Crazy money and crazy outcomes – cybersecurity acquisitions in all shapes and sizes – ESW #358
This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million???
Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively)
Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds.
Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M.
LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner.
Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece.
We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident.
Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great.
For more details, check out the show notes here: https://www.scworld.com/podcast-episode/3188-enterprise-security-weekly-358
Announcements
On the evening of Monday, May 6, 2024, W2 Communications and CyberRisk Alliance are bringing CYBERTACOS back to San Francisco! If eating FREE tacos, sipping on margaritas and mingling with cyber professionals from all over the world sounds good to you, make sure to register to secure your spot! Visit securityweekly.com/cybertacos to RSVP today!
Get ready for an electrifying experience at the 15th annual Identiverse! Join 3,000+ identity professionals at the ARIA Resort & Casino in Vegas on May 28-31, 2024, for 4 days packed with dynamic learning & collaboration. Don't miss out on keynote speakers including Denee Defiore, CSIO of United Airlines; Tucker Bryant, Entrepreneur and Former Googler; George Roberts, Director of Identity and Access Engineering at McDonald's and many more!
As a community member, receive 25% off your Identiverse 2024 tickets using code IDV24-SW25!
Register today: securityweekly.com/idv2024
Hosts
- 1. FUNDING: Data Security Leader Cyera Raises $300 Million at $1.4 Billion Valuation
$300M Series C led by Coatue. $1.4B valuation, $460M total funding. DSPM vendor.
- 2. FUNDING: Cohesity completes late-stage $150M funding from IBM and Nvidia, expands IBM partnership – SiliconANGLE
$150M Series F led by IBM and NVIDIA. $955M funding total. Data backups.
- 3. FUNDING: Onum raises $28M to help businesses extract more value from their data at lower costs
$28M Series A, led by Dawn Capital. Devo founders. Data analytics and security platform.
- 4. FUNDING: Alethea Raises $20M in Series B Funding led by GV
$20M Series B led by Google Ventures. Total funding $34M. Early detection and mitigation of disinformation via a product called Artemis.
- 5. FUNDING: Sprinto Raises $20M in Series B Funding
$20M Series B led by Accel. Total funding $31.8M. Automated risk and compliance platform.
- 6. FUNDING: Andesite AI Launches With $15.25M in Initial Funding
$15.25M Series A led by General Catalyst. AI security analytics platform.
- 7. FUNDING: StrikeReady Raises $12 Million for Industry-First AI Security Command Platform Purpose-Built for Modern SOC Teams
$12M Series A led by 33N Ventures. "Vendor-neutral AI security operations platform. Integrates with organizations existing security tools. StrikeReady's command center makes SOC teams more efficient and effective by uniting, centralizing and operationalizing security, fostering smarter, faster decision-making and proactive security defense."
- 8. FUNDING: Simbian brings AI to existing security tools
$10M seed round led by Cota Capital. Looks like it's an on-prem version of Security Copilot.
"...Simbian isn’t the only platform to attempt to apply a layer of AI over existing security tools — Nexusflow offers a product along a similar vein..."
- 9. FUNDING: Miggo Unveils Application Detection And Response Platform
$7.5M Seed led by YL Ventures. The "first Application Detection and Response (ADR) vendor."
- 10. FUNDING: Cybersecurity firm Nymiz raises €2.8M in funding round led by Swanlaab
€2.8M funding led by Swanlaab Venture Factory. Data privacy/GDPR compliance.
- 11. FUNDING: Deutsche Telekom’s hubraum Fund Backs Salvador Technologies
- 12. ACQUISITIONS: Noname Security closing on $500 million acquisition by Akamai
IIRC from a conversation the other day, this exit is between 16x and 17x, so a fantastic exit in a less than ideal market. Also, I gave Noname a hard time for their branding in the past, but it seems they had a very different exit from [redacted], so I'm happy to eat my words here.
- 13. ACQUISITIONS: BeyondTrust buys Israeli access security co Entitle for $150m
Entitle raised a $15M seed round about a year ago, so it seems likely this is pretty decent exit for everyone involved. Entitle provides "just-in-time" privileged access for cloud permissions.
- 14. ACQUISITIONS: Zscaler Announces Intent to Acquire Airgap Networks to Extend Zero Trust SASE Leadership and Eliminate the Need for Firewall-based Segmentation
- 15. ACQUISITIONS: Cyber unicorn Armis acquiring Silk Security for $150 million
We've been talking a lot about this being a buyers market and some startups having little choice but to make a deal, but some of these acquisitions are looking like wins for investors and founders, even if they are with startups that are still early stage.
- 16. ACQUISITION RUMORS: Large former-unicorn CNAPP vendor got acquired for half a billion
There's a pretty short list of companies that fit this description, but the identity of the vendor is less important than the lessons coming from it. We saw some absolute funding madness when interest rates were near zero. We called it out as madness then, and we're watching the correction occur now.
Breaking news here: Wiz in Talks to Acquire Lacework for $200M
- 17. NEW FEATURES: LimaCharlie Slashes Incident Response Times With New Bi-directional Capabilities
- 18. NEW FEATURE: Chrome to Fight Cookie Theft With Device Bound Session Credentials
This is potentially a big deal. The idea that OAuth keys can simply be moved to another computer to bypass the need for authentication seems a bit crazy. This would make it much harder for infostealers and cred black markets to operate as they do today.
- 19. NEWS: CISA Releases Malware Next-Gen Analysis System for Public Use
From Ryan Naraine: "The US government’s cybersecurity agency CISA has released its threat hunting and internal malware analysis system for public use, promising capabilities for the automatic analysis of potentially malicious files or uniform resource locators (URLs).
The system, called Malware Next-Gen, will now be available for any organization to submit malware samples and other suspicious artifacts for analysis and will allow CISA to more effectively support partners by automating analysis of newly identified malware."
- 20. OPEN SOURCE: Unveiling ‘poutine’: An Open Source Build Pipelines security scanner
A CI/CD pipeline vulnerability scanner, from Boostsecurity.io, which just came out of stealth a year or so ago.
- 21. ESSAY: Welcome Back to the Unicorn Club, 10 Years Later
I missed this earlier this year. Aileen Lee revisits the term "Unicorn" 10 years after she first invented it.
- 22. ESSAY: A Letter from the Future
- 23. ESSAYS: Robots Dream of Root Shells
- 24. BREACHES: Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs
- 25. BREACHES: UnitedHealth: Change Healthcare cyberattack caused $872 million loss
1st question: is a $872M loss a big deal for Change Healthcare? They're a $100B rev/yr company, so less than 1% impact to revenue probably isn't the end of the world for them.
2nd question: is this even a loss, or a deferral of payments while they were offline (in other words, they could recoup in the following quarter now that systems are back up)
- 26. DUMPSTER FIRE: Apps with integrated LLMs are vulnerable to ancient RCE and SQLi techniques
Thanks to Kenn White (and my GF!) for bringing our attention to this. Some excellent work here, though what it reveals is depressing. Here's the TL;DR from Kenn:
"The most popular chat-assisted app frameworks aren't even doing basic process sandboxing or sane file/network isolation. We are still very much in the early infancy of security maturity with current gen LLMs."
Tong Liu and colleagues have released their research and just presented on it at Black Hat Asia:
