๐Ÿ’ฐ Security, Funded #91 - YABF, RSAC Recap, and Valuation Down Bad

A review of cybersecurity funding and industry news from the week of April 24th, 2023, from Mike Privette.

Mike P
Mike P

Table of Contents

Hey there,

Happy Monday, and I hope you had a great weekend and an eventful RSA Conference Week for all those who attended!

In this week's issue:

  • YABF
  • RSAC Recap
  • Valuation Down Bad

RSAC 2023 was a blast with over 40,000 people in attendance ๐Ÿคฏ, the US economy grew at a slower rate than expected last quarter, Cybereason had quite the down round and cut their valuation by 90% (plus Softbank isnโ€™t doing too hot either ๐Ÿ‘€), Q1 2023 earnings reports for public cyber companies are rolling in, and Yet Another Banking Failure (YABF)โ„ข๏ธ over the weekend to continue chipping away at global banking stability.

RSA Vibes

RSA was officially back in full swing this year with 400+ registered vendors (likely 10-20% more on the fringes) and 40,000+ attendees. The expo floor did not disappoint with over-the-top booths, claims, and tactics to draw would-be buyers in.

Every vendor I spoke with was optimistic, hopeful, and focused to unseat competition saying their solution was the best. Every investor I spoke with was looking for the next big thing, chasing hunches and missed deals from earlier in the year, and cementing new relationships that could give them a future edge. Every practitioner I spoke with was curious and cautiously optimistic about the future of AI and cyber but still weary and jaded by the marketing spectacle that is RSA.

In short, everything was feeling back to normal. As Ed Sim said, โ€œsteak dinners are backโ€:

It was a great time to connect with new people for the first time and reconnect with friends I hadnโ€™t seen since the last RSA. One of the highlights for me, however, was being able to get together with this absolute unit of a brain trust of cybersecurity creators:

For anyone that I didnโ€™t get the chance to connect with at RSA, Iโ€™m sorry I missed you but hope to catch you at a future conference this year or next.

Onward to this week's issue.


Prevent Privacy Breaches Using Simulated Attacks

Using anonymized data for development and testing environments has become standard practice. Unfortunately, much of that data can still be identified using linkage attacks.

Research shows 87% of Americans can be uniquely identified using only their zip code, gender, and date of birth. As applications continue collecting detailed personal information from consumers, re-identification becomes even more likely.

With simulated attacks, Privacy Dynamics helps CISOs quickly and easily monitor re-identification risk across their organization.

Learn More

๐Ÿ”ฎ Earnings Reports ๐Ÿ†•

Iโ€™m making this into a separate section now where there are significant earnings reports, let me know what you think!

  • Check Point ($CHKP) - ย beat Q4 earnings by 4% but still missed Q1 estimates leading to a dip in their stock.
  • Tenable ($TENB) - beat its Q1 earnings estimate but fell short of its annual revenue forecast, and analysts gave the stock the business. Tenable cited the elongation of approvals for customer spend, challenges with new customer acquisition, and weakness in the North American financial sector for missed targets.
  • Juniper Networks ($JNPR) - beat its Q1 2023 earnings estimates by 17% and claims that a push towards digital transformation and leveraging AI drove their growth.

The takeaway: digital transformation at companies, both large and small, is continuing to be a driver for enterprise sales for public cyber companies. The combination of a continued macroeconomic recession, more bank failures, the likelihood of continued rate hikes from the US Fed, the strong labor market driving wages higher (which the Fed is trying to quash), and the rapid development and rise of generative AI are all driving companies to leapfrog and transform their businesses faster. Expect this to be a pattern for the rest of the public cyber companies.

The companies who can come to the table to accelerate this for businesses by way of cyber? These are the ones that will continue to stand out.

๐Ÿ›ž Industry News Roundup

  • Cybereason cuts valuation by more than 90%, loses unicorn status (more)
  • The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed (more)
  • First Republic Bank is taken over by FDIC (more)

๐Ÿ“… YTD Funding

A rolling 12-week chart to compare funding each week between 2022 and 2023.

A sign of how much the world has changed since last year post-RSA, and we see an 89%+ drop in funding from last year. This might just be a deal timing issue, but there were noticeably fewer funding announcements during RSA this year than last year. ย 

๐Ÿ’ฐ Funding Summary

  • 13 companies raised $44.6M across 12 unique product categories
  • 3 companies were acquired or had a merger event across 3 unique product categories

๐Ÿงฉ Funding By Product Category

  • $12.0M for Privileged Access Management (PAM) across 1 deal
  • $8.0M for Internet of Things (IoT) Security across 1 deal
  • $7.8M for Managed Security Services Provider (MSSP) across 2 deals
  • $6.0M for Secure Remote Access across 1 deal
  • $4.0M for Identity Governance & Administration (IGA) across 1 deal
  • $3.2M for Continuous Threat Exposure Management (CTEM) across 1 deal
  • $3.0M for Cloud Native Application Protection Platform (CNAPP) across 1 deal
  • $621.7K for Threat & Vulnerability Management (TVM) across 1 deal
  • An undisclosed amount for Threat Intelligence across 1 deal
  • An undisclosed amount for Professional Services across 1 deal
  • An undisclosed amount for Blockchain Security across 1 deal
  • An undisclosed amount for Anti-Phishing across 1 deal

๐Ÿข Funding By Company

๐ŸŒŽ Funding By Country

  • $29.2M for United States across 7 deals ๐Ÿ‡บ๐Ÿ‡ธ
  • $12.0M for Canada across 1 deal ๐Ÿ‡จ๐Ÿ‡ฆ
  • $2.8M for France across 1 deal ๐Ÿ‡ซ๐Ÿ‡ท
  • $621.7K for United Kingdom across 1 deal ๐Ÿ‡ฌ๐Ÿ‡ง
  • An undisclosed amount for Spain across 1 deal ๐Ÿ‡ช๐Ÿ‡ธ
  • An undisclosed amount for India across 1 deal ๐Ÿ‡ฎ๐Ÿ‡ณ
  • An undisclosed amount for China across 1 deal ๐Ÿ‡จ๐Ÿ‡ณ

๐Ÿค Mergers & Acquisitions

  • Appruve, a Ghana-based anti-fraud and customer verification platform, was acquired by Smile Identity for an undisclosed amount. (more)
  • Broadleaf, a United States-based managed security services provider (MSSP), was acquired by ASRC Federal for an undisclosed amount. (more)
  • Vonahi Security, a United States-based automated penetration testing platform, was acquired by Kaseya for an undisclosed amount. (more)

๐Ÿ“š Great Reads

  • M-Trends 2023: Cybersecurity Insights From the Frontlines - Mandiant's report from the frontlines of incident response with metrics on the types of attacker techniques and how defenders are responding.
  • ChatGPT-Themed Scam Attacks Are on the Rise - The dark side of this popularity is that ChatGPT is also attracting the attention of scammers seeking to benefit from using wording and domain names that appear related to the site.
  • AI for security is here. Now we need security for AI - Despite all the attention AI received in the industry, the vast majority of the discussions have been focused on how advances in AI are going to impact defensive and offensive security capabilities. What is not being discussed as much is how we secure the AI workloads themselves.


Easy SOC 2 compliance + AI-based RFP automation

SOC 2 compliance in weeks, not months

With a streamlined workflow and expert guidance, Secureframe automates the entire compliance process, end-to-end. What makes Secureframe different?

  • Get audit-ready and achieve compliance in weeks, not months, with built-in remediation guidance and 100+ integrations.
  • Stay compliant with the latest regulations and requirements, including ISO 27001, GDPR, HIPAA, PCI, and other standards.
  • Automate responses to RFPs and security questionnaires with AI.
  • Trusted by hyper-growth organizations: AngelList, Ramp, Lob, Remote, and thousands of other businesses.

Schedule a personalized demo of Secureframe

๐Ÿงช Labs

๐Ÿค” Have questions, comments, or feedback? I'd love to hear from you!

๐Ÿ”ฅ Security, Funded is brought to you by Return on Security.

๐Ÿค Want to partner with Security, Funded? Learn more here.

๐Ÿ If you run a newsletter, I can't recommend Beehiiv enough.