💰 Security, Funded #81 - Twitter 2FA Toss Up, Funding Strikes Back, and a Cyber Love Letter from ChatGPT

Hey there,

I hope you had a great weekend!

In this week's issue:

• Twitter 2FA Toss Up

• Funding Strikes Back

• A Cyber Love Letter From ChatGPT

The consumer price index (CPI) in January fell for the seventh consecutive month to 6.4%, Twitter is now only allowing SMS 2FA for paid subscribers using Twitter Blue in an apparent anti-fraud and cost-saving move, Meta (Facebook) announced it will now offer paid verification services just like Twitter, a human used AI to beat another AI at the game Go, some economists believe there will be "no landing" for the economy (as opposed to a "soft landing" where inflation and interest rates slow down without a recession), more pure player and hybrid cybersecurity companies announced their Q4 2022 earnings, and Reddit got breached.

Another big week for public cybersecurity companies announcing their Q4 2022 earnings reports.

Earnings Summary

Another big week for public cybersecurity companies announcing their Q4 2022 earnings reports.

• Check Point (CHKP) - Pure Player - beat earnings expectations, and billings increased 8% year over year (YoY) on the backs of SD-WAN and Secure Access Service Edge (SASE) offerings. Check Point's CEO also mentioned they would be pivoting to focus more on managed services with Managed Detection and Response (MDR). They might also be looking to make another acquisition.

• ZScaler (ZS) - Pure Player - saw great growth in further penetrating the European market, citing that 30 of the top 40 businesses in Europe and the UK are ZScaler customers. The CEO of ZScaler also mentioned that “Europe is actually more worried about cyber than the US because they are sitting right next door to Russia.” They also took the chance to clap back at Cloudflare (NET) from their earnings call, saying they’re “not even worried about [them].” 🍿

• Akamai (AKAM) - Hybrid - beat their estimates from growth in taking more cloud computing market share and their growing security business. Akamai plans to focus more on high-growth cybersecurity products, hire more people to support their cloud security efforts, and be on the lookout for another security acquisition this year.

Among these players were cost savings and product consolidations demands from customers. Leaning into these demands helped these companies make further inroads into large companies and increase revenue from existing customers. This is a trend that will likely continue into 2024.

This is a great evolution of our industry as vendors are now coming to the table to solve broader financial problems instead of just selling you their software. The solutions need to be evidenced-based AND be a good fiscal decision.

And isn't that what it's supposed to be about? Solving business problems, together?

In other news, my wife used ChatGPT to win the Valentine's Day card game and it is nothing short of incredible. I was equal parts impressed and jealous that I didn't think of it first 🤖 🖤

Onward to this week's issue.

🗣Sponsor

Do you need a SOC 2 ASAP?Get a SOC 2 in 2 weeks, only with Vanta.Vanta, the leading Trust Management Platform, has a one-of-its-kind program where we'll work closely with you to get your SOC 2 in JUST TWO WEEKS. Close more deals, hit your revenue targets, and start laying a foundation of security best practices. Due to the white glove support offered, spots are limited. Complete the form to learn more and see if you qualify.Get Started.

🛞 Industry News Roundup

• "Florida Man" (and South Dakota) Rejects Federal Funding to Fix Cybersecurity Issues (more)

• Twitter Drops SMS 2FA for non-Twitter Blue Users (more)

• SignalFire raised over $900.0M for early-stage cybersecurity, fintech, and health care/medtech companies (more)

📅 YTD Funding 🆕

In this section, I'll be showing a running total and evolving series of charts for the year-to-date (YTD) funding and by the week or month of the year.

Funding is coming out swinging this week! 😳

The prevailing sentiment about macroeconomic conditions is that "things might not be as bad as we thought." Additional Fed remarks and index reports are still coming out this week, along with continued earning reports, so this could change.

A few more weeks of data will uncover if this is a tide change with all that "dry powder" being used, or if it's just a ghost in the machine.

💰 Weekly Funding Summary

• 8 companies raised $775.5M across 8 unique product categories

• 6 companies were acquired or had a merger event across 5 unique product categories

🧩 Funding By Product Category

• $500.0M for Quantum Security

• $180.0M for Managed Detection and Response (MDR)

• $53.0M for Identity and Access Management (IAM)

• $20.0M for Application Security

• $7.0M for Blockchain Security

• $6.5M for Secure Remote Access

• $6.0M for Fraud and Financial Crime Protection

• $3.0M for Data Security Posture Management (DSPM)

🏢 Funding By Company

• SandboxAQ, a United States-based post-quantum cryptography (PQC) security platform, raised a $500.0M Venture Round from Breyer Capital, T. Rowe Price, and Time Ventures. (more)

• Deepwatch, a United States-based managed detection and response (MDR) platform, raised a $180.0M Venture Round from Vista Credit Partners, Springcoast Capital Partners, and Splunk Ventures. (more)

• Descope, a United States-based authentication and user management platform, raised a $53.0M Seed from GGV Capital. (more)

• Oligo Security, an Israel-based runtime application security platform for open-source libraries, raised a $20.0M Series A from Lightspeed Venture Partners. (more)

• Ironblocks, an Israel-based blockchain security platform, raised a $7.0M Seed from Collider Venturesand Disruptive AI. (more)

• Procyon.ai, a United States-based secure remote access platform, raised a $6.5M Seed from Lobby Capital, GTM Capital, and First Rays Venture Partners. (more)

• Stelo Labs, a United States, United States-based anti-fraud and phishing platform for Web3 wallet transactions, raised a $6.0M Seed from Andreessen Horowitz. (more)

• CommandK, a United States, United States-based application security platform focused on sensitive data risks and secrets sprawl in code, raised a $3.0M Seed from Lightspeed Venture Partners. (more)

🌎 Funding By Country

• $748.5M for United States 🇺🇸

• $27.0M for Israel 🇮🇱

🤝 Mergers & Acquisitions

• Canonic Security, an Israel-based SaaS application governance and enforcement platform, was acquired by Zscaler for an undisclosed amount. (more)

• Ilantus Technologies, a suite of identity and access management (IAM) products, was acquired by Network Intelligence for an undisclosed amount. (more)

• Morphus, a Brazil-based professional services firm focused on cybersecurity consulting, was acquired by Accenture for an undisclosed amount. (more)

• Netcom Systems Inc, a United States-based managed security services provider (MSSP), was acquired by Coretelligent for an undisclosed amount. (more)

• ProvenDB, an Australia-based secure document repository using distributed ledger technology (DLT), was acquired by OneSpan for an undisclosed amount. (more)

• XECH, an Italy-based professional services company focused on cybersecurity consulting, was acquired by Nethive for an undisclosed amount.

📚 Great Reads

• Podcast: More than Just a CISO - I got the chance to sit down with my friend Joseph from Aspiron Search and talk about my career journey to being a CISO on his new podcast called CyberBytes. In this new podcast, Joseph will interview various security leaders about their own career journeys and share their trials and lessons learned.

• Dragos ICS/OT Cybersecurity Year in Review Report (PDF) - Industrial cybersecurity company Dragos on Tuesday published its ICS/OT Cybersecurity Year in Review report for 2022, sharing details on state-sponsored attacks and malware, as well as ransomware and vulnerabilities.

• Auditors vs. Attackers - Which one is your security program focusing on?

🐝 Cross Pollinate

Discover something 🆕 this week.

I knew very little about the Detection Engineering sub-field in cybersecurity before reading this newsletter other than it having a sick name 🤘. It's been a great orientation to the field for the uninitiated like me and there is a lot of depth for the experienced security researchers as well.

Detection Engineering Weekly - The latest news and how-tos in detection engineering from Zack Allen who runs security detection and research at DataDog.

🗣Sponsor

CareerSec: Securing Your Advancement in the Cyber WorkforceUnlock your potential in your cybersecurity career with the CareerSec video course. Build essential skills and accelerate your cybersecurity career growth today.Learn more.

🧪 Labs

InfoSec Twitter to the rescue

🤔 Have questions, comments, or feedback? I'd love to hear from you!

🤝 Interesting in a sponsor partnership with Security, Funded? Learn more here.

🐝 If you run a newsletter, I can't recommend Beehiiv enough.