Return on Security
Posts
💰 Security, Funded #170 - From Zoom Doubt to AI Clout

💰 Security, Funded #170 - From Zoom Doubt to AI Clout

Get cybersecurity market and intelligence insights, including key trends and industry analysis, for the week of November 11, 2024

Mike Privette
November 18, 2024 • Reading Time: 9 minutes

Security, Funded is a weekly deep dive into the financial transactions, industry news, and economic activity in the cybersecurity market. This week’s issue is presented together with Nudge Security.

Hey there,

I hope you had a great weekend!

It was great visiting Portugal last week for Web Summit, and a shoutout to the Bright Pixel team for hosting a great evening event!

Web Summit was an interesting look into the business and consumer side of where AI is taking things, and cyber will have to be right there with it in lockstep.

Also, I’ll be sending out a few different surveys and polls these last few weeks of the year to get a temperature check on a few topics and make sure I’m still creating the kind of content and insights you want. The first one is a general demographic survey and is completely optional and confidential. I’m obviously a huge fan of data, so the more I know, the better I can make things.

I would really appreciate your support in filling these out! 🙏

_{Partner With Us}

😎 Vibe Check
Market Summary
📸 YoY Snapshot
☎️ Earnings Reports
🧩 Funding By Product Category
🏢 Funding By Company
Funding by Country
🤝 Mergers & Acquisitions
📚 Great Reads
🧪 Labs

😎 Vibe Check

What metric do you find most valuable for evaluating the success of your security program?

I know there will be multiple, but pikc one

Last issue’s vibe check:
Should the CISO or security leaders be driving security programs with AI?
🟩🟩🟩🟩🟩🟩 🤠 Yes (16)
🟨🟨🟨🟨⬜️⬜️ 👿 Nope (12)
28 Votes

It was a light week of voting last week (c’mon, people!), but it was fairly close to being evenly split on whether a CISO or security leaders should be using AI to drive security programs. Either way you look at it, however, the horse has already left the barn about 24 months ago. Almost every person in any position is looking to personally use AI in some way to make their lives a bit easier.

I think of AI as a tool that can enhance whatever X might be. It’s a compliment more than a means to an end. There’s a difference between “could” and “should,” however.

Some of the top comments from last week:

Nope - “I think AI is a compliment to something; not something that should drive an entire effort.”

Yes - “Not all programs. Not all the time. But yes. Security is historically 10 years behind the IT world. Getting ahead of AI means we make mistakes, but integrating and familiarizing with AI now is the difference between caught surprised by an attacker or internal project vs being prepared.”

Nope - “They should uninstall Zoom from the Windows servers, and sunset those FTP servers with 4 character passwords before they get distracted by AI stuff” 😂

💰 Market Summary

5 companies raised $39.4M across 5 unique product categories in 3 countries
8 companies were acquired or had a merger event across 6 unique product categories
93% of funding went to product-based cybersecurity companies
1 public cyber company had an earnings report

📸 YoY Snapshot

This is a rolling 12-week chart comparing funding and acquisitions each week in a year-over-year (YoY) view between 2023 and 2024.

A very quiet week in the post-US election world. I suspect much of this is just a timing thing so the dust can settle (even if temporarily) on the news cycle front. Last week was the fourth lowest week in cybersecurity funding in 2024 by dollar amount.

M&A, on the other hand, was still ripping and roaring. A few product-based companies even joined forces this week, which is a departure from the usual service-on-service business that normally makes up this scene.

_{Partner With Us}

☎️ Earnings Reports

Cyber Market Movers

As of markets close on November 15, 2024

Earnings reports from last week: CyberArk

CyberArk (CYBR)

CyberArk reported a strong Q3 2024, with revenues reaching $240.1 million, a 26% increase from last year. The rising wave of the importance of non-human identity (NHI) security and secrets management provided strong tailwinds for CyberArk, as the whole cyber industry is currently transfixed on identity security (something it gets a renewed focus on about every 3-6 months). CyberArk's operating and cash flow margins improved significantly.

An important callout is that the Q3 results for CyberArk did not include any revenue from the Venafi acquisition, but the Q4 guidance does include it.

Macro Context:

The broader market is already reacting to the upcoming “Trump Trade.” This is when investors will adjust their portfolios based on anticipated policy changes under Trump, such as personal and corporate tax reforms, deregulation, an easier path to large M&As, and international trade policies.
Based on economic reports, the US Federal Reserve says they can be a bit slower with additional interest rate cuts. This statement is both encouraging from an economic standpoint and worrisome from a public market standpoint. This is a good time to remember that the public markets ≠ the economy.
The US Federal Reserve is still signaling another interest rate cut in December 2024 at this time.

Earning reports to watch this coming week:

Palo Alto Networks

🧩 Funding By Product Category

$27.6M for Security Awareness across 1 deal
$5.2M for Artificial Intelligence (AI) Governance across 1 deal
$3.0M for Application Security across 1 deal
$2.6M for Managed Security Services Provider (MSSP) across 1 deal
$1.0M for Anti-Bot across 1 deal

🏢 Funding By Company

Riot, a United States-based security awareness platform focused on training employees about phishing and data breaches, raised a $27.6M Venture Round.
SurePath AI, a United States-based AI risk and governance platform, raised a $5.2M Seed from Uncork Capital. (more)
Symbiotic Security, a United States-based application vulnerability and remediation platform, raised a $3.0M Pre-Seed from Lerer Hippeau, Axeleo Capital, and Factorial Capital. (more)
CyberUpgrade, a Lithuania-based managed security services provider (MSSP), raised a $2.6M Seed from FIRSTPICK, NGL, Specialist VC, and Superhero Capital. (more)
Veracity Trust Network, a United Kingdom-based anti-bot platform, raised a $1.0M Grant from the Cyber Security Agency. (more)

🌎 Funding By Country

$35.8M for the United States across 3 deals
$2.6M for Lithuania across 1 deal
$1.0M for the United Kingdom across 1 deal

🤝 Mergers & Acquisitions

Cybersixgill, an Israel-based cyber threat intelligence platform, was acquired by BitSight for $115.0M. (more)
AfricaIntel, a Nigeria-based dark web and cyber threat intelligence platform, was acquired by Smartcomply for an undisclosed amount. (more)
Coolspirit, a United Kingdom-based managed security services provider (MSSP), was acquired by Databarracks for an undisclosed amount. (more)
Cybereason, a United States-based endpoint detection and response (EDR) platform, merged with Trustwave for an undisclosed amount. (more)
Intraprise Health, a United States-based professional services firm focused on cyber risk management for healthcare systems, was acquired by Health Catalyst for an undisclosed amount. (more)
Probely, a Portugal-based dynamic application security testing platform, was acquired by Snyk for an undisclosed amount. (more)
Rezonate, a United States-based identity threat detection and response, was acquired by Silverfort for an undisclosed amount. (more)
Softrams, a United States-based professional services firm focused on cloud security and cyber risk management, was acquired by Tria Federal for an undisclosed amount. (more)

📚 Great Reads

InfoSec Black Friday Deals - "Cyber Turducken" 2024 Edition. It’s the time of year again for the world-famous InfoSec Black Friday GitHub repo! This has been a huge hit for over 6 years, and it has just about everything a cybersecurity person would want.
*How GLAAD protects SaaS identities and sensitive data with Nudge Security - With Nudge, the team at GLAAD got immediate visibility into SaaS they hadn’t known about and saved 4-5 hours per day in manual effort while improving their SaaS security posture.
OpenCloud 2024 Report - Battery Ventures' 2024 "State of the OpenCloud" report highlights AI's increasing enterprise deployments, predicting a significant technological shift and market value impact.

_{*A message from our sponsor}

🧪 Labs

CanYouSeeMyScreenNowSec?

— ᴉpᴉǝH 🐐💕 (@summer__heidi)
9:17 PM • Oct 28, 2024

How was this week's newsletter?

Data Methodology and Sources

All of the data is captured point-in-time from publicly available sources.
All financial figures are converted to U.S. dollars (USD) when collected.
Company country locations are pulled from publicly available sources.
Companies are categorized using our system at Return on Security, and we write all the company descriptions.
Sometimes, the details about deals, like who led the round, how much money was raised, or the deal stage, might get updated after the issue is first published.
Let us know if you spot any errors, and we’ll fix them.

About Return on Security

Return on Security is all about breaking down the cybersecurity industry for you with expert analysis, hard facts, and real-life stories. The goal? To keep security pros, entrepreneurs, and investors ahead in a fast-moving field. Read more about the “Why” here.

Feel free to borrow any data, charts, or advice you find here. Just make sure to give a shoutout to Return on Security when you do.

Thank you for reading. If you liked this analysis, please share it with your friends, colleagues, and anyone interested in the cybersecurity market.

Follow me on LinkedIn or Twitter to never miss Return on Security updates.

Reply

or to participate.