NetSPI, a top penetration testing and vulnerability management company, recently announced a $410 million funding round, a huge amount in a year in which $100+ million rounds have become a rarity. The investor was KKR, one of the world’s largest alternative asset firms.
KKR previously invested $90 million in NetSPI in May 2021, so NetSPI has demonstrated considerable traction since then.
That the funding round occurred in a difficult environment makes it all the more impressive. According to data from Crunchbase, the total amount of investments in cybersecurity startups came to $2.6 billion in the third quarter. This was the lowest since the same period in 2020.
The number of deals for this year’s Q3 was only 124. This is a level not seen since 2014.
See the Top Cybersecurity Startups
Filling the Cybersecurity Talent Gap
Of course, the drop-off has been widespread across the tech sector. With a bear market, high inflation, rising interest rates, and concerns of a recession, investors are certainly getting more conservative – and generally focusing on top-notch deals.
As for NetSPI, it fits into this sweet spot. Founded over 20 years ago, the company’s vision is “technology powered, human delivered.” This involves sophisticated penetration testing for some of the world’s largest financial institutions, cloud operators, and healthcare organizations.
For the past five years, revenues have spiked by 5X. Organic growth was 50% in 2021 and 61% thus far in 2022.
“We combine human ingenuity from our 400 global offensive security professionals with our innovative technology platforms – a unique combination that ensures quality, consistency, transparency, accountability, and efficiency across all NetSPI assessments,” said Aaron Shilts, CEO, NetSPI.
A key focus is on hiring top talent in ethical hacking and adversary simulation and leveraging NetSPI’s three technology platforms, which include Resolve, ASM, and AttackSim.
“Additionally, the scarcity of talent is still one of the biggest issues in the cybersecurity industry,” said Shilts. “Investors are aware of this and have become acutely focused on acquiring organizations with a concentration on hiring the best talent globally and who offer programs to fill the talent gap.”
NetSPI plans to use the capital for investing in R&D, hiring, and global expansion. Part of the money will also be to recapitalize the equity investment of an early investor, Sunstone Partners.
Besides the NetSPI funding, there have been some other interesting recent deals. Here’s a look.
Cyolo
Last week, Cyolo announced an investment from IBM Ventures. The amount was not disclosed. But in June, Cyolo raised $60 million in a Series B round and IBM Ventures was one of the investors.
Cyolo develops technologies to help fend off cybersecurity threats due to remote workforces. The platform is based on a zero trust access solution. This integrates across the cloud, on-premises and hybrid environments.
Before co-founding Cyolo, Almog Apirion was a CISO for 15 years. “I kept looking for a solution that would support zero trust based on identity, but I was unable to find it,” he said. “With my co-founders, we formed a team to build the tool I always wanted while I was a CISO. What sets Cyolo apart is that we are security realists and understand the day-to-day reality of cybersecurity.”
The backing of IBM Ventures is a major validator. IBM has partnered with Cyolo to provide technical resources for cybersecurity. There will also be a collaboration for go-to-market campaigns.
“For Cyolo, we are seeing tremendous growth in providing modern security to the legacy, thick-client, or homegrown applications that many businesses rely on,” said Apirion. “These applications are a large security gap that CISOs normally must accept.”
Cyolo also made our list of the top zero trust security solutions.
Arctic Wolf
In mid-July, Arctic Wolf announced a $150 million Series F round of venture funding. The valuation was set at $4.3 billion and investors included Viking Global Investors and Owl Rock.
Arctic Wolf is a top player in the security operations market. The company’s technology platform provides a range of capabilities such as Managed Detection and Response (MDR), Managed Risk, Managed Cloud Monitoring, and Managed Security Awareness. It’s also bolstered with the Concierge Security Team.
Growth has been robust for the company. For the past 12 months, annual recurring revenue (ARR) has doubled. This has been the case for seven years.
To help fuel the growth, Arctic Wolf pulled off another funding in early October. It was a $401 million convertible note offering.
Vanta
When Christina Cacioppo was 11 years old, she started her first business: She sold Beanie Babies on eBay. This would only last a few years, but she learned some valuable lessons about being an entrepreneur.
When Cacioppo became an adult, she started several startups in Silicon Valley. But unfortunately, none of them got critical mass.
So she joined Dropbox and helped to create the Paper product. While there, she got the inspiration for the startup that would take off like a rocket. She learned about the importance of security and compliance.
In 2016, she left Dropbox to launch Vanta. The mission was to automate the onerous security process for businesses, such as with SOC 2, HIPAA, and ISO 27001. It was not easy and she bootstrapped the venture – until Vanta reached $10 million in annual recurring revenue (ARR).
In June 2022, the company announced a $110 million Series B funding at a valuation of $1.6 billion. The investors included Craft Ventures, Sequoia, and Y Combinator. Then in October, there was a $40 million extension to the Series B round.
According to a blog post from Cacioppo: “It’s easy to raise money in a hot market. But slowdowns have a way of refocusing attention on strong business fundamentals. That’s great news for Vanta. The metrics that investors are scrutinizing now — burn rate, capital efficiency, gross margins — are ones we’ve always excelled at.”
Also read:
