Multiple Soups – ESW #230

Adrian Sanabria

1. ACQUISITION: Network security startup ExtraHop skips and jumps to $900M exit – TechCrunch
   IPO stuffed, ExtraHop instead ops for a 9x exit to PE firms. 9x for what looked like a healthy business 2 years ago? What happened?? Finance analysts seem baffled and without an S-1, we may never know.
2. ACQUISITION: FireEye sells FireEye Products unit to STG for $1.2 billion
   Described by many as a firesale, the price is barely higher than what FireEye paid for Mandiant 7 years ago! Not a good sign. The multiple here was 1.64x - a far cry from the more typical 10-20x we see software vendors selling for. While some great research came out of FireEye over the years and the Mandiant business has always seemed to thrive, I'm not sure FireEye ever really built a product anyone really wanted or needed. Bit of a rant from me on them: https://twitter.com/sawaba/status/1400207552139431936 What's really crazy though is who bought them - STG has also recently acquired RSA and McAfee.
3. ACQUISITION: Coalfire Acquires Denim Group to Transform
   There have always been consulting firms that build tools and even spin-off product companies, but it seems a more common trend these days. Where software cybersecurity companies can bring in a bigger multiple, they're more of a risk. Services traditionally bring in a much lower multiple, but their revenue is more predictable, as the services product changes very slowly and demand is fairly constant. Bishop Fox raised a Series A from ForgePoint to build a managed subscription service. Coalfire was acquired by private equity and appears to be going for something similar with Denim Group and Threadfix. The FireEye product portfolio was just offloaded for less than 2x, leaving Mandiant behind, which was originally purchased for around 10x back in 2014! It's an interesting trend that flips the funding/returns script somewhat.
4. ACQUISITION: Microsoft acquires ReFirm Labs to enhance IoT security – Microsoft Security
5. FUNDING: Cybersecurity startup Brinqa raises $110 mln from Insight Partners
6. FUNDING [redacted] closes 35m in Series B funding to disrupt adversaries and hold attackers accountable
   It literally took me 10 minutes of Googling to realize that [redacted] was the company's actual name. I guess someone is getting a chuckle out of how clever they are, but I just found it irritating
7. FUNDING: Exabeam Secures $200 Million at $2.4 Billion Valuation, Welcomes New CEO and President Michael DeCesare
8. FUNDING – Uptycs secures $50M Series C as security platform continues to expand – TechCrunch
9. FUNDING: Inspired by Podesta breach, Material Security raises $40 million to neuter email hacks
10. FUNDING: Tessian raises USD65m Series C to advance security at the human layer
11. FUNDING Israeli cloud security co Wiz raises another $120m – report
    SURE, WHY NOT???

Paul Asadoorian

1. Microsoft acquires ReFirm Labs to boost its IoT security offerings
2. After Nearly 6 Years, SMB Cybersecurity Provider Redacted Emerges From Stealth With $35M
3. New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation
4. ALD Moves Forward with Merger with Hub Security
5. Digital-Security Startup Aura Backed by Katzenberg Valued at Over $1 Billion
6. SignalWire raises $30M to accelerate the creation of unified cloud communications tools
7. Brinqa raises $110M to accelerate adoption of risk-based cybersecurity
8. Proofpoint unveils people-centric innovations across its three platforms
   "Available now, Proofpoint’s Information Protection and Cloud Security platform is the cloud native solution that combines enterprise data loss prevention (DLP), insider threat management, cloud app security broker (CASB), zero trust network access, remote browser isolation, and a cloud native web security solution."
9. Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges
   "I follow the SD-WAN and SASE industries fairly closely but never really considered Citrix a major vendor in the space. Recently, the company updated me on their offerings, and I finished the meeting with a positive outlook on their products. SIA is a very robust, cloud-delivered security solution that gives work from home employees the same level of security as they would have in the office."
10. Synopsys Acquires Code Dx
11. Infoblox 3.0 Unites Hybrid DDI, Security to Unlock Cloud-first Strategies
    "The company is uniting NIOS, an on-premises DDI solution, with its cloud-native BloxOne Threat Defense and BloxOne DDI platforms to help customers bridge core networking and security into cloud environments that underpin the needs of the modern enterprise."
12. CyberArk : Advances Industry-Leading Identity Security Platform
    "CyberArk Dynamic Privileged Access: Drastically reduces risk of standing access by provisioning just-in-time access to hybrid and cloud workloads, starting with Windows and Linux Virtual Machines. Dynamic Privileged Access also includes full audit capabilities, providing insight into exactly who accessed what and when. Only CyberArk secures both standing and dynamic access across hybrid and multi-cloud environments while enforcing least privilege controls. CyberArk Secure Web Sessions: Adds additional layers of security to high-risk browser-based applications access via continuous monitoring, re-authentication enforcement and isolation of malicious processes originating on user devices. Secure Web Sessions enables enterprises to record and audit risky user behavior within any web application while maintaining a frictionless user experience. CyberArk Lifecycle Management for Privileged Users: An expansion of existing capabilities, customers can now further expedite employee onboarding, including those with privileged access, and meet audit and compliance mandates more efficiently. Lifecycle Management for Privileged Users integrates with existing solutions or can work with HR-driven identity management solutions, providing further flexibility to enterprises."
13. ThycoticCentrify Service Account Governance Adds Integration with Cloud Vaults Including AWS Secrets Manager and Azure Key Vault
    "ThycoticCentrify announced enhancements to its industry-leading solution for service account governance, Thycotic Account Lifecycle Manager. The latest version enables IT teams to govern cloud-based service accounts with direct integrations to external vaults such as AWS and Azure, and service accounts used within the DevOps environment."
14. AI-powered cybersecurity provider ExtraHop to be acquired for $900M – SiliconANGLE
15. Panaseer issues cyber measurement guidance to protect enterprises from compromise
    "Panaseer’s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue. In addition to Panaseer’s expertise, the Security Metrics Catalogue has been curated from a wide community of customers, industry experts, and framework organisations such as NIST and in collaboration with the Center for Internet Security (CIS). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘getting started’ collection, a peer-based recommendation collection, a customer favourites collection, and access to newly emerging metric suggestions."