- Return on Security
- Posts
- 💰 Security, Funded #167 - Securing the Bag
💰 Security, Funded #167 - Securing the Bag
Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of October 21, 2024
Mike Privette
October 28, 2024 • Reading Time: 11 minutes
Security, Funded is a weekly deep dive into the financial transactions, industry news, and economic activity in the cybersecurity market. This week’s issue is presented together with ThreatLocker.
Hey there,
Hope you had a great weekend!
There were strong economic signals coming out of the US last week, and the International Monetary Fund (IMF) cited how the US economy is ahead of all other developed nations in terms of recovery and growth expectations.
Considering the US is where ~80% of the world’s cybersecurity funding and innovation happens, this is a good thing for our industry, and the activity in this issue shows the industry also has strong growth. 💪
I also took some time recently to update the About Return on Security page. Let me know what you think!
Onward to this week's issue.
Table of Contents
😎 Vibe Check
How much of a third-party security questionnaire should be offloaded to AI? |
Last issue’s vibe check:
Let's take the inverse of 💰 Security, Funded #165 - Garbage In, Garbage Out. In your experience, what's the easiest part about running a cyber program?
🟩🟩🟩🟩🟩🟩 🤠 Tool and data wrangling (14)
🟨⬜️⬜️⬜️⬜️⬜️ 🗣️ Stakeholder communication (4)
🟨⬜️⬜️⬜️⬜️⬜️ 👀 Creating a supported vision (3)
⬜️⬜️⬜️⬜️⬜️⬜️ 👯♀️ Talent recruiting/management (1)
🟨🟨🟨🟨⬜️⬜️ 👹 The threats themselves (10)
⬜️⬜️⬜️⬜️⬜️⬜️ 🔮 Other (tell me) (2)
34 Votes
Apparently, the “tools and data” are the easiest parts of the job when it comes to running a cyber program, with a close second to the threats themselves. The tool and data piece makes a lot of sense based on the votes from issue 165, but the threats part is surprising. 🤔 I smell trolls and couldn’t be more proud 🧌 👏 .
Some of the top comments from last week:
Threats - “Strangely enough, this is actually the easiest of the options because it has the least amount of internal politics.”
Other - “Is this a trick question?” (lol)
💰 Market Summary
15 companies raised $271.9M across 14 unique product categories in 6 countries
6 companies were acquired or had a merger event across 4 unique product categories
87% of funding went to product-based cybersecurity companies
No public cyber company had an earnings report
📸 YoY Snapshot
This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.
It’s always interesting to me to see the trends in this industry repeat themselves year after year. It appears this is a seasonal time of year when big funds are raised and transactions are announced.
This week of M&A activity is stronger than the average compared to this time last year, with some higher-profile deals still happening. It’s been a year of established incumbents buying other established incumbents.
☎️ Earnings Reports
Cyber Market Movers
As of markets close on October 25, 2024
Earnings reports from last week: None
Macro Context:
Big tech companies started their earnings reports last week, including some of the Magnificent 7, which pushed some of the major indexes up but much of the tech sector down as investors continue to worry about the pace of AI spending and growth. This should be no surprise, as the entire global economy has basically been this group with AI in a trench coat for the last year.
Speaking of AI, it wasn’t just these M7 companies having a field day, either. IBM announced it made $1 billion more on Generative AI in its latest earnings report than it made last quarter, bringing the total Gen AI revenue to over $3 billion! 🤯
Expect markets to get more volatile as we get closer to the US Presidential Election coming up on November 5th this week.
Earning reports to watch this coming week:
The Q3 2024 cyber earnings season starts this week, so I’ll be tuning in for Check Point, Tenable, and Varonis. 🍿
🧩 Funding By Product Category
$80.0M for Software Supply Chain Security across 2 deals
$45.0M for Data Security Posture Management (DSPM) across 1 deal
$33.0M for Trust & Safety across 1 deal
$30.0M for Threat Detection and Response (TDR) across 1 deal
$30.0M for Data Protection across 1 deal
$24.8M for Security Awareness across 1 deal
$8.2M for Identity Verification across 1 deal
$8.0M for Digital Forensics and Incident Response (DFIR) across 1 deal
$6.0M for Identity and Access Management (IAM) across 1 deal
$4.0M for Web Application and API Protection (WAAP) across 1 deal
$1.3M for Application Security across 1 deal
$1.3M for Brand Protection across 1 deal
$275.0K for Attack Surface Management (ASM) across 1 deal
An undisclosed amount for Professional Services across 1 deal
🏢 Funding By Company
Concentric AI, a United States-based unstructured data inventory and risk management platform, raised a $45.0M Series B from HarbourVest Partners and Top Tier Capital Partners. (more)
Interos, a United States-based risk management and supply chain monitoring platform, raised a $40.0M Private Equity Round from Blue Owl. (more)
Socket, a United States-based supply chain software security platform, raised a $40.0M Series B from Abstract Ventures. (more)
Reality Defender, a United States-based AI deepfake media and content detection platform for media networks, raised a $33.0M Series A from Illuminate Financial. (more)
Stream Security, an Israel-based cloud threat detection and response, raised a $30.0M Series B from U.S. Venture Partners. (more)
WISeKey, a Switzerland-based certificate and secrets management platform, raised a $30.0M Post-IPO Debt round. (more)
Cyber Guru, an Italy-based security awareness and training platform, raised a $24.8M Series B from Riverside Acceleration Capital. (more)
Authologic, a Poland-based digital identity verification platform, raised an $8.2M Series A from OpenOcean. (more)
Actfore, a United States-based digital forensics and breach incident response company, raised a $8.0M Private Equity Round from Gresham House Ventures. (more)
Oloid, a United States-based workspace identity and passwordless authentication platform, raised a $6.0M Series A from Yaletown Partners. (more)
Qpoint, a United States-based web application and API protection (WAAP) platform using eBPF, raised a $4.0M Pre-Seed from Mango Capital. (more)
Start Left Security, a United States-based application security management platform, raised a $1.3M Seed round. (more)
adCAPTCHA, a United Kingdom-based brand and ad fraud protection platform, raised a $1.3M Seed round. (more)
ThreatMate, a United States-based attack surface management (ASM) platform for SMBs, raised a $275.0K Seed round. (more) (Future business idea with this name - a dating app for Security Analysts)
TAO Digital Solutions, a United States-based professional services firm focused on strategy and cybersecurity consulting, raised an undisclosed Private Equity Round from Vesper Company.
🌎 Funding By Country
$177.6M for the United States across 10 deals
$30.0M for Switzerland across 1 deal
$30.0M for Israel across 1 deal
$24.8M for Italy across 1 deal
$8.2M for Poland across 1 deal
$1.3M for the United Kingdom across 1 deal
🤝 Mergers & Acquisitions
SecureWorks, a United States-based managed security services provider (MSSP), was acquired by Sophos for $859.0M. (more)
Effectiv, a United States-based machine learning (ML) fraud detection platform, was acquired by Socure for 136.0M. (more)
Bridge Security Advisors, a United States-based professional services firm focused on cloud security and GRC consulting, was acquired by RKON for an undisclosed amount. (more)
Dendrio Solutions SRL, a Romania-based managed security services provider (MSSP), was acquired by Bittnet for an undisclosed amount.
Harbor Networks, a United States-based managed security services provider (MSSP), was acquired by Worklyn Partners for an undisclosed amount. (more)
J2 Technology, a United Kingdom-based managed security services provider (MSSP), was acquired by Claritel for an undisclosed amount. (more)
📚 Great Reads
Application Security Posture Management: Security from the Supply Chain to Cloud Runtime - My friend James Berthoty created a really great LinkedIn Learning course on all things Application Security Posture Management (ASPM).
*The Fast Track to Compliance - Learn how to implement controls, alerts, and 24/7 audited monitoring to your organization to check off requirements mapped across the most in-demand compliance frameworks with this eBook by ThreatLocker!
Signal to Noise: An Interview with Mike Privette - I caught up with my friend Damien Lewke on FUD in the AI Security market, prioritizing time and value in cybersecurity programs investments, what "signal to noise" means to me, and much more.
AI Prompts as PRDs - Why how you prompt AI systems will become some of the most important intellectual property assets for businesses in the near future.
*A message from our sponsor
🧪 Labs
Do the adversaries also have glass ceilings?? 🤔
Are there threat actresses
— ali (@endingwithali)
10:19 PM • Oct 23, 2024
How was this week's newsletter? |
Data Methodology and Sources
All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our system at Return on Security, and we write all the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and we’ll fix them.
About Return on Security
Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.
Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.
Reply