💰 Security, Funded #95 - Palo Alto's PANcake Power Play 🥞

A review of cybersecurity funding and industry news from the week of May 22nd, 2023.

Hey there,

Happy Monday, and I hope you had a great weekend!

🏃‍♂️ The Rundown

A meta roundup of all the important things:

  • US raises the debt roof (finally)

  • Palo Alto flexed on ‘em with bundling 💪

  • China hackers and AI deception ramp up

  • LLMASB (LLM Access Security Broker?)

  • 2023's YTD funding down ~32%, steady deal volume

  • $95.4M raised across 12 companies, 4 acquisitions

  • 60 Minutes staff scammed in cybersecurity demo

  • AI business risks under discussion

  • Google's '.zip' domains creatively utilized

Onward to this week's issue.


Lacework is data-driven cloud security

Our platform, powered by Polygraph®, automates cloud security at scale so our customers can innovate with speed and safety across AWS, Azure, GCP, and Kubernetes environmentsSchedule a meeting to start your cloud security journey today!

🔮 Earnings Reports

A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies:

  • Palo Alto ($PANW) - crushed earnings yet again with a 30% CAGR as they see more and more companies go to the platform route.I’ve got to hand it to Palo Alto’s ability to get customers to say ‘yes,’ they have really professionalized this. Two of the biggest ways that stood out to me were the required bundling of XDR (Extended Detection and Response) + XIEM (Extended Information and Event Management) (I really hate these terms btw) and the “credits” system. You can’t buy the hot new SIEM replacement of XIEM without buying XDR, and customers can buy a single SKU of Palo Alto credits, which I am now dubbing PANcakes (Nikesh, I’ll send you my bill) that let them spend across the portfolio of services. This is fully leaning into the prevailing macro headwinds.

🛞 Industry News Roundup

  • Microsoft warns that China hackers attacked U.S. infrastructure (more)

  • A.I. generated image went viral showing a fake explosion outside the Pentagon (more)

  • China bans major chip maker Micron from key infrastructure projects (more)

📅 YTD Funding

A rolling 12-week chart to compare funding each week between 2022 and 2023.

We’re well into the middle of Q2, and more of a picture is emerging. Deal volume is remaining relatively close YoY, but YTD funding is still down ~32%. By all accounts, this appears to be the “new normal” (or a “reversion to the historical mean prior to the zero-interest rate phenomenon,” depending on how long you’ve been in the game).

💰 Funding Summary

  • 12 companies raised $95.4M across 13 unique product categories

  • 4 companies were acquired or had a merger event across 3 unique product categories

🧩 Funding By Product Category

  • $37.9M for Threat Intelligence across 2 deals

  • $14.3M for Cloud Security across 1 deal

  • $10.0M for Brand Protection across 1 deal

  • $8.2M for Identity and Access Management (IAM) across 1 deal

  • $7.6M for Third-Party Risk Management across 1 deal

  • $7.0M for Continuous Compliance across 1 deal

  • $5.0M for Risk Management across 1 deal

  • $4.6M for Security Awareness across 1 deal

  • $500.0K for Quantum Security across 1 deal

  • $300.0K for Cloud Native Application Protection Platform (CNAPP) across 1 deal

  • An undisclosed amount for Password Management across 1 deal

  • An undisclosed amount for Distributed Ledger Technology (DLT) Security across 1 deal

🏢 Funding By Company

🌎 Funding By Country

  • $45.4M for France across 3 deals 🇫🇷

  • $20.1M for United States across 4 deals 🇺🇸

  • $15.0M for Israel across 2 deals 🇮🇱

  • $14.3M for China across 1 deal 🇨🇳

  • $500.0K for Switzerland across 1 deal 🇨🇭

  • An undisclosed amount for the Netherlands across 1 deal 🇳🇱

  • An undisclosed amount for New Caledonia across 1 deal 🇳🇨

🤝 Mergers & Acquisitions

📚 Great Reads


Automate security and privacy complianceWith a streamlined workflow and expert guidance, Secureframe automates the entire compliance process, end-to-end. What makes Secureframe different?

  • Get audit-ready and achieve compliance in weeks, not months, with built-in remediation guidance and 100+ integrations.

  • Stay compliant with the latest regulations and requirements, including ISO 27001, GDPR, HIPAA, PCI, and other standards.

  • Automate responses to RFPs and security questionnaires with AI.

  • Trusted by hyper-growth organizations: AngelList, Ramp, Lob, Remote, and thousands of other businesses.

🧪 Labs

People are already putting those Google ".zip" domains to good use

🤔 Have questions, comments, or feedback? I'd love to hear from you!

🔥 Security, Funded is brought to you by Return on Security.

🤝 Want to partner with Security, Funded? Learn more here.

🐝 If you run a newsletter, I can't recommend Beehiiv enough.


or to participate.