Table of Contents
I hope you had a great weekend!
As expected, there was a lot of action just waiting for the RSA conference to come out of stealth mode.
Speaking of being out of stealth mode, I opened a store.
Attending RSA was a blast this year! It was amazing to see people I haven’t seen in years and meet Twitter and LinkedIn friends for the first time in person.
It was also incredible to hear that people have found this newsletter so helpful. Someone even told me I was “doing a great service for the industry” and that I “make [their] job easier.” 😳
Comments like those are truly impactful for me and gives me the energy to keep going and improving. (I’m not crying happy tears, you are! 😭)
I also got the chance to hang out and feel included with some of the creator giants in this industry (I'm the floating beard head).
Let's dive in.
- 17 companies raised $467.9M across 14 unique product categories
- 5 companies were acquired or had a merger event
🧩 By Product Category
- $110.0M for Continuous Compliance
- $100.0M for Data Access Governance
- $75.5M for Data Protection
- $70.0M for SaaS Security
- $35.0M for Security Awareness
- $35.0M for Governance, Risk, and Compliance (GRC)
- $15.0M for Managed Security Services Provider (MSSP)
- $10.0M for Identity and Access Management (IAM)
- $8.0M for Open-Source Intelligence (OSINT)
- $7.4M for Personal Cybersecurity
- $1.0M for Security Orchestration and Automated Response (SOAR)
- $1.0M for Endpoint Protection
- An undisclosed amount for Operational Technology (OT) Security
- An undisclosed amount for Application Security
7 rules for protecting your components and pipelines from attack
As the software components and delivery pipelines that comprise supply chains get more complex, so do the requirements for securing them. This checklist breaks down the components of supply chains to identify, prioritize, and address risks faster and proactively protect them from attacks. Download the guide for free!
🏢 By Company
- Vanta, an automated security monitoring platform that helps companies get SOC 2, HIPAA, or ISO 27001 certified, raised a $110.0M Series B from Craft Ventures. (Vanta)
- Immuta, a cloud-native data access governance platform, raised a $100.0M Series E from NightDragon Security. (Immuta)
- AppOmni, a SaaS security management solution, raised a $70.0M Series C from Thoma Bravo. (TechCrunch)
- HYCU, a cloud service data backup and recovery platform, raised a $53.0M Series B from Acrew Capital. (Acceleration Economy)
- Whistic, a third party security and compliance platform, raised a $35.0M Series B from JMI Equity. (Business Wire)
- CybSafe, a security awareness platform using behavioral science principles, raised a $28.0M Series B from Evolution Equity Partners. (Tech Market View)
- Keepit, a cloud and SaaS data backup and protection platform, raised a $22.5M Debt Financing Round from Silicon Valley Bank and Vaekstfonden. (Startup Around)
- DefenseStorm, a managed security services provider (MSSP) for the financial services industry, raised a $15.0M Series C from JAM FINTOP. (VC News Daily)
- Opal, an identity and access governance platform, raised a $10.0M Series A from Greylock. (Business Wire)
- 443ID, an open-source intelligence (OSINT) company, raised a $8.0M Seed from Silverton Partners and Bill Wood Ventures. (443ID)
- Flare, a platform that lets people understand and manage their digital footprint, raised a $7.4M Series A from Inovia Capital. (Betakit)
- HackNotice, a security awareness platform that uses threat intelligence data to establish security cultures and give companies situational awareness, raised a $7.0M Series A from Strategic Cyber Ventures and Lytical Ventures. (HelpNetSecurity)
- ORNA, a security orchestration, automation, and response (SOAR) platform, raised a $1.0M Seed from WGG Partners. (Betakit)
- Subconscious Compute, and endpoint protection platform using scoring systems to determine the "trustworthiness" of endpoints, raised a $1.0M Seed from YourNest Venture Capital. (The Economic Times)
- BetterCloud, a SaaS data protection and operations platform, raised an undisclosed Private Equity Round from Vista Equity Partners. (SiliconANGLE)
- NowSecure, a mobile application security testing platform, raised an undisclosed Debt Financing Round from CIBC Innovation Banking. (PR Newswire)
- Winicssec, an operational technology (OT) security company, raised an undisclosed Venture Round from Guangzhou Industrial Investment Group and China Development Bank Capital.
🤝 Mergers & Acquisitions
- Cysiv, a managed security services provider (MSSP), was acquired by ForeScout Technologies for an undisclosed amount. (Bank InfoSecurity)
- DNS Made Easy, a managed secure DNS (domain naming system) platform, was acquired by DigiCert for an undisclosed amount. (DigiCert)
- Randori, an extended detection and response (XDR) company, was acquired by IBM for an undisclosed amount. (ITPro)
- The AntiSocial Engineer, a security training and education company, was acquired by Ultima Business Solutions for an undisclosed amount. (Computer Reseller News UK)
- WipeDrive Inc (formerly WhiteCanyon Software), a secure data deletion company, was acquired by Blancco Oy for an undisclosed amount. (NewsnReleases)
🔐 Secure The Job
If you're looking for new opportunities (actively or passively), I've got two ways to help:
- Return on Security Job Board - Browse the jobs I curate each week and apply for what matches your interests.
- Return on Security Talent Collective - Join the talent collective to get personally matched with high-growth, high-upside opportunities. This is invite-only, curated by me, and you can set your profile to be public or anonymous.
Search firms, recruiters, and hiring managers - hire the best talent from the Return on Security community by signing up here.
📚 Great Reads & Finds
- Scaling Appsec at Netflix (Part 2) - The Application Security teams at Netflix are responsible for securing the software footprint that we create to run the Netflix product, the Netflix studio, and the business.
- Why AIs Will Become Hackers - At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems — and what that will mean for us.
- Awesome iOS Security - A collection of awesome tools, books, courses, blog posts, and cool stuff about iOS Application Security and Penetration Testing.
A poem about working in cybersecurity.
🎉 Enjoying This Newsletter?
Have questions, comments, or feedback about this issue? I'd love to hear from you.
Reach out on Twitter or reply directly to the newsletter version of this issue.
Thanks for reading!
A weekly recap of cybersecurity funding and M&A news.