๐Ÿ’ฐ Security, Funded #86 - XDR Is Calling, SVB Finds A Buyer, and New Uses For Old Tech

The Business Of Global Cybersecurity Funding And M&A News From The Week Of March 20th, 2023.

Mike P
Mike P

Table of Contents

Hey there,

Happy Monday, and I hope you had a great weekend!

In this week's issue:

  • XDR Is Calling
  • SVB Finds A Buyer
  • New Uses For Old Tech

The US and TikTok have a face-off, SVB finds a buyer, the US Fed and the ECB raised interest rates again, and the Co-Founder of Intel and inventor of โ€œMooreโ€™s Lawโ€, industry legend Gordon Moore, dies at 94.

SVB finally finds a buyer in First Citizens Bank (FCB), based in Raleigh, North Carolina. Many people reading this may have never heard of FCB prior to buying SVB, but FCB is no stranger to acquisitions, having completed more than 20 FDIC-backed bank acquisitions since 2009.

FCB also holds a special place in my own heart. Many (many!) years ago, I got my first job as a security engineer there. I was only a few years into my career, having just been laid off from the last financial crisis in 2008, and I was given the chance to break into engineering. It was the first hands-on role I had in cybersecurity, and it created an unquenchable thirst to learn more about cybersecurity and always improve myself.

I credit my time there, and my experience living through multiple bank mergers, as a breakout period that helped tremendously accelerate my career. Without my time at FCB, I may not be where I am today.

Earnings Reports

  • Secureworks (SCWX) - beat its earnings estimate for Q4 2022 on the backs of the evolution of the XDR (eXtended Detection and Response) space. A specific focus was spent on replacing legacy SIEM deployments and catering to the MSP/MSSPs businesses.

XDR is now more than just another annoying cyber industry acronym. The cost of log collection, retention, normalization, and detection has dropped significantly.

At the same time, with the rise of detections as code, Detection Engineering as a discipline, security engineers starting to look more and more like software developers, and trust-driven security vendors, and the cost of threat detection has followed suit.

XDR is now making true what the SIEM promised 10+ years ago.

This doesnโ€™t mean the SIEM is dead, however. XDR and SIEM deployments are a piece of the larger puzzle, and there is no one-size fits all model.

Donโ€™t forget that with 3 referrals, you can get my Airtable base with a list of all the public cybersecurity companies mapped to categories, funding data, and market cap information, updated daily. Find your unique referral link below (email-only version)!

Onward to this week's issue.


Lacework: Security for DevOps, Container, and Cloud

Lacework is data-driven cloud security

Our platform, powered by Polygraphยฎ, automates cloud security at scale so our customers can innovate with speed and safety across AWS, Azure, GCP, and Kubernetes environments

Schedule a meeting to start your cloud security journey today!

๐Ÿ›ž Industry News Roundup

  • ChatGPT has an Outage and Unintentional Data Disclosure (more)
  • 2022 Zero-Day Exploitation Continues at an Elevated Pace (more)
  • U.S. Threatens Ban if TikTokโ€™s Chinese Owners Donโ€™t Sell Stakes (more)

๐Ÿ“… YTD Funding

A rolling 12-week chart to compare funding each week between 2022 and 2023.

Overall funding volume over the past few weeks has been on par year-over-year, which I think is a good sign. Of course, this year has seen a lot of uncertainty on the macro headwinds and banking industry instability, but this still shows that dry powder is, indeed, getting wet. ๐ŸŒŠ

๐Ÿ’ฐ Funding Summary

  • 10 companies raised $89.6M across 9 unique product categories
  • 5 companies were acquired or had a merger event across 4 unique product categories

๐Ÿงฉ Funding By Product Category

  • $37.1M for Identity and Access Management (IAM) across 2 deals
  • $15.0M for Passwordless Authentication across 1 deal
  • $8.0M for Identity Governance & Administration (IGA) across 1 deal
  • $8.0M for Application Security Testing (AST) across 1 deal
  • $7.5M for Data Protection across 1 deal
  • $6.0M for Cloud Security across 1 deal
  • $5.0M for Managed Security Services Provider (MSSP) across 1 deal
  • $2.0M for Internet of Things (IoT) Security across 1 deal

๐Ÿข Funding By Company

  • Britive, a United States-based multi-cloud privileged access visibility and threat monitoring all in one platform, raised a $20.5M Series B from Pelion Venture Partners. (more)
  • Aembit, a United States-based identity and access workload management platform, raised a $16.6M Seed from Ballistic Ventures and Ten Eleven Ventures. (more)
  • Clerk, a United States-based no-code passwordless authentication and customer identity building blocks platform, raised a $15.0M Series A from Madrona. (more)
  • Backslash Security, an Israel-based application security testing and bug prioritization platform, raised an $8.0M Seed from D. E. Shaw & Co., First Rays Venture Partners, and StageOne Ventures. (more)
  • Oleria, a United States-based identity governance and administration (IGA) platform, raised an $8.0M Seed from Salesforce Ventures. (more)
  • Turnkey, a United States-based API platform for managing private keys in smart contract and cryptocurrency deployments, raised a $7.5M Seed from Coinbase Ventures. (more)
  • emma, a Luxembourg-based secure cloud deployment and management platform, raised a $6.0M Seed from RTP Global. (more)
  • Cerberus Sentinel, a United States-based managed compliance and cybersecurity services company, raised a $5.0M Post-IPO Debt round. (more)
  • OP[4], a United States-based Internet of Things (IoT) and embedded device security platform, raised a $2.0M Seed.
  • Guard Dog Solutions, a United States-based network security platform, raised a $1.0M Debt Financing round.

๐ŸŒŽ Funding By Country

  • $75.6M for United States ๐Ÿ‡บ๐Ÿ‡ธ
  • $8.0M for Israel ๐Ÿ‡ฎ๐Ÿ‡ฑ
  • $6.0M for Luxembourg ๐Ÿ‡ฑ๐Ÿ‡บ

๐Ÿค Mergers & Acquisitions

๐Ÿ“š Great Reads

๐Ÿ Cross Pollinate

Discover something ๐Ÿ†• this week.

A newsletter that talks about the intersection of AI and cybersecurity, something very top of mind for security professionals today, from Craig Balding:

The Threat Prompt Newsletter | Craig Balding | Substack
The AI Security newsletter. About the security of AI and how to use AI for security. Click to read The Threat Prompt Newsletter, by Craig Balding, a Substack publication. Launched 3 months ago.


AppSec Without the Noise

Discover Bearer, an innovative, open-source SAST engine for lightning-fast security risk assessment, prioritization, and remediation. Seamlessly integrate with GitHub or GitLab, and effortlessly shift data security left.

Bearer simplifies privacy reporting, generating detailed reports with information on processed sensitive data, associated risks, data subjects, and third-party services to support your privacy and compliance teams. By focusing on sensitive data flow analysis, Bearer helps protect your business from the rising threats of data leaks and breaches.

Elevate your application security game and safeguard your sensitive data with Bearer

๐Ÿงช Labs

Improvise. Adapt. Overcome.

๐Ÿค” Have questions, comments, or feedback? I'd love to hear from you!

๐Ÿ”ฅ Security, Funded is brought to you by Return on Security.

๐Ÿค Want to partner with Security, Funded? Learn more here.

๐Ÿ If you run a newsletter, I can't recommend Beehiiv enough.