CyberWarfare / ExoWarfare

Recent Investments in Cyber Security Firms

Cybersecurity Market worth over $400 Bn by 2027

IBM to Acquire Randori for Attack Surface Management Tech

Technology giant IBM has announced plans to acquire early-stage attack surface management startup Randori in a deal that signals a major expansion of Big Blue’s cybersecurity ambitions.

Randori, a Boston area startup with a well-established reputation in the lucrative ASM (attack surface management) category, sells technology to help defenders conduct simulated hacking attacks on a continuous basis.

Now, IBM said it plans to fit that technology into its own products and add Randori’s automation and skills to its IBM X-Force offensive cybersecurity team.

Financial terms of the Randori transaction were not disclosed.  Randori raised approximately $30 million in venture capital funding since launching four years ago, including a recent $20 million Series A round led by Harmony Partners.



IBM Security to Acquire ReaQta for xDR Push

IBM Security on Tuesday announced plans to acquire ReaQta, an early-stage European startup in the red-hot autonomous threat detection and response business.

Financial terms of the transaction were not released. ReaQta, based in the Netherlands, raised an undisclosed Series A funding round earlier this year.

IBM Security, based in Armonk, New York, said the acquisition expands its push in the extended detection and response (XDR) market. The deal is expected to close later this year.



Threat Awareness Firm HackNotice Raises $7 Million

Threat awareness startup HackNotice has raised $7 million in a Series A funding round led by Strategic Cyber Ventures and Lytical Ventures. The funding will primarily be used to build the team around an already mature product.

The flagship product upends the usual notion of threat awareness. Its primary purpose is not to deliver security awareness training to staff, but to deliver notification of a specific threat affecting individual users in – effectively – realtime. The purpose is to involve users in their own cyber defense.

The HackNotice product was released at the end of 2020 in the middle of the COVID pandemic. “From the beginning,” CEO and co-founder Steve Thomas told SecurityWeek, “we had the view that hackers hack through people. We need to make every employee aware of how they’re being targeted while they’re being threatened, and then help them protect themselves.”

Thomas has always believed that traditional security training simply doesn’t work, and concluded the primary problem was a failure to deliver motivation to the user. The HackNotice belief is that motivation comes from involvement.

The company scrapes the dark net for every bit of information it can gather. This is standard practice from threat intelligence firms. Where HackNotice differs, explained Thomas, is, “We have a platform that distributes that knowledge to every employee, but limited to only what is relevant to each employee.”

Every company using the service enrolls its employees. Those employees tell HackNotice which websites they tend to visit, both professionally and personally. Privacy is central to the solution – the employee can specify that ‘personal websites’ and ‘personal identities’ should not be made known to the employer. These are not disclosed to the company; but the employee has the benefit of increased protection at home as well as at work – and by extension, this includes added protection for the family.

This is where the uniqueness of the HackNotice service begins. “So, we start off with the security events and we say okay, if you use T Mobile, well T Mobile was just broken into. Here’s the type of information that was stolen from you. Here’s how hackers could use that against you.”

The platform enumerates the different threats that hackers would pose with the stolen information. “For example,” he continued, “if attackers steal your financial data, then they could attempt wire fraud; so, we give the user ways that they can protect themselves. We use every real security event as a learning experience – learning through doing and acting, showing the user how to respond to an actual and personal threat. Our primary goal in interacting with the employee is to get them to protect themselves.”

This increased protection spreads outwards to both the company and the family, and suggests HackNotice provides a much better security awareness ROI than just periodic or even continuous security awareness training sessions.

The platform and the service are ready to scale. All that is required for growth is an increased and enhanced team. This is the primary purpose for and use of the new funding.



Network Security Firm Perimeter 81 Closes $100 Million Funding Round

Series C funding round brings company valuation to $1 billion 

Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA) solutions provider Perimeter 81 has closed a $100 million Series C funding round led by B Capital.

This latest funding round values the company at $1 billion and brings the total amount raised by the company to $165 million.

The additional cash will be used to fuel its growth in the network security market and support its sales, marketing, and R&D efforts.

Perimeter 81’s platform helps businesses to secure remote access, network traffic, and endpoint devices with its cloud-delivered Zero Trust Network Access, Firewall as a Service, and Secure Web Gateway (SWG) offerings.

The company says it has more than 250 employees, nearly 2,400 customers, and has more than doubled its annual recurring revenue (ARR) year over year, with offices in Tel Aviv, New York City and Los Angeles.

“The rise of remote work, cloud adoption, fiber, and 5G has created a fundamental shift in the network security landscape, leading companies to replace their on-premises network and security appliances with a secure corporate network over the internet,” said Perimeter 81 Co-Founder and CEO, Amit Bareket. “B Capital and other investors embrace our vision to deliver holistic security that is purpose-built for a cloud-first, distributed workforce and share our belief that a secure corporate network over the internet transcends the traditional office environment and is the way of the future.”

Additional investors in the Series C include Insight Partners, Toba Capital, ION Crossover Ventures, Entrée Capital, and publicly-traded Spring Ventures.

Perimeter 81 previously raised $40 million in a Series B founding round that was announced in August 2020.



Security Awareness Firm CybSafe Bags $28 Million in Series B Funding

Security awareness provider CybSafe on Monday announced that it has raised $28 million in Series B funding, which brings the total raised by the company to $40 million.

The new investment round was led by Evolution Equity Partners, with participation from Emerald Development Managers, Hannover Digital Investments (HDI) (Investments), and IQ Capital.

Founded in 2017, the London-based CybSafe leverages behavioral science and data analytics to improve security controls and help organizations manage human cyber risk.

The company will use the new investment to accelerate product development and expand its team with the addition of behavioral scientists, cybersecurity specialists, data scientists, and software engineers. CybSafe also plans to expand into new geographies, such as the US.

“CybSafe’s disruptive approach tackles a complex problem with a simple solution. They design their products with the user in mind, ensuring they are tackling the cause rather than simply treating the symptoms of cyber risk. CybSafe goes far beyond traditional compliance driven approaches to security awareness, and instead focuses on delivering a genuine reduction in human cyber risk,” said Karthik Subramanian, partner at Evolution Equity Partners.



Cloud Data Security Startup Laminar Raises $30 Million

Public cloud data protection startup Laminar today announced that it has raised an additional $30 million in an extended Series A funding round.

Coming from Tiger Global Management and Salesforce Ventures, the new investment nearly doubles Laminar’s funding, after the company announced $37 million in seed and Series A funding in November 2021.

The Tel Aviv, Israel-based startup emerged from stealth in the fall of 2021 with a cloud data security platform that provides visibility into datasets, prioritizes risk based on data sensitivity and posture, and secures data by addressing weak controls and monitoring for access anomalies.

The platform was recently extended with support for Microsoft Azure, a full suite of data-centric security policies, and support for self-hosted embedded databases.

Laminar plans to use the new funds to accelerate product innovation and expand sales and marketing teams.

“Companies need a unified view of their sensitive data in the cloud and a solution that continuously monitors and alerts. This enables data security to drive a ‘Discover, Control & Verify’ approach with application development and data science teams, which allows them to safely move at the speed of the cloud. Laminar delivers on all of these elements, and these latest enhancements will only improve the customer experience,” said Yaniv Toledano, global CISO at fintech provider Pagaya.



Ordr Raises $40 Million to Secure Connected Devices

Connected device security firm Ordr today announced that it has raised $40 million in a Series C funding round. To date, the company has raised more than $90 million.

The new investment round was co-led by Battery Ventures and Ten Eleven Ventures, with participation from Northgate Capital, Kaiser Permanente Ventures, Mayo Clinic, Unusual Ventures, Wing Venture Capital, and several angel investors.

Founded in 2015, the Santa Clara, California-based company provides organizations with complete asset visibility and automated Zero Trust policies enforcement, thus helping them accelerate incident response.

Ordr’s platform supports every connected device, including IoT, IoMT, and OT, helping organizations secure their ever-expanding attack surface and mitigate risks associated with ransomware, data breaches, and other types of cyberattacks.

“Ordr has built a platform that not only solves an important market issue – the need to definitively understand and protect what is connecting to your organization’s network – but is truly scalable to keep pace with the speed of today’s businesses,” Dharmesh Thakker, general partner at Battery Ventures, said.

The new infusion of cash will help Ordr accelerate sales and marketing efforts, expand its channel and partnership programs, and accelerate investments in customer success.



Cybersecurity Training Firm Hoxhunt Raises $40 Million

Cybersecurity training firm Hoxhunt today announced that it has raised $40 million in Series B investment, which brings the total raised by the company to over $43 million.

The funding round was led by Level Equity Management, with participation from previous investor

Founded in 2016, Hoxhunt helps organizations mitigate the risk of cyberattacks with a people-first cybersecurity platform that adapts to the skill level of each employee, training them on how to recognize and respond to attacks.

The Helsinki, Finland-based Hoxhunt relies on machine learning to simulate individualized phishing messages, and offers gamified platform rewards to employees who report email threats, thus upskilling the entire organization.

Hoxhunt will use the new funds to accelerate growth in new markets, with a focus on North America.

Email is the biggest threat to enterprise security; that’s why human nature is the most important cybersecurity challenge to solve, instead of building incrementally better mousetraps at the technical perimeter,” Hoxhunt CEO Mika Aalto commented.



Enterprise Data Protection Company Seclore Raises $27 Million

Enterprise data protection company Seclore this week announced that it has received $27 million in Series C growth funding, which brings the total raised by the firm to $46 million.

The new investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security platform.

Founded in 2003, the Sunnyvale, California-based firm offers a platform that takes a data-centric approach to discovering, classifying, tracking, and securing data, both within and outside the enterprise environment.

Seclore’s automated Data-Centric Security Platform is browser-based and can help organizations with data protection, governance, and compliance.

“Data is in transit with third parties, public clouds, and personal devices. Enterprises cannot afford to ‘chase’ this data through its lifecycle. Seclore’s data-centric approach is geared toward relieving enterprises from protecting infrastructure to protecting what really matters — the data,” Vishal Gupta, CEO of Seclore, said.



Email Security Firm Abnormal Security Raises $210 Million at $4 Billion Valuation

Email security startup Abnormal Security announced today that it has reached a $4 billion valuation after raising $210 million in a Series C investment, which brings the total raised by the AI-focused cybersecurity company to $285 million.

The fresh funding round was led by Insight Partners, with additional investment from Greylock Partners and Menlo Ventures.

Founded in 2018, and emerging from stealth mode in November 2019, the San Francisco-based firm leverages artificial intelligence to detect abnormal behavior and stop threats such as business email compromise (BEC) before they can reach the inbox.

Its engine analyzes and correlates user behavior, business context, and relationships to prevent socially-engineered attacks, and provides users with transparency on why an email was blocked.

Abnormal Security CEO and co-founder Evan Reiser says the new funds will help the company accelerate product development and invest in growth across Europe, Asia, and Japan.

The company was founded by Reiser and Sanjay Jeyakumar, who serves as CTO. Reiser and Jeyakumar previously worked on the development and operating of Twitter’s ad engine. The Abnormal Security team also includes people who previously worked for Twitter, Google, Amazon, Palo Alto Networks, Proofpoint, FireEye and Duo Security.

The company raised $50 million through a Series B round in late 2020.

Abnormal Security will be participating in SecurityWeek’s Threat Intelligence Summit, taking place next week as a virtual event.



Zero Trust VPN Company Tailscale Raises $100 Million

Zero trust enterprise VPN provider Tailscale this week announced that it has closed a $100 million Series B funding round that brings the total raised by the company to $115 million.

The investment round was led by CRV and Insight Partners, with participation from existing investors Accel, Heavybit, Uncork Capital, and angel investors.

Founded in 2019, the Toronto-based company offers a WireGuard-based private network connectivity solution with zero-config and end-to-end encryption, which integrates with services such as Google Workspace, Microsoft 365, Okta, Caddy Server, Syncthing, and VScode.

Tailscale says it will use the new funds to expand its employee base, accelerate growth, and invest in go-to-market and strategic partner initiatives.

“We’ve been pleased to see unexpectedly exuberant, rapid adoption of Tailscale across the community and among our customers. This aggressive funding round represents a clear signal from the market that investors believe in our vision — the Internet’s original vision — of small, trusted, human-scale networks, interconnected,” Tailscale co-founder and CEO Avery Pennarun said.



Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data

Cornami, a company that helps organizations encrypt data to keep it safe from post-quantum threats, this week announced that it has raised $68 million in an oversubscribed Series C funding round. To date, the company has raised over $150 million.

The new funding round was led by SoftBank Vision Fund 2, with participation from Impact Venture Capital, Octave Ventures, Applied Ventures, and existing investors.

Founded in 2012, the Campbell, California-based Cornami offers a software-defined TruStream Computational Fabric architecture designed to enable high-performance real-time computing for critical and complex applications.

According to Cornami, its technology can deliver scaled performance for massive datasets, helping organizations accelerate Fully Homomorphic Encryption (FHE), to keep data protected from post-quantum threats.

By supporting operations on encrypted data, FHE offers a solution for decryption of data during use, thus reducing the risk of data breaches even if the environment has been breached. FHE is computationally intensive, but Cornami says its solution enables the processing of encrypted data in real-time at low cost.

“Cornami’s technology has a unique ability to address today’s real-time high performance computing requirements along with programming flexibility for large growing markets like cybersecurity, artificial intelligence, and cloud computing,” Jack Crawford, founding general partner of Impact Venture Capital, said.



devOcean Emerges From Stealth With Cloud-Native Security Operations Platform

devOcean has emerged from stealth mode with a cloud-native security operations platform and $6 million in funding. The company’s seed round was led by Glilot Capital Partners, with participation from angel investors.

The Israel-based startup was founded in 2021 by former CyberArk GMs of security research and innovation, Doron Naim and Gil Makmel, who now serve as CEO and CTO, respectively. At the moment, the company has 15 employees.

devOcean says its Security-as-a-Service (SaaS) platform collects insights from all cloud and security tools to provide information on potential risks and their effect on cloud applications.

This unified view of critical threats, the company says, helps security teams prioritize mitigation and allows CISOs to assign teams responsible for patching specific vulnerabilities or addressing issues.

devOcean’s platform also offers recommendations on addressing risks efficiently and allows security teams to automate workflows and easily assign tasks to the relevant teams.

“devOcean was established as a solution to give CISOs and security teams the transparency they need to get a full understanding of security issues and how they affect the application as a whole while also providing insight into how, and who, is best to solve a particular issue,” Naim said.



Application Security Firm StackHawk Bags $20.7 Million in Series B Funding

Application security startup StackHawk today announced that it has raised $20.7 million in Series B funding, which brings the total investment in the company to $35.3 million.

The funding round was co-led by Sapphire Ventures and Costanoa Ventures, with additional investment from Foundry Group and other investors.

Founded in 2019, the Denver, Colorado-based company has developed a platform that helps organizations eliminate software vulnerabilities with automated application and API security testing.

The new funding, the company says, will help it accelerate product development and continue rapid growth.

“There is a serious gap for modern tooling that helps teams efficiently deliver secure applications,” said David Hartwig, partner at Sapphire Ventures and a board director at StackHawk. “In the same way CI/CD has revolutionized how developers deliver quality applications, StackHawk is ensuring security testing is an extension of the process, making security part of the code quality discussion for developers.”