- Return on Security
- Posts
- 💰 Security, Funded #161 - A is for Series Awesome
💰 Security, Funded #161 - A is for Series Awesome
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of September 9, 2024.
Mike Privette
September 16, 2024 • Reading Time: 11 minutes
Security, Funded is a weekly deep dive into the financial transactions, industry news, and economic activity from the cybersecurity market. This week’s issue is presented together with Nudge Security and Material Security.
Hey there,
I hope you had a great weekend!
There were some colder temperatures here in the UK last week, but that might have just been US inflation data cooling off a bit. The August US Consumer Price Index (CPI) report showed the 12-month inflation rate at 2.5%, down from July and the lowest since February 2021.
That’s an important figure because we now wait to see if the US Federal Reserve will lower interest rates next week and, if so, by how much. Lower interest rates are better for the industry because borrowing, lending, funding startups, and hiring talent are cheaper for all parties involved.
Onward to this week's issue.
TOGETHER WITH
Are genAI tools integrated with your other apps?
Find out in minutes with Nudge Security
Nudge Security discovers all genAI accounts ever created by anyone in your org, as well as the OAuth grants that enable data-sharing across apps. With Nudge Security, you can:
Discover all genAI tools ever used in your org
See all users, authentication methods, and OAuth grants
Surface and revoke risky OAuth grants
Get alerted of new genAI tools or integrations
Vet unfamiliar tools with security profiles for each provider
Get your free genAI inventory in minutes.
Table of Contents
😎 Vibe Check
If money wasn't an issue, what is the first thing you would prioritize spending on for your security program?Bonus points if you tell me why! |
Last issue’s vibe check:
What's your biggest threat or risk you are focusing on now for your organization?
🟨🟨🟨🟨⬜️⬜️ ☣️ Ransomware defense (10)
🟨🟨🟨⬜️⬜️⬜️ ⛈️ Cloud security and guardrails (7)
🟨🟨⬜️⬜️⬜️⬜️ 🛠️ SaaS and AI tool sprawl (5)
🟨⬜️⬜️⬜️⬜️⬜️ 📀 Data loss prevention (4)
🟩🟩🟩🟩🟩🟩 🫣 Application security (14)
🟨🟨⬜️⬜️⬜️⬜️ 3️⃣ Third-party or supplier risk (5)
⬜️⬜️⬜️⬜️⬜️⬜️ 🔮 Other (tell me) (2)
47 Votes
There was a pretty distributed response to last week’s poll, but most people are currently focused on Application Security and Ransomware defense. Cloud security also made a notable appearance.
Some of the top comments from last week:
“Other - All of them.”
💰 Market Summary
12 companies raised $168.0M across 10 unique product categories in 3 countries
5 companies were acquired or had a merger event for $2.7B across 5 unique product categories
93% of funding went to product-based cybersecurity companies
1 public cyber company had an earnings report
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
A healthy dose of Series A and earlier stage rounds last week signaling that we are on the way back, baby!
Not to be outdone by funding, there was some high-quality action on the M&A front last week as well. Interestingly enough, however, with only a few weeks left in Q3, overall transaction volume is down roughly 42% compared to Q3 2023.
🤙 Earnings Reports
Cyber Market Movers
As of market close September 13, 2024
Earnings reports from last week: Rubrik
Rubrik (RBRK)
This was Rubrik’s very first earnings call after going IPO earlier this year, and by all accounts, it was seen as a successful transition from private to public.
Rubrik focused the conversation on the company's transition from being “just a backup and recovery company” to offering a full data security suite.
Rubrik said it hit $900 million in ARR and plans to hit $1 billion by the end of the year, and analysts expressed positive sentiment towards Rubrik’s positioning overall.
Macro Context:
Public markets are pricing in a positive signal for the coming week when the US Federal Reserve plans to announce just how deep its interest rate cut will be and possibly signal what future cuts might look like.
Fortinet’s stock barely saw a blip on the radar even after it confirmed a data breach involving customer data. Markets don’t care about security breaches 🤷♂️
Palo Alto has now completely recovered the ground it lost after the controversial decision to focus on “platform” over “best of breed,” a move that made many investors and analysts alike act a fool. 🙄
Earning reports to watch this coming week:
None
🧩 Funding By Product Category
$55.0M for Threat Intelligence across 1 deal
$25.0M for Identity and Access Management (IAM) across 1 deal
$24.6M for Application Security across 2 deals
$17.2M for Continuous Threat Exposure Management (CTEM) across 2 deals
$15.0M for Secure Remote Access across 1 deal
$11.0M for Managed Security Services Provider (MSSP) across 1 deal
$10.0M for Cloud Native Application Protection Platform (CNAPP) across 1 deal
$5.0M for Security Analytics across 1 deal
$3.2M for Cyber Insurance across 1 deal
$2.0M for Artificial Intelligence (AI) Security across 1 deal
🏢 Funding By Company
Strider Technologies, a United States-based cyber threat intelligence platform, raised a $55.0M Series C from Pelion Venture Partners and AXA Venture Partners. (more)
Aembit, a United States-based identity and access workload management platform, raised a $25.0M Series A from Acrew Capital. (more)
Darkhive, a United States-based secure software development platform for Uncrewed Aircraft Systems (UAS) like drones, raised a $21.0M Series A from Ten Eleven Ventures. (more)
P0 Security, a United States-based secure remote cloud access platform, raised a $15.0M Series A from SYN Ventures. (more)
Patrowl, a France-based continuous threat exposure management (CTEM) platform, raised a $12.2M Series A from Crédit Mutuel Innovation, SWEN Capital Partners, and Bpifrance. (more)
Metabase Q, a United States-based managed security services provider (MSSP), raised an $11.0M Series A from SYN Ventures. (more)
Operant, a United States-based runtime application security platform, raised a $10.0M Series A from SineWave Ventures and Felicis. (more)
Element Security, an Israel-based continuous threat exposure management (CTEM) platform, raised a $5.0M Seed from q fund. (more)
Realm.Security, a United States-based security and cloud data aggregation and analytics platform, raised a $5.0M Seed from Accomplice and Glasswing Ventures. (more)
Arcjet, a United States-based runtime application security as code platform, raised a $3.6M Seed from Andreessen Horowitz. (more)
FifthWall Solutions, a United States-based cyber risk insurance company, raised a $3.2M Seed. (more)
SplxAI, a United States-based security platform for AI chatbot applications, raised a $2.0M Pre-Seed from Inovo.vc. (more)
🌎 Funding By Country
$150.8M for the United States across 10 deals
$12.2M for France across 1 deal
$5.0M for Israel across 1 deal
🤝 Mergers & Acquisitions
Recorded Future, a United States-based cyber threat intelligence platform, was acquired by Mastercard for $2.7B. (more) (this marks the third cyber acquisition from Mastercard!)
Axcient, a United States-based data protection and business continuity service, was acquired by ConnectWise for an undisclosed amount. (more)
Difenda, a Canada-based managed security services provider (MSSP) focused on the Microsoft Security product suite, was acquired by Quorum Cyber for an undisclosed amount. (more)
PureID, a United States-based passwordless authentication platform, was acquired by ColorTokens for an undisclosed amount. (more)
White Rook Cyber, a Australia-based professional services firm focused on penetration testing and cybersecurity assessments, was acquired by Screwloose IT for an undisclosed amount. (more)
📚 Great Reads
Redefining CNAPP: A Complete Guide To the Future of Cloud Security - From my friends Francis Odum and James Berthoty, this report provides a holistic view of cloud security's evolution, focusing on CNAPP, market trends, vendor analysis, and future cloud security frameworks.
*Automate file detection and response for Google Drive - Take a deeper look at Material's latest features for Google Drive Data Protection.
FinOps 🤝 Security - A post by my friend Rami McCarthy about aligning financial operations (FinOps) with security to enhance cost efficiency and security in cloud environments.
Security has too many tools - Frank Wang talks about how the industry focuses on tools first and solutions second, and how that should be the other way around.
*A message from our sponsor
🧪 Labs
My how the turn tables.
Another flaw found in Sonicwall SSL-VPN.
No one should be running an SSL VPN in 2024, there are better solutions and the "Enterprise" companies are not going to refactor that old code.
thehackernews.com/2024/09/sonicw…— Tom🌶\(^-^)/🌶 infosec.exchange/@tomlawrence (@TomLawrenceTech)
10:46 AM • Sep 8, 2024
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our system at Return on Security, and we write all the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Reply