- 1. FUNDING: Pentera Announces $150M Series C at $1 Billion Valuation to Disrupt Legacy Vulnerability Management Market
Pentera is either the most metal ballpoint EVER, or someone created a company name by combining pen testing with Pantera (RIP Dimebag). This is an interesting trend though. We all knew point-in-time testing wasn't ideal. If you need to lean on a pen testing firm to catch stuff you're missing, you probably need to lean more than once or twice a year...
- 2. FUNDING: Eureka raises $8M for its data cloud security platform – TechCrunch
- 3. MERGER: Shark Tank Star Joins Forces with Cybersecurity Visionary to Form New Industry Powerhouse
Herjavec Group and Fishtech combine - Gary Fish's second big merger (Accuvant + Fishnet = Optiv was his first) seems solid on paper. Both founders remain on with significant stakes (CEO and Chairman, respectively). One US-based, one in Canada. Looks like Herjavec group was acquired by a PE firm about a year ago (Apex Funds), which also fits the mold - Blackstone engineered the Optiv deal, which seems like it would have been much larger than this one.
- 4. ACQUISITION: Google Acquisition Of Siemplify Is A Knockout Punch For Standalone SOAR
- 5. ACQUISITION: EU retail giant Schwarz Group snags security startup XM Cyber for $700 million – TechCrunch
This is an interesting one. We've seen some interesting acquisitions over the past few years. Acquisition by an organization best known for its chain of grocery stores is not the typical cybersecurity exit. Once you start digging into it, it starts to make sense. This company has a number of subsidiaries and has centralized many core business functions, including IT. They also make investments, so the XM Cyber acquisition ticks two boxes: Schwarz adds a high-growth investment to its portfolio, and gets preferred pricing (and maybe roadmap placement) for other Schwarz Group companies.
- 6. ACQUISITION: Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security
Another bootstrapped security company gets acquired! RBS is most notably, the home of VulnDB - one of the most comprehensive vulnerability databases in the industry, boasting tens of thousands more vulns than MITRE's CVE.
- 7. ACQUISITION: Google enters agreement to acquire Actifio
- 8. ACQUISITION: Recorded Future Acquires SecurityTrails
Attack surface management is heating up! We're approaching half a dozen companies acquired in this area and there are still plenty more to go! $65m for a bootstrapped company? I'd take it.
- 9. DRAMA: “If Wiz is worth $6 billion, Palo Alto is worth more than a trillion”
- 10. MORE DRAMA: How did Noname Security become a Unicorn making $5 million a year?
- 11. ANALYSIS: The Security Obstructionism (SecObs) Market
- 12. SUPPLY CHAIN – Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps
A developer of a few popular NPM libraries was upset about a general unwillingness to pay for free software by heavily funded startups and chose to sabotage his own stuff to... teach everyone a lesson? There's a thin line between idealism and extortion here that's worth discussing.
Ideally, sure - profitable companies should donate to open source libraries that helped them build products, grow quickly, and become profitable (whether that's actual profits, or repeat rounds of investment). On the other hand, how upset can you be if you create free software and no one pays for it? Another factor here is that the author tried creating a SaaS/PaaS service out of one of his projects and one company simply copied it (which was completely legal, given the license he was using).
- 13. TRENDS: Israel’s cybersecurity startups post another record year in 2021 – TechCrunch
- 14. TRENDS: U.S. News Announces the 2022 Best Jobs
#1 on the list: Security Analyst!
(yaaay, we're number one)
(wait, is that a good thing?)
- 15. TRENDS: CES 2022: Chip to cloud security: Pluton-powered Windows 11 PCs are coming
Pluton is effectively a TPM, but Microsoft is partnering with chip manufactures to bake it into the CPU, as I understand it. A good move in terms of design, considering we've seen some fairly straightforward attacks succeed in stealing secrets from a TPM by tapping the bus it traveled on towards the CPU.
Overall, totally makes sense, given that Windows 11 now requires a TPM - something Apple has been doing for a while with their Macs and mobile devices.
- 16. TRENDS: BlackBerry Die-Hards Struggle With Final Blow
End of an age.
- 17. TRENDS: FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware
I'm not sure if attackers changing up tactics is a good sign or a bad one. Whichever the case, they're now sending USB devices similar to the HAK5 rubber ducky - it shows up as a keyboard when you plug it in, and proceeds to execute pre-programed keystrokes to do something nasty. In this case - download and install ransomware.
- 18. TRENDS: Salesforce to require MFA for all users starting next month
Some might call it a bit late, but Salesforce requiring MFA for all users is a significant move that could encourage others to follow suit.
- 19. TRENDS: Chrome will limit access to private networks, citing security reasons
This will go smoothly.
Brave already does this, and it's annoying there also.
- 20. TOOLS: Simple CSPM
A CSPM that's also a spreadsheet???
- 21. TOOLS: T-Pot – a meta honeypot tool
T-Pot effectively combines a wide variety of other honeypots, all into one meta tool. Kinda like the Security Onion of deception.
- 22. SQUIRREL: Liquid Death lands $75M more to expand the brand – TechCrunch
The latest startup to use shock marketing to promote its brand raises a significant round. "Murder your thirst" is their tagline. One customer posted a video each day, of him drinking the product, for a year. The CEO and founder responded by getting a tattoo of the customer's FACE on his ARM.
These hijinks got me interested in the VC and other companies they've founded. One that caught my eye is Lambs - a company that makes clothing that proposes to make you healthier by blocking the radiation from Bluetooth, Wi-Fi, and 5g signals. It also claims to improve your sleep, increase "HRV", reduce brain fog, and give you clearer, healthier skin. That's a pretty fancy t-shirt. They even give the name "Faraday" to much of their clothing line. Guess how much you have to pay to buy a Faraday T-Shirt.
- 23. SQUIRREL: Banished Words List Year – Lake Superior State University