SEC Proposals, Following Unicorns, Island’s Browser, HUB Security, & Fake Companies – ESW #266
Full episode and show notes
In the Enterprise Security News for this week: Island raises another $115M to build a secure web browser, less than 2 months after raising $100M, Bionic raises $65M for application intelligence, Israeli startup HUB Security merges with a SPAC to go public on the NASDAQ at a $1.28B valuation, Cybersecurity now has 53 unicorns, which are the most interesting to follow? New data shows VCs pulling back on Series A, B, and C, but is this data any good? Over 90% of orgs had an incident tied to a third party last year, the SEC might require public companies to report hacks and hand over details, & more!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Director of Product Marketing at Valence Security
- 1. FUNDING: Island hits $1.3B valuation with $115M round – TechCrunchLess than 2 weeks after we discussed Island coming out of stealth with a massive $100M series A, they're announcing a $115 Series B (Insight, Stripes & Sequoia)? At a $1.3B valuation? For a BROWSER? That's based on an existing browser (Chromium)??? I don't disagree that there's some cool stuff you can probably only do at the browser level, but historic trends in this space suggests this will end up being far more niche than the funds raised suggest.
- 2. FUNDING: Bionic raises $65 million for application intelligence platformThe Series B was led by Insight Partners, with Cyberstarts and Battery also participating. They have an interesting approach to AppSec, where it appears they map out applications to help security teams better understand architecture, dependencies, and data flows. I know you're probably visualizing this product spitting out a Visio diagram, but don't laugh - I can't underscore how valuable something like that could be for a security team. They're using the term ASPM (application security posture management), which joins DSPM as the lastest *SPM acronym we've seen.
- 3. FUNDING: Apptega Raises $37M; Further Engages MSSPs for Automated Cybersecurity ComplianceFunding is from growth equity firm Mainsail Partners. Apptega "develops an MSSP-friendly platform designed to simplify cybersecurity and compliance", and is based in Atlanta.
- 4. FUNDING: Todyl Banks $28M Series A InvestmentSeries A led by Anthos Capital with participation from Blu, StoneMill, and Tech Operators. Product is a "single-agent, cloud-first platform that brings together EDR, NGAV, GRC, MXDR, SASE, and SIEM". That's a LOT of stuff to bake into one product platform, especially for an early stage startup! More details on their blog: https://blog.todyl.com/blog/series-a-funding-todyl-security-platform-launch
- 5. FUNDING: Application Security Firm ForAllSecure Raises $21 MillionA very interesting approach to AppSec, ForAllSecure is a decade old, but this is only their Series B, co-led by KDT and NEA. You can check out our interview with ForAllSecure's CEO and founder, David Brumley, here on episode 255: https://securityweekly.com/esw255
- 6. IPO: Israeli cybersecurity startup HUB Security merging with SPAC at $1.28 billion valuationThis is an odd one. I hadn't heard of Hub Security before. They're apparently currently public in Israel, but will delist there to go public on the NASDAQ through Mount Rainier, a SPAC. They describe themselves as a producer of "confidential computing solutions", which is a fancy way of saying they design technologies that are tamper resistant, so you can physically run systems in locations that aren't fully trusted. The only other company along these lines I can recall was PrivateCore, another Israeli startup that Facebook acquired back in 2014 (you can imagine why Facebook might need technology like this - https://privatecore.com/privatecore-is-joining-facebook/index.html). Looks like they're doing some similar stuff, like encrypting all data in RAM to defend against attacks that directly target RAM to acquire private encryption keys and other credentials. One of their products is named "Quantum Ransomware Cure".
- 7. TRENDS: Cybersecurity has 53 unicorns. Here are 10 to watchInteresting that DeWalt is interviewed for this piece. The ten unicorns Kyle chooses to focus on here (heavy lean towards cloud security) are: 1. Snyk 2. Lacework 3. Wiz 4. Arctic Wolf 5. Illumio 6. Sysdig 7. Orca 8. Beyond Identity 9. BlueVoyant 10. Aqua Security
- 8. TRENDS: New data shows how far VCs are pulling back on US Series A, B, and C valuations – TechCrunchhttps://techcrunch.com/2022/03/16/new-data-shows-how-far-vcs-are-pulling-back-on-us-series-a-b-and-c-valuations/
- 9. TRENDS: Over 90% of organizations had a security incident linked to a third-party partner in last year
- 10. REPORTS: Coalition’s H1 2021 Cyber Insurance Claims Report
- 11. REGULATION: Proposed SEC rule offers deeper insight into new cyber demands facing publicly traded companieshttps://www.scmagazine.com/analysis/compliance/proposed-sec-rule-offers-deeper-insight-into-new-cyber-reporting-requirements-for-publicly-traded-companies
- 12. SQUIRREL: Jobfished: the con that tricked dozens into working for a fake design agencyWe talk a lot about startups, and you'll find cases of "fake-it-till-you-make-it" culture everywhere. But there's a big difference from pretending like you have a CFO when you're only 5 employees and pretending you have a decade-old business with a full staff and clients when you've got nothing and don't intend to run a real business at any point...
Fractional CMO, Cyber Angel Investor and Advisor at 90 Degree Ventures