💰 Security, Funded #115 - Funds, Fights, and Dry IPO Nights

Hey there,

Happy Monday, and I hope you had a great weekend. In this week’s issue, we’ve got:

• 🙋‍♀️ People over Tools

• 🏔️ Cyber M&A hits a new milestone

• 🌐 Global tensions will affect the cyber industry

• 💰️ 16 companies secured $221.2M, 3 companies acquired

As we head into the final quarter of the year, the cybersecurity landscape is a hotbed of activity.

Investors are in a rush to deploy their remaining funds, which could contribute to a significant uptick in deal flow. Yet, while money may change hands at a brisk pace, the IPO market remains conspicuously dry. Geopolitical tensions with the turmoil in Israel and Gaza loom large as a wildcard factor that will undoubtedly send ripples through the cybersecurity, physical security, and national defense sectors globally from an investment standpoint.

With the clock ticking down to 2024, let’s try to navigate these complex and ever-changing waters.

Onward to this week's issue.

Last week’s poll:

Vibe Check - CISOs
If you had to choose, which would you rather have for your cybersecurity program? Why?

Probably not surprising, but most people said they wanted “more people and fewer tools” as opposed to the opposite. People replied with things like, “the right people can create & maintain their own tools that do what is needed” and “there is a shortage of people and there isn't a shortage of tools”.

Even still, 11 people said they would rather have “more tools and fewer people.” I see this as coming down to a matter of perspective and your own experience. Can you hire top talent that can build their own tools? Is it easier organizationally to buy more tools than it is to hire more people (almost always, the answer is yes)? There have been times in my career when I would have picked both of these, but timing and the size/temperature of the org can make a big difference.

_{If you want to add commentary to your poll answer, leave an answer when you cast your vote or email me at [email protected].} 

📅 YTD Funding

A rolling 12-week chart to compare funding and acquisitions each week between 2022 and 2023.

Last year during this week, there were two mega deals, NetSPI raised $410.0M and Arctic Wolf raised $400.0M, which significantly skewed the data. In theory, both of those companies should have been going IPO instead of raising large debt rounds, but such was the lifeline of late 2022.

A lower-than-normal week for acquisitions, but deals from last week pushed over 200 cyber M&A events in 2023 so far. With only 11 weeks left in the year (😱), 2023 still has the potential to push past the 265 acquisitions from 2022.

💰 Funding Summary

• 16 companies raised $221.2M across 14 unique product categories

• 3 companies were acquired or had a merger event for $169.2M across 3 unique product categories

🧩 Funding By Product Category

• $80.0M for Physical Security across 1 deal

• $51.0M for Cybersecurity Program Management across 1 deal

• $26.4M for Endpoint Detection and Response (EDR) across 1 deal

• $15.8M for Security and Compliance Automation across 2 deals

• $14.5M for Data Protection across 1 deal

• $13.7M for Anti-Bot across 1 deal

• $10.0M for Artificial Intelligence (AI) Security across 1 deal

• $4.6M for Trust & Safety across 1 deal

• $2.9M for Artificial Intelligence (AI) Privacy Assurance across 1 deal

• $1.5M for Continuous Compliance across 1 deal

• $700.0K for IT Asset Management (ITAM) across 1 deal

• $100.0K for Anti-Phishing across 1 deal

• An undisclosed amount for Professional Services across 1 deal

• An undisclosed amount for Managed Security Services Provider (MSSP) across 2 deals

🏢 Funding By Company

• Verkada, a United States-based cloud-based building video and security access management platform, raised a $80.0M Venture Round. (more)

• Gutsy, an Israel-based cybersecurity program management platform using process and workflow visualizations to apply security governance, raised a $51.0M Seed from YL Ventures and Mayfield Fund. (more)

• HarfangLab, a France-based endpoint detection and response (EDR) platform, raised a $26.4M Series A from Crédit Mutuel Innovation, MassMutual Ventures, and Elaia. (more)

• Turnkey, a United States-based API platform for managing private keys in smart contract and cryptocurrency deployments, raised a $14.5M Venture Round. (more)

• Darwinium, a United States-based bot-detection and abuse prevention platform, raised a $13.7M Venture Round. (more)

• Conveyor, a United States-based security questionnaire automation platform, raised a $12.5M Series A from Cervin Ventures. (more)

• Lakera AI, a Switzerland-based platform for protecting large language models (LLMs) from prompt injection attacks, raised a $10.0M Seed from Redalpine. (more)

• Cyacomb, a United Kingdom-based trust and safety platform for finding and removing harmful online content, raised a $4.6M Venture Round from the Scottish National Investment Bank. (more)

• Aclid, a United States-based security, compliance, and identity verification platform for the biotechnology industry, raised a $3.3M Seed from 2048 Ventures and IA Ventures. (more)

• Deasie, a United States-based platform for scanning data used in corporate large language models (LLMs) for sensitive data, raised a $2.9M Seed from Redalpine. (more)

• AuditCue, an India-based continuous compliance and audit management platform, raised a $1.5M Seed from Kalaari Capital. (more)

• Apexa iQ, a United States-based IT asset discoverability and management platform, raised a $700.0K Seed round. (more)

• Keystrike, a United States-based anti-phishing platform, raised a $100.0K Seed round. (more)

• Assured Data Protection, a United States-based managed security services provider (MSSP), raised an undisclosed Private Equity Round from Soho Square. (more)

• Cyberknight, a United States-based professional services firm focused on AI/ML and cybersecurity consulting, raised an undisclosed Pre-Seed round.

• GuidePoint Security, a United States-based managed security services provider (MSSP), raised an undisclosed Private Equity Round from Audax Private Equity. (more)

🌎 Funding By Country

• $127.8M for United States across 11 deals

• $51.0M for Israel across 1 deal

• $26.4M for France across 1 deal

• $10.0M for Switzerland across 1 deal

• $4.6M for United Kingdom across 1 deal

• $1.5M for India across 1 deal

🤝 Mergers & Acquisitions

• Versent, an Australia-based professional services firm focused on identity and access management consulting, was acquired by Telstra for $169.2M. (more)

• Cassini Limited, a New Zealand-based cyber threat intelligence platform, was acquired by Bastion Security Group for an undisclosed amount. (more)

• Revelstoke, a United States-based low-code security orchestration and automated response (SOAR) platform, was acquired by Arctic Wolf for an undisclosed amount. (more)

📚 Great Reads

• Securing ChatGPT and GitHub Copilot - Part 3 of a multi-part series on using LLMs securely within your organization. This post helps you secure two of the most popular LLM-based tools used to boost productivity in the workplace.

• *Guarding the Guardians - Recent attacks on Okta exposed critical vulnerabilities in IAM systems. Ensure IAM resilience with a comprehensive approach that includes preventive measures, infrastructure hardening, and post-breach recovery capabilities.

• Security Newsletters: If you build it, they probably won't come - Zack Allen shares a bit of context on his journey of creating his newsletter, Detection Engineering Weekly (meta, I know).

• Hacking Full Time - Discover the journey of a cybersecurity expert turned bug bounty hunter and content creator. Uncover the secrets to self-employment and financial planning. Here Nahamsec shares how he transitioned to a career he loves.

_{*Sponsored content and/or affiliate link.}

🧪 Labs

This book IS my asset management, and I print it every day 😛