💰 Security, Funded #106 - Punching Up the Fun: From AI Acquisitions to Smart Contract Fiestas!

Hey there,

Happy Monday, and I hope you had a great weekend!

🏃‍♂️ The Rundown

A meta roundup of all the important things affecting cybersecurity and the macroenvironment:

• 🥊 IAM just hits different

• 🤯 More funding events than ever before

• 🤖 The first acquisition from a Gen AI Cyber company

• 💥 A big boom in smart contract transaction protection

To everyone who attended Black Hat and Hacker Summer Camp, it was great to see you again, meet you for the first time, and see what everyone was getting up to.

The general conference vibe was: We are almost so back

And this week’s issue definitely supports that, as this is the issue with the most funding events in one week since I’ve been writing this newsletter.

The second half of the year pipelines are growing again, cyber companies are having record quarters again, and funding rounds and deal volume are ramping up again. Nature is finally healing 🌿 🧘 💰️ 

Onward to this week's issue.

First time reading? Sign up here. Want to share the newsletter and get rewards? Do that here.

I’m going to start adding in a poll question each week to take a vibe check of the market, how people are feeling, and what’s important to you right now. I’ll post the results from each week in the next newsletter and build from there.

If you’ve got questions you want me to ask or you want to add commentary to your poll answer, just reply back to the newsletter or email me at [email protected].

_{Shoutout to Nick Sands for the idea to add in a poll!}

📅 YTD Funding

A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.

26 funding rounds this week is insane, and now we’re <5% off from matching Q3 2022’s funding total.

Acquisitions remain high, and we’re seeing a lot more than just professional services and MSSP businesses being acquired this year. More companies are realizing they can’t make a traditional go-public run of it anymore and that an acquisition is still a good business outcome.

💰 Funding Summary

• 26 companies raised $295.5M across 18 unique product categories

• 7 companies were acquired or had a merger event for $740.0M across 7 unique product categories

🧩 Funding By Product Category

• $100.0M for Cyber Insurance across 1 deal

• $40.0M for Breach & Attack Simulation (BAS) across 1 deal

• $27.3M for Identity and Access Management (IAM) across 2 deals

• $25.0M for Data Privacy across 1 deal

• $23.4M for Distributed Ledger Technology (DLT) Security across 4 deals

• $17.7M for Data Security Posture Management (DSPM) across 1 deal

• $15.0M for Data Protection across 1 deal

• $12.0M for Attack Surface Management (ASM) across 1 deal

• $7.0M for Managed Security Services Provider (MSSP) across 1 deal

• $6.0M for Network Detection and Response (NDR) across 1 deal

• $5.9M for Professional Services across 4 deals

• $5.0M for Infrastructure as Code (IaC) Security across 1 deal

• $3.6M for Security Awareness across 1 deal

• $3.5M for Security Operations across 1 deal

• $3.5M for Cloud Security across 1 deal

• $610.0K for Application Security across 2 deals

• An undisclosed amount for Network Security across 1 deal

• An undisclosed amount for Fraud and Financial Crime Protection across 1 deal

🏢 Funding By Company

• Resilience, a United States-based cyber risk insurance company, raised a $100.0M Series D from Intact Ventures. (more)

• Horizon3.ai, a United States-based breach and attack simulation platform, raised a $40.0M Series C from Craft Ventures. (more)

• ConductorOne, a United States-based identity and access posture management platform, raised a $27.0M Series A from Felicis. (more)

• Osano, a United States-based data privacy platform that helps websites be compliant with privacy laws, raised a $25.0M Series B from Baird Capital. (more)

• Symmetry Systems, a United States-based data security posture management (DSPM) platform, raised a $17.7M Series B from Forgepoint Capital, Prefix Capital, The Syndicate Group, and W11 Capital Management. (more)

• Veza, a United States-based data protection platform focused on identity and authorization, raised a $15.0M Venture Round from ServiceNow Ventures and Capital One Ventures. (more)

• Sweet Security, an Israel-based cloud runtime attack surface management (ASM) platform, raised a $12.0M Seed from Glilot Capital Partners. (more)

• SphereX, an Israel-based platform for detecting and preventing malicious smart contract transactions, raised a $8.2M Seed from Aleph, Fabric Ventures, Mensch Capital Partners, and Pillar VC. (more)

• Cube3.ai, a United States-based platform for protecting smart contracts against malicious transactions, raised an $8.2M Seed from Blockchange Ventures. (more)

• Trava Security, a United States-based managed security services provider (MSSP), raised a $7.0M Venture Round. (more)

• Spearbit, a United States-based Web3 security auditor marketplace, raised a $7.0M Seed from Framework Ventures. (more)

• Stamus Networks, a United States-based network threat-hunting platform, raised a $6.0M Series A from First Analysis. (more)

• BeDisruptive, a Spain-based professional services firm focused on cybersecurity advisory, raised a $5.4M Debt Financing from Cofides. (more)

• Gomboc.AI, a United States-based cloud infrastructure security and remediation platform, raised a $5.0M Seed from [Glilot Capital Partners, and Hetz Ventures. (more)

• Pistachio, a Norway-based security awareness training platform, raised a $3.6M Seed from  Signals Venture Capital. (more)

• Dropzone AI, a United States-based AI-agent-enabled security operations analyst platform, raised a $3.5M Seed from Decibel Partners. (more)

• Kivera, an Australia-based cloud workload protection and posture management platform, raised a $3.5M Seed from Round13 Capital and General Advance. (more)

• Saltworks Security, a United States-based application security management and reporting platform, raised a $610.0K Seed. (more)

• Buguard, an Egypt-based professional services firm focused on penetration testing and cyber advisory, raised a $500.0K Seed from A15.

• heylogin, a Germany-based password manager platform, raised a $328.5K Funding Round.

• Analytical AI, a United States-based fraud and financial crime protection platform, raised an undisclosed Grant from Innovate Alabama.

• CovertSwarm, a United Kingdom-based professional services firm focused on cybersecurity advisory and penetration testing, raised an undisclosed Venture Round. (more)

• Hongyu Zhishang, a China-based network security platform, raised an undisclosed Corporate Round from ByteDance.

• SemanticGuard, a United States-based runtime application security platform, raised an undisclosed Grant from Innovate Alabama.

• Summit Information Solutions, a United States-based professional services firm focused on technology and cybersecurity consulting, raised an undisclosed Grant from Innovate Alabama.

• Valega Chain Analytics, a Finland-based platform for detecting and preventing malicious smart contract transactions, raised an undisclosed Venture Round.

🌎 Funding By Country

• $262.0M for United States across 16 deals

• $20.2M for Israel across 2 deals

• $5.4M for Spain across 1 deal

• $3.6M for Norway across 1 deal

• $3.5M for Australia across 1 deal

• $500.0K for Egypt across 1 deal

• $328.5K for Germany across 1 deal

• An undisclosed amount for United Kingdom across 1 deal

• An undisclosed amount for Finland across 1 deal

• An undisclosed amount for China across 1 deal

🤝 Mergers & Acquisitions

• Perimeter 81, an Israel-based secure web gateway and service edge platform, was acquired by Check Point Software Technologies for $490.0M. (more)

• Laminar, an Israel-based cloud data security posture management platform, was acquired by Rubrik for $250.0M. (more)

• Complyify, a United States-based continuous compliance platform, was acquired by Zyston for an undisclosed amount. (more)

• Fidelis Cybersecurity, a United States-based extended detection and response (XDR) platform, was acquired by Partner One for an undisclosed amount. (more)

• Helixera, a United States-based big data security analytics platform, was acquired by Seceon for an undisclosed amount. (more)

• huntr, a United States-based bug bounty program for open-source software, was acquired by Protect AI for an undisclosed amount. (more)

• Triaxiom Security, a United States-based professional services firm focused on security compliance auditing and penetration testing, was acquired by Strata Information Group for an undisclosed amount. (more)

📚 Great Reads

• Who Will AI Help More—Attackers or Defenders? - A look at who will benefit most from AI in the cat-and-mouse game of security from Daniel Miessler.

• *Successful vulnerability management at Lyft and Elastic - Breaking down Lyft and Elastic’s high-scale vulnerability management programs. Their secret is to give engineers maximum context when fixing issues inside the pull request or ticket.

• A framework to securely use LLMs in companies - Part 2: Managing risk - In this edition, Sandesh Anand focuses on managing risk for applications leveraging 3rd party LLMs.

• "Hot Takes" with CISOs & CyberSecurity Leaders - Caleb Sima - New series by Cloud Security Podcast’s Ashish Rajan in which he interviews CISOs while eating spicy food.

_{*Sponsored content and/or affiliate link.}

🧪 Labs

Positioning is so important