Hinchy dispels some common misconceptions.

• 8K and 10K Tracker - An automated tracker for SEC form 8K and 10K filings when companies have to report security breaches.

• The AI Summer - While GenAI has received a huge amount of interest since ChatGPT was introduced to the world, the business use cases beyond chat agents have been very limited. AI is not out of the Product Market Fit (PMF) woods just yet.

_{*A message from our sponsor}

🧪 Labs

This year’s album just hits different