A pair of recent $100 million funding rounds show that venture capital is still flowing into cybersecurity startups despite economic headwinds and rising interest rates.
Versa Networks announced a funding round for $120 million last week, while Apiiro followed this week with a $100 million funding round. The two are addressing major issues like sprawling cloud and software supply chain risks, showing that good companies addressing real needs are having little trouble finding investors.
Versa’s SASE Story
Versa’s investors included BlackRock and Silicon Valley Bank. The company plans to use the capital to boost R&D and expand go-to-market efforts.
Versa Networks is a top operator in the fast-growing Secure Access Service Edge (SASE) market.
“Versa has developed a differentiated platform that combines AI/ML-powered SSE and SD-WAN solutions that helps customers reduce cybersecurity risk, and provides better TCO and increased revenue,” said Versa CEO Kelly Ahuja. “Our single-vendor SASE platform delivers organically developed best-of-breed functions that tightly integrate and deliver services via the cloud, on-premises, or as a blended combination of both managed through a single pane of glass.”
The single-vendor strategy has been a winner. Customers certainly want more simplicity. Keep in mind that the typical CISO manages about 75 security tools and applications.
See the Top Secure Access Service Edge (SASE) Providers
Growth of SASE
Gartner forecasts that the SASE market will hit $14.7 billion by 2025. This represents a CAGR (compound annual growth rate) of 36%. Gartner predicts that at least 60% of enterprises will have meaningful strategies for SASE adoption.
To better capitalize on that opportunity, Versa Networks is focused on an IPO. “Being a public company provides a good option for the company and employees,” said Ahuja.
The timing of an offering is not certain because of the harsh market environment. But strong cybersecurity deals could be what Wall Street needs to get back on track. And one of the attractive corners of the market is SASE.
Part of the reason SASE is a large opportunity is that it is not about one product. “It is the promise of converging security and networking, with improved scalability and security,” said Samantha Madrid, GVP of Security Strategy, Juniper Networks. “SASE is a network architecture that combines SD-WAN with cloud-native security functions such as secure web gateways, cloud access security brokers, firewalls and zero-trust network access, while supporting the dynamic secure access needs of organizations. To put it simply, a SASE architecture requires security by design, which previous SD-WAN solutions have not included.”
A key benefit of the consolidation of technologies is the improved orchestration for IT and security teams. With the prevalence of hybrid work environments, this can be incredibly important to managing security.
“Users, applications and security are no longer confined to the four walls of an office building and, therefore, no longer fenced in by a corporate network,” said Naveen Palavalli, Vice President of Product GTM Strategy, Netskope. “Security measures can’t depend on conventional hardware appliances at the network edge. Enter SASE.”
Some other benefits are:
- Global Reach: Users have access to systems and apps anywhere, bolstered with flexible network connectivity. ClosePoint-of-Presence (PoPs) and Content Delivery Networks (CDNs) help to reduce latency. “Higher performance and faster business cycles are also achieved by eliminating solutions like VPNs,” said Almog Apirion, CEO & Co-Founder, Cyolo.
- Lower Costs: There will likely be fewer vendors. An organization also should benefit from reducing or eliminating hardware costs. This means moving towards a more predictable operating expense model.
- Zero Trust Network Access: There is no access to an application or data until a user has been verified. This involves setting up a policy, which includes identity, location, time of day and so on. “The concept of zero trust relies on the premise that organizations should not trust anything inside or outside its perimeters and must verify everything trying to connect to its system in order to grant access,” said Anand Ramanathan, CPO, Skyhigh Security. A 2021 Ponemon Cost of a Data Breach Report highlights that a zero trust strategy reduces the average cost of a data breach by $1.76 million.
Also read: Best Zero Trust Security Solutions
Making the Transition to SASE
SASE does have its downsides. As with any new technology, it can be difficult for large enterprises to scale it. The transition from a shared network service can certainly be tough. “Even the vendors hosting these services must manage how they scale, and many struggle due to limitations of the public cloud or their own internal tooling that limits agile expansion,” said Apirion.
Another problem with adopting SASE – which is common for many new technologies – is the “lift-and-shift” approach.
“This often means not capitalizing on the main benefits of moving to the cloud and implementing a SASE framework, such as elasticity, agility, and a better total cost of ownership,” said Palavalli. “Before companies make the shift, they should make a plan for day-to-day operations, cloud policies, management tools, and conduct an audit of current applications to reprioritize or modernize where necessary.”
Regardless, many companies are moving towards SASE. They see it as highly strategic.
“Old approaches can’t keep up,” said Jim Fulton, Vice President, Forcepoint. “With budgetary pressures and an increasing skills gap in IT security, organizations are moving to SASE to simplify their complex array of networking and security products.”
Apiiro Takes Aim at Supply Chain Risks
Apiiro’s funding round announced this week also involves the cloud: Cloud-native application security. The round was led by General Catalyst with participation by legendary Silicon Valley VC firms Greylock and Kleiner Perkins.
The company sees its mission as enabling “developers and application security engineers to proactively fix risks before releasing to the cloud, with all the context they need in a single solution.”
Software dependency and supply chain risks are some of the most difficult organizations face, as applications can contain unknown vulnerabilities from open source and other components.
Apiiro claims to offer “a completely new approach to application security in the cloud by providing complete visibility into code bases, assessing risks from design to code to cloud and proactively fixing actual risks that attackers can exploit before releasing to the cloud. This enables Fortune 500 companies to reduce operational costs and risks at scale with seamless deployment by connecting to their source control managers via API.”
Apiiro says its Risk Graph technology “connects these infinite factors with actionable context to offer a completely new way for developers and security teams to fix risks.