- Return on Security
- Posts
- 💰 Security, Funded #154 - Nobody Beats the Wiz
💰 Security, Funded #154 - Nobody Beats the Wiz
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of July 22, 2024
Mike Privette
July 29, 2024 • Reading Time: 12 minutes
Security, Funded is a weekly deep dive into cybersecurity funding and industry news captured and analyzed by Mike Privette. This week’s issue is presented together with Outpost24 and Tines.
Hey there,
I hope you had a great weekend!
You may not have known it, but last week’s funding news got a bit lost in the sauce 🍝. With all the continued excitement from the CrowdStrike outage and the hype around Wiz and Google parting ways from a $23 billion acquisition (not to mention the masterclass that Wiz has been putting on since day 1), a rager of a week with late-stage funding went mostly unnoticed.
But that’s what I’m here for! 😎
In other news, last week I joined Aspiron Search’s advisory board (hit them up for your next cyber GTM team!), and I’m looking forward to attending Black Hat in the US next week. I’ll be moderating a panel on innovation driving the security market at the inaugural Innovators & Investors Summit, and I hope to run into many of you there!
Onward to this week's issue.
TOGETHER WITH
New AI Domain Discovery Tool within External Attack Surface Management
Know your attack surface and effortlessly identify domains belonging to your organization
With the new AI Domain Discovery feature in Outpost24’s External Attack Surface Management solution, you can now effortlessly identify domains belonging to your organization and significantly improve the speed and accuracy of domain ownership and classification.
Get a free attack surface analysis and discover the simplicity of mapping your expanding attack surface. With EASM you can analyze all your known and unknown internet-facing assets for vulnerabilities and attack paths.
Table of Contents
😎 Vibe Check
Why do you think the Wiz and Google deal fell apart? |
Last issue’s vibe check:
Do you think the CrowdStrike outage will lead to the merging of more security and IT operations teams under one leader?
🟨🟨⬜️⬜️⬜️⬜️ ✅ Yes (14)
🟨🟨🟨🟨⬜️⬜️ 🚫 Nope (22)
🟩🟩🟩🟩🟩🟩 🤷♂️ Ehh, not that simple (33)
69 Votes
Most people who voted last week said things wouldn't be so simple to combine IT operations and security teams following the worst IT outage in history, which just so happened to be caused by a cybersecurity company. I wonder how many of these stories have changed or will change in the coming weeks as we learn more about what led to the outage.
What will be interesting to see is how the street responds to CrowdStrike’s upcoming earnings call, as the company has been trying to move into the IT Operations space for several quarters now. It’s not a good look when you step back. 🤔
Some of the top comments from last week:
“Yes - Platform is the way to go”
“Ehh - This was an item failure rather than security. The change process should have canary / split deployments, especially as this was not an urgent high priority change”
💰 Market Summary
14 companies raised $507.0M across 12 unique product categories in 3 countries
2 companies were acquired or had a merger event across 2 unique product categories
100% of funding went to product-based cybersecurity companies
1 public cyber company had an earnings report
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
There was a big funding rally last week leading up to Black Hat, and I expect this current week to be much the same. You can also see the seasonal uptick in funding announcements from 2023.
Another quieter week on the M&A front, but there was at least one notable transaction.
🤙 Earnings Reports
Here are notable earnings reports from public cybersecurity companies. This section is Powered by Quartr, where I track all the latest earning reports.
Earnings reports this week: Check Point Software
Check Point Software (CHKP)
Check Point reported a strong second quarter, attributing growth to stronger-than-normal interest in network security and subscription revenue. Check Point also announced the appointment of Nadav Zafrir, a co-founder of Team8 venture capital firm, as the new incoming CEO starting in December.
Check Point reported that revenue grew by 7% to $627 million, had three large deals totaled $130 million, and new business bookings grew by double-digits across all regions.
As always, the public cyber company tracker shows all public cybersecurity companies worldwide, along with market data, funding raised, product categories, and more!
🧩 Funding By Product Category
$150.0M for Security and Compliance Automation across 1 deal
$140.0M for Software Supply Chain Security across 1 deal
$60.0M for Cyber Insurance across 1 deal
$58.5M for Application Security Posture Management (ASPM) across 2 deals
$33.0M for Identity Governance & Administration (IGA) across 1 deal
$25.0M for Artificial Intelligence (AI) Security across 2 deals
$13.5M for Secure Networking across 1 deal
$10.0M for Security Awareness across 1 deal
$6.0M for Managed Security Services Provider (MSSP) across 1 deal
$6.0M for Artificial Intelligence (AI) Governance across 1 deal
$5.0M for Threat Detection and Response (TDR) across 1 deal
An undisclosed amount for Threat Intelligence across 1 deal
🏢 Funding By Company
Vanta, a United States-based automated compliance monitoring and security platform, raised a $150.0M Series C from Sequoia Capital. (more)
Chainguard, a United States-based software supply chain company, raised a $140.0M Series C from Redpoint Ventures, Lightspeed Venture Partners, and IVP. (more)
Cowbell Cyber, a United States-based cyber risk insurance company, raised a $60.0M Series C from Zurich Insurance Group. (more)
Dazz, a United States-based application security posture management (ASPM) platform, raised a $50.0M Venture Round from Greylock. (more)
Linx Security, a United States-based identity governance and administration (IGA) platform, raised a $33.0M Series A from [Index Ventures and Cyberstarts. (more)
Lakera AI, a Switzerland-based platform for protecting large language models (LLMs) from prompt injection attacks, raised a $20.0M Series A from Atomico. (more)
Zero Tier, Inc., a United States-based secure edge networking platform, raised a $13.5M Series A from Battery Ventures. (more)
Protexxa, a Canada-based security awareness and employee training platform, raised a $10.0M Series A from Sandpiper Ventures and Bell Canada Enterprises. (more)
Heeler, a United States-based application security posture management (ASPM) platform, raised a $8.5M Seed from Norwest Venture Partners. (more)
Evo Security, a United States-based managed identity and access management platform for MSSPs, raised a $6.0M Series A from TechOperators. (more)
vijil, a United States-based governance and safety platform for AI agents, raised a $6.0M Seed from Mayfield Fund and Gradient Ventures. (more)
Promptfoo, a United States-based open-source platform for identifying and fixing vulnerabilities in AI applications, raised a $5.0M Seed from Andreessen Horowitz. (more)
ZEST Security, a United States-based cloud threat detection and response platform, raised a $5.0M Seed from Hanaco Venture Capital and Silvertech Ventures. (more)
Blackbird.AI, a United States-based cyber threat intelligence platform focused on disinformation, raised an undisclosed Venture Round from Dave DeWalt. (more)
🌎 Funding By Country
$477.0M for the United States across 12 deals
$20.0M for Switzerland across 1 deal
$10.0M for Canada across 1 deal
🤝 Mergers & Acquisitions
Code42, a United States-based insider threat and data loss prevention (DLP) platform, was acquired by Mimecast for an undisclosed amount. (more)
Security Innovation, a United States-based professional services firm focused on application security and penetration testing, was acquired by Bureau Veritas Primary Integration for an undisclosed amount. (more)
📚 Great Reads
Consistently Prepared: Year-round strategies for career growth - Leif Dreizler shares his views on career self-reviews and how to prepare for them, making your work visible via a "hype list," and how to have an effective ladder-based career conversation.
*Embracing workflow automation and AI - a step-by-step guide - Getting started with workflow automation or looking to enhance your existing program? Eoin Hinchy, Tines CEO and former security leader at eBay and DocuSign, shares a practical roadmap with actionable steps.
The Rambo Architecture and Third Party Risk - Jason Chan, the former CISO of Netflix, shares his thoughts on managing business resiliency with third-party vendors in a world where remaining resilient from disruption has become increasingly challenging.
Systemic Concentrated Cyber Risks - Chris Hughes covers the eerily similar parallels of the concentration risk of Microsoft to that of CrowdStrike and how the world is on more fragile IT grounds than we might think.
*A message from our sponsor
🧪 Labs
Almost anything is possible with computers these days
How was this week's newsletter? |
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our system at Return on Security, and we write all the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Reply