Return on Security
Posts
💰 Security, Funded #124 - 🌟 2024's Cyber Start: Big Bucks & Bigger Buys!

💰 Security, Funded #124 - 🌟 2024's Cyber Start: Big Bucks & Bigger Buys!

A deep dive on cybersecurity funding and industry news from the final three weeks of December 2023.

Mike Privette
January 02, 2024 • Reading Time: 13 minutes

Hey there,

Happy New Year, Happy Tuesday, and welcome to 2024! In the first issue of the new year, we’ve got:

🚀 Late-Year Funding Frenzy
👀 A December to Remember
😴 Holiday Vibes: Sleep and Family Time Top
1️⃣ *DJ Khaled Voice* Okta & Cisco Say “Another One”

I hope you had a great holiday break and got some time to do the kind of things you wanted to do or had been meaning to do. In short, I hope that you had a December to Remember.

A bit of housekeeping - the first issue of a new year is always a bit different and a bit longer. Instead of just covering the activities from the previous week, I’ll cover the final three weeks of December, a time that has more activity than you might think with last-minute deals becoming finalized.

You may also start to notice some newsletter changes over the next few weeks based on the feedback I’ve gotten from the 2023 year-end survey (which is still open here). I’m always trying to make this newsletter better in every way I can, so your feedback is really important!

Onward to this week's issue.

Submit a deal for the newsletter here: [email protected].

This week’s issue is running ad-free. Like this better?
Check out the Pro Membership

_{Learn more about sponsoring}

What is going to be the biggest cyber industry bust (non-event) of 2024?

Last issue’s vibe check:
How are you going to spend your time the rest of the year?

🟩🟩🟩🟩🟩🟩 😴 Sleeping whenever possible (20)
🟨🟨🟨🟨⬜️⬜️ 🍻 Hanging out with friends and family (15)
🟨🟨⬜️⬜️⬜️⬜️ 💻 Grinding CTFs and hacking challenges (8)
🟨🟨⬜️⬜️⬜️⬜️ 😬 Holding my breath while on-call (7)

By and large, people really wanted to catch up on sleep and hang out with friends and family this past holiday season, which is no surprise. The amount of people doing CTFs and hacking challenges was also good, as that was a great time of year to brush up on those skills.

If you missed doing those challenges, here’s a GitHub repo you might like

GitHub - mikeprivette/awesome-sec-challenges: A curated list of Awesome Security Challenges.

github.com/mikeprivette/awesome-sec-challenges

🔮 Earnings Reports

A section for notable earnings reports from public cybersecurity companies, be they “pure play” or hybrid companies.

None to report on. 🫡

📸 YoY Snapshot

A rolling 12-week chart to compare funding and acquisitions each week in a year-over-year (YoY) view between 2022 and 2023. This week is looking at the last three weeks of December 2023 vs. the last three weeks of December 2022.

A big ramp-up of transactions these last few weeks of December, just like we saw in 2022, but then a very quiet final week. Some of this will undoubtedly be due to reporting timing, but all of that will shake out over the coming weeks. Look for me to do a deeper dive by the numbers in a future blog post to see how it all shook out.

Okta and Cisco finished the year strong with more acquisitions (details below). At the time of writing this issue, 2023 was only 6 acquisitions short of 2022 activity. This may shift in the coming weeks as more deals get documented.

💰 Funding Summary

23 companies raised $230.9M across 19 unique product categories
5 companies were acquired or had a merger event for $100.0M across 4 unique product categories

🧩 Funding By Product Category

$49.0M for Cybersecurity Education & Training across 2 deals
$40.0M for Endpoint Detection and Response (EDR) across 1 deal
$29.0M for Distributed Denial of Service (DDoS) Protection across 1 deal
$27.0M for Internet of Things (IoT) Security across 1 deal
$25.5M for Identity Verification across 1 deal
$9.1M for Physical Security across 1 deal
$8.5M for Security and Compliance Automation across 1 deal
$6.3M for Data Protection across 1 deal
$6.0M for Operational Technology (OT) Security across 1 deal
$6.0M for Software Supply Chain Security across 3 deals
$5.0M for Security Analytics across 1 deal
$5.0M for Data Access Governance across 1 deal
$3.5M for Threat and Risk Prioritization across 1 deal
$3.2M for Secure Remote Access across 1 deal
$3.0M for Network Traffic Analysis (NTA) across 1 deal
$2.8M for Brand Protection across 1 deal
$2.1M for Professional Services across 2 deals
An undisclosed amount for Third-Party Risk Management across 1 deal
An undisclosed amount for Machine Learning (ML) Security across 1 deal

🏢 Funding By Company

SimSpace, a United States-based hands-on cybersecurity training platform for government and military operations, raised $45.0M in Non-Equity Assistance from L2 Point. (more)
Halcyon, a United States-based endpoint detection and response (EDR) triage and automation platform, raised a $40.0M Series B from Bain Capital Ventures. (more)
Link11, a Germany-based distributed denial of service (DDoS) protection platform, raised a $29.0M Venture Round from Pride Capital Partners. (more)
Phosphorus Cybersecurity, a United States-based Internet of Things (IoT) security platform, raised a $27.0M Series A from Evolution Equity Partners. (more)
Yoti, a United States-based identity verification platform, raised $25.5M in Debt Financing from HSBC. (more)
Base Operations, a United States-based physical security threat intelligence platform, raised a $9.1M Series A from Grotech Ventures and Spero Ventures. (more)
Strike Graph, a United States-based security and compliance automation platform, raised a $8.5M Venture Round from BAMCAP. (more)
DAtAnchor, a United States-based file data protection platform, raised a $6.3M Venture Round. (more)
Salvador Technologies, an Israel-based operational technology (OT) security platform focused on resiliency and recovery, raised a $6.0M Venture Round from PICO Venture Partners. (more)
Datalogz, a United States-based data access governance and data intelligence platform, raised a $5.0M Series A from GreatPoint Ventures. (more)
Turngate, a United States-based security analytics and data visualization platform, raised a $5.0M Seed from Paladin Capital Group. (more)
Vigilant Ops, a United States-based software supply chain security platform, raised a $4.9M Seed. (more)
ACI Learning, a United States-based cybersecurity education and training platform, raised a $4.0M Venture Round. (more)
Arcanna.ai, a United States-based AI-supported threat and risk prioritization platform, raised a $3.5M Seed from Lytical Ventures. (more)
Bowtie, a United States-based secure remote access platform, raised a $3.2M Seed.
ElastiFlow, a United States-based network traffic analysis platform, raised a $3.0M Seed from Venture Guides. (more)
BRANDEFENSE, a United States-based brand threat intelligence and protection platform, raised a $2.8M Seed from Sabancı Ventures. (more)
Nexagate, a Malaysia-based professional services firm focused on risk, compliance, and offensive security consulting, raised a $1.5M Venture Round from VentureTECH. (more)
Cybeats Technologies, a Canada-based software bill of materials (SBOM) security platform, raised $1.1M in post-IPO debt. (more)
CyberPeace Institute, a Switzerland-based non-government organization (NGO) supporting cyber threat intelligence and response, raised a $540.0K Grant from the Patrick J. McGovern Foundation.
Calypso AI, a United States-based platform for protecting against adversarial machine learning (ML) attacks, raised an undisclosed Venture Round from Hakluyt Capital. (more)
Exiger, a United States-based third-party and supply chain risk management platform, raised an undisclosed Venture Round from Insight Partners and The Carlyle Group. (more)
Interos, a United States-based risk management and supply chain monitoring platform, raised an undisclosed Venture Round from Hakluyt Capital. (more)

This week’s issue is running ad-free. Like this better?
Check out the Pro Membership

_{Learn more about sponsoring}

🌎 Funding By Country

$192.7M for the United States across 18 deals
$29.0M for Germany across 1 deal
$6.0M for Israel across 1 deal
$1.5M for Malaysia across 1 deal
$1.1M for Canada across 1 deal
$540.0K for Switzerland across 1 deal

🤝 Mergers & Acquisitions

Spera, an Israel-based identity posture and risk management platform, was acquired by Okta for $100.0M. (more)
Atom Security, an Israel-based runtime software bill of materials (SBOM) platform, was acquired by Mend for an undisclosed amount. (more)
Consigas, an Ireland-based professional services firm focused on security auditing and training, was acquired by Exclusive Networks for an undisclosed amount. (more)
Grabowsky, a Netherlands-based professional services firm focused on workforce and customer identity and access management (IAM), was acquired by Xalient for an undisclosed amount. (more)
Isovalent, a United States-based network security and observability platform for Kubernetes deployments, was acquired by Cisco for an undisclosed amount. (more)

📚 Great Reads

Gen AI can Supercharge Your AppSec Program - This post tries to answer the question every AppSec team is probably asking: Can we use Gen AI to improve our program?
2023 Funding and Acquisition Summary - I did a year-end recap and readout of some 2023 cybersecurity funding and acquisition trends on the Enterprise Security Weekly podcast with the data from Return on Security.
Is It Raining Risk? What Data Says about Cyber Risk in the Cloud - a talk about a risk-management view on cyber risks around the cloud and data security from the FAIR Institute.

_{*Sponsored content and/or affiliate link.}

🧪 Labs

Companies don’t stand a chance against this level of threat 😳

The attackers were very sophisticated. They were drinking expensive wine and listening to classical music while they exfiltrated the data.
— Accidental CISO (@AccidentalCISO)
Jan 2, 2024

Submit a deal for the newsletter here: [email protected].

How was this week's newsletter?

Join the conversation

or to participate.