Personal blog of Yzmir Ramirez

Netskope, focused on Secure Access Service Edge architecture, announced Friday a $300 million investment round on a post-money valuation of $7.5 billion.

The oversubscribed insider investment was led by ICONIQ Growth, which was joined by other existing investors, including Lightspeed Venture Partners, Accel, Sequoia Capital Global Equities, Base Partners, Sapphire Ventures and Geodesic Capital.

Netskope co-founder and CEO Sanjay Beri told TechCrunch that since its founding in 2012, the company’s mission has been to guide companies through their digital transformation by finding what is most valuable to them — sensitive data — and protecting it.

“What we had before in the market didn’t work for that world,” he said. “The theory is that digital transformation is inevitable, so our vision is to transform that market so people could do that, and that is what we are building nearly a decade later.”

With this new round, Netskope continues to rack up large rounds: it raised $340 million last February, which gave it a valuation of nearly $3 billion. Prior to that, it was a $168.7 million round at the end of 2018.

Similar to other rounds, the company was not actively seeking new capital, but that it was “an inside round with people who know everything about us,” Beri said.

“The reality is we could have raised $1 billion, but we don’t need more capital,” he added. “However, having a continued strong balance sheet isn’t a bad thing. We are fortunate to be in that situation, and our destination is to be the most impactful cybersecurity company in the world.

Beri said the company just completed a “three-year journey building the largest cloud network that is 15 milliseconds from anyone in the world,” and intends to invest the new funds into continued R&D, expanding its platform and Netskope’s go-to-market strategy to meet demand for a market it estimated would be valued at $30 billion by 2024, he said.

Even pre-pandemic the company had strong hypergrowth over the past year, surpassing the market average annual growth of 50%, he added.

Today’s investment brings the total raised by Santa Clara-based Netskope to just over $1 billion, according to Crunchbase data.

With the company racking up that kind of capital, the next natural step would be to become a public company. Beri admits that Netskope could be public now, though it doesn’t have to do it for the traditional reasons of raising capital or marketing.

“Going public is one day on our path, but you probably won’t see us raise another private round,” Beri said.

As computing systems become increasingly bigger and more complex, forensics have become an increasingly important part of how organizations can better secure them. As the recent SolarWinds breach has shown, it’s not always just a matter of being able to identify data loss, or prevent hackers from coming in in the first place. In cases where a network has already been breached, running a thorough investigation is often the only way to identify what happened, if a breach is still active and whether a malicious hacker can strike again.

As a sign of this growing priority, a startup called Cado Security, which has built forensics technology native to the cloud to run those investigations, is announcing $10 million in funding to expand its business.

Cado’s tools today are used directly by organizations, but also security companies like Redacted — a somewhat under-the-radar security startup in San Francisco co-founded by Facebook’s former chief security officer Max Kelly and John Hering, the co-founder of Lookout. It uses Cado to carry out the forensics part of its work.

The funding for London-based Cado is being led by Blossom Capital, with existing investors Ten Eleven Ventures also participating, among others. As another signal of demand, this Series A is coming only six months after Cado raised its seed round.

The task of securing data on digital networks has grown increasingly complex over the years: Not only are there more devices, more data and a wider range of configurations and uses around it, but malicious hackers have become increasingly sophisticated in their approaches to needling inside networks and doing their dirty work.

The move to the cloud has also been a major factor. While it has helped a wave of organizations expand and run much bigger computing processes as part of their business operations, it has also increased the so-called attack surface and made investigations much more complicated, not least because a lot of organizations run elastic processes, scaling their capacity up and down: This means when something is scaled down, logs of previous activity essentially disappear.

Cado’s Response product — which works proactively on a network and all of its activity after it’s installed — is built to work across cloud, on-premise and hybrid environments. Currently it’s available for AWS EC2 deployments and Docker, Kubernetes, OpenShift and AWS Fargate container systems, and the plan is to expand to Azure very soon. (Google Cloud Platform is less of a priority at the moment, CEO James Campbell said, since it rarely comes up with current and potential customers.)

Campbell co-founded Cado with Christopher Doman (the CTO) last April, with the concept for the company coming out of their respective experiences working on security services together at PwC, and respectively for government organizations (Campbell in Australia) and AlienVault (the security firm acquired by AT&T). In all of those, one persistent issue the two continued to encounter was the issue with adequate forensics data, essential for tracking the most complex breaches.

A lot of legacy forensics tools, in particular those tackling the trove of data in the cloud, was based on “processing data with open source and pulling together analysis in spreadsheets,” Campbell said. “There is a need to modernize this space for the cloud era.”

In a typical breach, it can take up to a month to run a thorough investigation to figure out what is going on, since, as Doman describes it, forensics looks at “every part of the disk, the files in a binary system. You just can’t find what you need without going to that level, those logs. We would look at the whole thing.”

However, that posed a major problem. “Having a month with a hacker running around before you can do something about it is just not acceptable,” Campbell added. The result, typically, is that other forensics tools investigate only about 5% of an organization’s data.

The solution — for which Cado has filed patents, the pair said — has essentially involved building big data tools that can automate and speed up the very labor intensive process of looking through activity logs to figure out what looks unusual and to find patterns within all the ones and zeros.

“That gives security teams more room to focus on what the hacker is getting up to, the remediation aspect,” Campbell explained.

Arguably, if there were better, faster tracking and investigation technology in place, something like SolarWinds could have been better mitigated.

The plan for the company is to bring in more integrations to cover more kinds of systems, and go beyond deployments that you’d generally classify as “infrastructure as a service.”

“Over the past year, enterprises have compressed their cloud adoption timelines while protecting the applications that enable their remote workforces,” said Imran Ghory, partner at Blossom Capital, in a statement. “Yet as high-profile breaches like SolarWinds illustrate, the complexity of cloud environments makes rapid investigation and response extremely difficult since security analysts typically are not trained as cloud experts. Cado Security solves for this with an elegant solution that automates time-consuming tasks like capturing forensically sound cloud data so security teams can move faster and more efficiently. The opportunity to help Cado Security scale rapidly is a terrific one for Blossom Capital.”

Rapid7 announced today after the closing bell that it will be acquiring DivvyCloud, a cloud security and governance startup, for $145 million in cash and stock.

With Divvy, the company moves more deeply into the cloud, something that Lee Weiner, chief innovation officer, says the company has been working toward, even before the pandemic pushed that agenda.

Like any company looking at expanding its offering, it balanced building versus buying and decided that buying was the better way to go. “DivvyCloud has a fantastic platform that really allows companies the freedom to innovate as they move to the cloud in a way that manages their compliance and security,” Weiner told TechCrunch.

CEO Corey Thomas says it’s not possible to make a deal right now without looking at the economic conditions due to the pandemic, but he says this was a move they felt comfortable making.

“You have to actually think about everything that’s going on in the world. I think we’re in a fortunate position in that we have had the benefit of both growing in the past couple years but also getting the business more efficient,” Thomas said.

He said that this acquisition fits in perfectly with what he’s been hearing from customers about what they need right now. “One area of new projects that is actually going forward is how people are trying to figure out how to digitize their operations in a world where they aren’t sure how soon employees will be able to congregate and work together. And so from that context, focusing on the cloud and supporting our customers’ journey to the cloud has become an even more important priority for the organization,” he said.

Brian Johnson, CEO and co-founder at DivvyCloud, says that is precisely what his company offers, and why it should fit in well with the Rapid7 family. “We help customers achieve rapid innovation in the cloud while ensuring they remain secure, well governed and compliant,” he said. That takes a different playbook than when customers were on prem, particularly requiring automation and real-time remediation.

With DivvyCloud, Rapid 7 is getting a 7-year-old company with 70 employees and 54 customers. It raised $27.5 million on an $80 million post-money valuation, according to PitchBook data. All of the employees will become part of the Rapid7 organization when the deal closes, which is expected to happen some time this quarter.

The companies say that as they come together, they will continue to support existing Divvy customers, while working to integrate it more deeply into the Rapid7 platform.

In today’s grim economic climate, companies are looking for ways to automate wherever they can. Bridgecrew, an early-stage startup that makes automated cloud security tooling aimed at engineers, announced a $14 million Series A today.

Battery Ventures led the round with participation from NFX, the company’s $4 million seed investor. Sorensen Ventures, DNX Ventures, Tectonic Ventures, and Homeward Ventures also participated. A number of individual investors also helped out. The company has raised a total of $18 million.

Bridgecrew CEO and co-founder Idan Tendler says that it is becoming easier to provision cloud resources, but that security tends to be more challenging. “We founded Bridgecrew because we saw that there was a huge bottleneck in security engineering, in DevSecOps, and how engineers were running cloud infrastructure security,” Tendler told TechCrunch.

They found that a lot issues involved misconfigurations, and while there were security solutions out there to help, they were expensive, and they weren’t geared towards the engineers who were typically being charged with fixing the security issues, he said.

The company decided to solve that problem by coming up with a solution geared specifically for the way engineers think and operate. “We do that by codifying the problem, by codifying what the engineers are doing. We took all the tasks that they needed to do to protect around remediation of their cloud environment and we built a playbook,” he explained.

The playbooks are bits of infrastructure as code that can resolve many common problems quickly. When they encounter a new problem, they build a playbook and then that becomes part of the product. He says that 90% of the issues are fairly generic like following AWS best practices or ensuring SOC-2 compliance, but the engineers are free to tweak the code if they need to.

Tendler says he is hiring and sees his product helping companies looking to reduce costs through automation. “We are planning to grow fast. The need is huge and the COVID-19 implications mean that more and more companies will be moving to cloud and trying to reduce costs, and we help them do that by reducing the barriers and bottlenecks for cloud security.”

The company was founded 14 months ago and has 100 playbooks available. It’s keeping the crew lean for now with 16 employees, but it has plans to double that by the end of the year.

Netskope has always focused its particular flavor of security on the cloud, and as more workloads have moved there, it has certainly worked in its favor. Today the company announced a $340 million investment on a valuation of nearly $3 billion.

Sequoia Capital Global Equities led the round, but in a round this large, there were a bunch of other participating firms, including new investors Canada Pension Plan Investment Board and PSP Investments, along with existing investors Lightspeed Venture Partners, Accel, Base Partners, ICONIQ Capital, Sapphire Ventures, Geodesic Capital and Social Capital. Today’s investment brings the total raised to more than $740 million, according to Crunchbase data.

As with so many large rounds recently, CEO Sanjay Beri said the company wasn’t necessarily looking for more capital, but when brand name investors came knocking, they decided to act. “We did not necessarily need this level of capital but having a large balance sheet and a legendary set of investors like Sequoia, Lightspeed and Accel putting all their chips behind Netskope for the long term to dominate the largest market in security is a very strong signal to the industry,” Beri said.

From the start, Netskope has taken aim at cloud and mobile security, eschewing the traditional perimeter security that was still popular when the company launched in 2012. “Legacy products based on traditional notions of perimeter security have gone obsolete and inhibit the needs of digital businesses. Today’s urgent requirement is security that is fast, delivered from the cloud, and provides real-time protection against network and data threats when cloud services, websites, and private apps are being accessed from anywhere, anytime, on any device,” he explained.

When Netskope announced its $168.7 million round at the end of 2018, the company had a valuation over $1 billion at that time. Today, it announced it has almost tripled that number, with a valuation close to $3 billion. That’s a big leap in just two years, but it reports 80% year-over-year growth, and claims to be “the fastest-growing company at scale in the fastest-growing areas of cybersecurity: secure access server edge (SASE) and cloud security,” according to Beri.

The next natural step for a company at this stage of maturity would be to look to become a public company, but Beri wasn’t ready to commit to that just yet. “An IPO is definitely a possible milestone in the journey, but it’s certainly not limited to that and we’re not in a rush and have no capital needs, so we’re not commenting on timing.”

Palo Alto Networks launched in 2005 in the age of firewalls. As we all know by now, the enterprise expanded beyond the cozy confines of a firewall long ago and vendors like Palo Alto have moved to securing data in the cloud now too. To that end, the company announced its intent to pay $173 million for RedLock today, an early-stage startup that helps companies make sure their cloud instances are locked down and secure.

The cloud vendors take responsibility for securing their own infrastructure, and for the most part the major vendors have done a decent job. What they can’t do is save their customers from themselves and that’s where a company like RedLock comes in.

As we’ve seen time and again, data has been exposed in cloud storage services like Amazon S3, not through any fault of Amazon itself, but because a faulty configuration has left the data exposed to the open internet. RedLock watches configurations like this and warns companies when something looks amiss.

When the company emerged from stealth just a year ago, Varun Badhwar, company founder and CEO told TechCrunch that this is part of Amazon’s shared responsibility model. “They have diagrams where they have responsibility to secure physical infrastructure, but ultimately it’s the customer’s responsibility to secure the content, applications and firewall settings,” Badhwar told TechCrunch last year.

Badhwar speaking in a video interview about the acquisition says they have been focused on helping developers build cloud applications safely and securely, whether that’s Amazon Web Services, Microsoft Azure or Google Cloud Platform. “We think about [RedLock] as guardrails or as bumper lanes in a bowling alley and just not letting somebody get that gutter ball and from a security standpoint, just making sure we don’t deviate from the best practices,” he explained.

“We built a technology platform that’s entirely cloud-based and very quick time to value since customers can just turn it on through API’s, and we love to shine the light and show our customers how to safely move into public cloud,” he added.

The acquisition will also fit nicely with Evident.io, a cloud infrastructure security startup, the company acquired in March for $300 million. Badhwar believes that customers will benefit from Evident’s compliance capabilities being combined with Red Lock’s analytics capabilities to provide a more complete cloud security solution.

RedLock launched in 2015 and has raised $12 million. The $173 million purchase would appear to be a great return for the investors who put their faith in the startup.

The first post-billion, big tech IPO of the year has opened with a bang. Zscaler, a security startup that confidentially filed for an IPO last year, started trading this morning as ZS on Nasdaq at a price of $27.50/share. This was a pop of 71.9  percent on its opening price of $16, and speaks to a bullish moment for security startups and potentially public listings for tech companies in general.

That could bode well for Dropbox, Spotify and others that are planning or considering public listings in the coming weeks and months.

As of 3:45PM Eastern time, the stock has gone significantly higher and has just reached a peak of $30.61 as it approaches the end of its first day of trading. We’ll continue to monitor the price as the day continues to see how the stock does, and also hear from the company itself.

Initially, Zscaler had expected to sell 10 million shares at a range between $10 and $12 per share, but interest led the company to expand that to 12 million shares at a $13-15 range, which then moved up to $16 and Zscaler last night raising $192 million giving it a valuation of over $1.9 billion — a sign of strong interest in the investor community that it’s now hoping will follow through in its debut and beyond.

Zscaler is a specialist in an area called software-defined perimeter (SDP) services, which allow enterprises and other organizations to better control how they allow employees to access apps and specific services within their IT networks: the idea is that rather than giving access to the full network, employees are authenticated just for the apps that they specifically need for their work.

SDP architectures have become increasingly popular in recent years as a way of better mitigating security threats in networks where employees are using a variety of devices, including their own private mobile phones, to access data and apps in corporate networks and in the cloud — both of which have become routes for malicious hackers to breach systems.

SDP services are being adopted by the likes of Google, and are being built by a number of other tech companies, both those that are looking to provide more value-added services around existing cloud or other IT offerings, and those that are already playing in the area of security, including Cisco, Check Point Software, EMC, Fortinet, Intel, Juniper Networks, Palo Alto Networks, Symantec (which has been involved in IP lawsuits with Zscaler) and more — which speaks both of the opportunity and challenge in the market for Zscaler. Estimates of the value of the market range from $7.8 billion to $11 billion by 2023.

 Oracle announced yesterday that it intends to acquire Zenedge, a 4-year old hybrid security startup. They didn’t reveal a purchase price. With Zenedge, Oracle gets a security service to add it to its growing cloud play. In this case, the company has products to protect customers whether in the cloud, on-prem or across hybrid environments. The company offers a range of services from… Read More

 Cybercrime is a rising problem — expected to cost organizations between $500 billion and $2 trillion by 2019. Now a startup that has built what it markets as an economical tool to fight cybercrime has raised some money to help it grow. vArmour — a startup that offers security solutions specifically aimed at enterprises that run services and apps across multiple clouds —… Read More

 Last fall, Mr. Nadella came to Washington and in a comprehensive speech the Microsoft CEO laid out Microsoft’s broad vision for security in the enterprise. Today, the company made a series of announcements in a lengthy blog post from Microsoft Chief Information Security Officer Bret Arsenault that starts to bring that vision into clearer focus. It’s probably not a coincidence… Read More