Red Canary, Imperva Sonar, Data Breaches & Share Prices, & TrendMicro XDR – ESW #217

This is a series D for PerimeterX and brings total funding to nearly $150m. Like most late-stage funding, this round is all about growing into new markets and onto new continents.

At first glance, this looks like a CASB play, but it looks more focused on monitoring SaaS use than doing any kind of enforcement or the man-in-the-middle javascript hacks that CASB tends to be associated with. I guess you'd still categorize it as SaaS, even if it's entirely API-dependent. The acquisition makes sense for SailPoint, as SaaS management is a nice feature-add on top of SailPoint's existing SSO/IAM offerings.

A women-founded/owned security startup! We don't see these nearly often enough. SPHERE appears to be a natural evolution of products like Varonis and Stealthbits. It looks like SPHERE can not only identify privileged access and data governance issues but can enforce policies and take action on infractions. They appear to be particularly focused on cloud-based platforms like Office 365, which is smart - that's where everyone has moved and... O365 can get really messy!

We've all heard complaints about Splunk costs and many suspect this $400m deal is about (at least partially) alleviating Crowdstrike customers' Splunk budget. The acquisition totally makes sense, especially for customers that might only be using Splunk to manage Crowdstrike data. I'd expect that Humio would continue to be able to pull in non-Crowdstrike data, as the promise of correlation will only increase the value of the data overall.

In show #215, we reported the rumor that this acquisition was going down for a number north of $100m. That reporting appears to be accurate, with the final deal value reported as $156m in cash. It's an amazing return for a company that had only raised $18.1m to date. The acquisition was announced days before the company's second anniversary from its founding. Bridgecrew is in the rapidly expanding CSPM (cloud security posture management) space. "Highlight all my cloud config mistakes" is another way of thinking of this space.

This brings Red Canary to a total of $125m in funding and I'm honestly glad to see it. Red Canary is one of the few managed security vendors that I consistently hear positive things about. Managed SOC has exploded in recent years, but in my experience, most MSSPs and MDR firms don't do a great job with detection (or at least, don't do any better than companies did before they outsourced the function).

Big thanks to Gabe Bassett from the Verizon DBIR team for bringing this one to my attention. We know that companies are rarely destroyed by breaches. The ones that do go out of business following a breach tend to be very small. However, the assumption many have (myself included) that big companies always fully recover from a breach seems to be false. This study shows that, from a stock market perspective, nearly all publicly-traded companies that suffer a public breach do worse in the market when compared to market performance before the breach.

This is one of the LastPass hot takes from John Scott-Railton, a senior researcher for Citizen Labs.

A lot of folks got ruffled by the recent changes to LastPass's free tier, which has led to some hot takes on where parent company, LogMeIn, might be headed with its new-ish private equity owners. These owners apparently have a history of backing surveillance tech, which doesn't sit well with folks trusting LastPass with all their passwords.

Quick note: Forgepoint also contributed to two other funding stories this week: Strata and SPHERE! 1Kosmos appears to be trying to solve the complex, frustrating state of authentication. They have both an enterprise-employee-facing and enterprise-customer-facing product. Looks like they're leveraging passive methods (certs, device identity) and smartphone biometrics to enable MFA and passwordless use cases. Looks like an evolution of the ubiquitous Duo push method, but uses biometrics instead of tapping "accept"?