Enterprises are adopting an ever-wider range of SaaS applications to work and interface with customers, and that is proving to be a major security concern: It’s not just the prospect of phishing, credential stuffing and other malicious tricks to get into systems that are a worry, but the fact that more applications mean more attack surfaces, and more integrations between apps mean more inadvertent holes that get exposed in the process.
And that is leading to a surge of interest in security applications that can help. Today, a startup called AppOmni — which has built a platform to help monitor SaaS apps and their activity, provide guidance to warn or block when things might go wrong and fix problems when they do occur — is announcing some funding to fuel its growth.
The startup has raised $40 million in a Series B round led by Scale Venture Partners, with Salesforce Ventures and ServiceNow Ventures, as well as previous backers ClearSky, Costanoa Ventures, Inner Loop Capital and Silicon Valley Data Capital also participating.
The funding is coming on the back of a huge year for AppOmni. The company grew 900%, co-founder and CEO Brendan O’Connor told TechCrunch, and it has managed to stay at 100% customer retention — that is, AppOmni has yet to lose a single customer since it was founded.
The company today integrates with more than 100 connectors, platforms used by developers and IT teams at companies to manage the apps that their businesses use, such as tools like Splunk and Sumo Logic. Through this, AppOmni is able to aggregate and normalize event data around those apps, in addition to deeper monitoring in cases where it can integrate with apps themselves (those integrations to date include some of the most popular apps that enterprises use today, including Salesforce and Slack, Zoom, Microsoft 365, Box and GitHub).
As O’Connor describes it, the sheer number of apps that enterprise teams use and adopt has made managing security around them very complex. Partly because of how SaaS is set up for usage by as many people in and outside the organization as possible (to make the apps more useful), AppOmni estimates that some 95% of enterprises “overprovision” permissions for external users.
On top of that, some of the biggest problems occur indirectly, specifically when applications are linked together, creating a flow of sensitive data. AppOmni says that some 55% of companies have sensitive data living in SaaS systems that has been inadvertently exposed to the anonymous internet, sitting there completely unguarded, in this way. (See Zack’s story here for a recent example of how this can play out.)
This is an issue, he said, that is unique to SaaS, which he describes as different architecturally to any software that companies might have used in the past. “There is no operating system, no network that is exposed to customers,” he said.
The idea is that AppOmni provides a dashboard to make that monitoring much less murky. “One of our customers described using AppOmni as being akin to turning a light on in a dark room,” O’Connor said.
O’Connor and his co-founder, Brian Soby (the CTO), have firsthand knowledge of the challenges of securing SaaS applications: both spent years at Salesforce — with O’Connor the company’s SVP and “chief trust officer”, a role he left to join ServiceNow as its security CTO, before leaving there to co-found AppOmni with Soby.
It’s partly that track record, along with AppOmni’s own track record, that has given the startup the attention that it has from investors. Interestingly, Scale came to know AppOmni not over a coffee or a pitch deck, but as one of those satisfied customers, which eventually led the VC to offer to invest.
“Scale Venture Partners became an AppOmni customer in 2020. We know firsthand how powerful and differentiated the AppOmni product when it comes to protecting our sensitive SaaS data, and we’re excited to now be both a customer and an investor,” said Ariel Tseitlin, a partner at Scale Venture Partners, in a statement. “AppOmni’s 9x growth last year, driven by the acquisition of customers across a wide range of industries, proves that AppOmni is the market leader in the increasingly important SaaS Security Management market. We expect the momentum to continue in 2021 and beyond as companies accelerate their shift to cloud applications to support their larger remote workforces.”
The company has raised $53 million to date, and it is not disclosing valuation.