Did you miss a session at the Data Summit? Watch On-Demand Here.
It’s true: The term unicorn stopped meaning “rare” years ago. And today, in the cybersecurity market alone, there are actually dozens of privately held companies with billion-dollar valuations.
But while becoming a unicorn may not mean what it used to, it’s not a meaningless milestone, either. At least in the security market, getting a billion-dollar valuation usually does signify that the startup has a fast-growing business underway, among other things.
Dave DeWalt, who knows a thing or two about cyber businesses, said as much to me in an interview last month. Though 30 privately held security companies achieved unicorn valuations in 2021 — up from six in 2020 — that doesn’t automatically imply there’s a bubble, said DeWalt, who previously served as CEO of FireEye and McAfee, and is now a venture investor.
Many of these security companies are building real businesses, he said — and addressing real threats, often from state-sponsored adversaries, that aren’t going away.
Why are we seeing so many security vendors reach unicorn valuations? “It’s because the threat is persistent,” said DeWalt, now the founder and managing director at venture firm NightDragon. “And that’s why I think [these companies are] real, and this is here to stay.”
Tracking the herd
By my tally, there are currently 53 cybersecurity vendors with privately held valuations of $1 billion or more. My main source for this is the CB Insights unicorn list, though my count isn’t identical to theirs (a few security vendors were either missing or classified in other categories besides cybersecurity on their list).
Regardless, getting the number of cybersecurity unicorns exactly right doesn’t seem too important. All you need to know is that there are a ton of them now.
More crucially: Which security companies, in this ever-expanding unicorn herd, might be worth a closer look for enterprise and midmarket customers?
I’ve chosen 10 of the current security unicorns to highlight here. My criteria is that they’re reporting strong growth; they’re in a fast-growing market; and I’ve had the chance to interview their CEO or president in recent months, giving me a sense of their strategy, differentiators and traction with customers.
This isn’t to say the other security unicorns aren’t differentiated, seeing significant growth and operating in hot market. But, I couldn’t include them all (and haven’t interviewed all of their CEOs, either).
So, what follows are the key details on these 10 cybersecurity unicorns that I think are worth watching right now, in areas of the market including cloud security, cloud-native application security, managed detection and response, passwordless identity authentication and zero trust segmentation.
Vendors are ranked by their latest available valuation, provided at the time of their most recent funding round. All quotes are from recent VentureBeat interviews, and all metrics were supplied by the vendors.
Valuation: $8.5 billion (September 2021)
Customers: 1,800 at the end of Q1 (up 100% year-over-year)
Employees: 1,200 at the end of Q1 (up more than 100% year-over-year)
Snyk specializes in offering tools for scanning and fixing code — built to be familiar to developers and integrated into the existing development process — with the aim of ensuring that applications are built securely from the get-go.
The company believes that in order to provide a great developer security platform, “it should be weaved into the daily lives of the development teams,” said Snyk cofounder and president Guy Podjarny. “We’re there to cover the full scope of the cloud-native application — always with that developer-first approach.”
Snyk is now expanding its offerings to include cloud security, with the recent acquisition of Fugue. By combining with Fugue’s cloud security posture management technology, the Snyk platform will be able to provide developers with “continuity all the way from their code to the cloud deployments,” Podjarny said.
“To equip developers with building secure software and owning it, they have to go past the pipelines into understanding what is deployed,” Podjarny said. That includes “understanding what security mistakes are deployed,” he said, “so they can own that and they can help secure it.”
Valuation: $8.3 billion (November 2021)
Customers: By the end of 2021, Lacework saw a 3.5X year-over-year increase in new customers
Employees: More than 1,000 (up from 200 in January 2021)
Lacework offers a cloud security platform that excels at collecting, processing and normalizing data across cloud environments — and then deriving insights for customers, Lacework co-CEO Jay Parikh said. “We fundamentally bring a different approach,” Parikh said. “And we can innovate faster and we can provide a much more comprehensive, end-to-end approach.”
Central to Lacework’s technology is the Polygraph Data Platform, which collects and correlates data in cloud environments, detects potential security issues and prioritizes the biggest threats for response. Key capabilities include anomaly detection powered by machine learning, as well as deep visibility across cloud and container workloads.
Notably, Lacework brings the ability to both scan for vulnerabilities and also show in production where the flaws might be exploited, Parikh said.
“Some companies can just do the scanning, but they can’t do the production analysis,” he said. “We can do both, and it’s all on the same platform.”
Valuation: $6 billion (October 2021)
Customers: Total number not disclosed; “more than 20% of the Fortune 500”
Employees: More than 200
Wiz offers a cloud security product that unifies a number of different capabilities, deploys quickly, provides broad visibility and enables customers to prioritize threats, according to two of the startup’s founders, CEO Assaf Rappaport and vice president of product Yinon Costica.
The product’s agentless approach helps enable the rapid deployment, the founders said. “Literally you can finish a Wiz deployment in a week, even in the largest enterprises,” Costica said.
Wiz works by implementing a security graph, allowing for the correlation of the many different signals in cloud environments — prioritizing the risks “very effectively across even the largest environments,” he said. The product “changes dramatically the way organizations are able to gain visibility to cloud environments,” Costica said.
“I think these two components — the ability to prioritize effectively and to deploy really easily — are making the difference for customers, versus what they have today,” he said.
Valuation: $4.3 billion (July 2021)
Customers: 2,700 (up from 1,500 a year ago)
Employees: 1,500 (up from 650 a year ago)
With Arctic Wolf’s security operations platform — which offers a full gamut of security solutions, paired with the ability to ingest security data from a customer’s existing tools — the company has the potential to “unify the cybersecurity market wholesale,” CEO Nick Schneider said.
The platform includes 24/7 monitoring of endpoints, networks and clouds; detection of threats; and response and recovery if a cyberattack occurs. The MDR service is provided by a concierge security team that serves to eradicate false positives and alert fatigue.
Arctic Wolf’s MDR is complemented by digital risk management (tailored to each individual customer); managed security awareness (providing security training, phishing tests and coaching to employees); and cloud detection and response (to help with improving cloud security posture).
While a number of other security vendors offer some of these solutions, “that combination of modules, or that combination of outcomes sitting on top of the platform — we’re really the only vendor that does that,” Schneider said. “And from a customer’s perspective, what that means is they get a unified experience across those different areas of their business — detection, risk, cloud, security awareness and training.”
Valuation: $2.75 billion (June 2021)
Customers: Total number not disclosed; company has added more than 140 customers in the past year
Employees: 519 (up from 384 a year ago)
Illumio offers zero-trust segmentation solutions for both datacenter and cloud environments, which enable isolation of attackers post-breach.
With the Illumio zero-trust segmentation solution, a customer’s cloud and datacenter environments can be broken down into different segments — all the way down to the level of workload — which can each be locked down with their own security controls.
Illumio stands out as “the only standalone zero-trust segmentation company,” said cofounder and CEO Andrew Rubin. “We started the company to solve this problem. We’ve built our technology specifically to address it. And at some of our largest customers, we address it at massive global scale.”
Ultimately, “we are focused on only solving this problem,” Rubin said. “And we believe that that has allowed us to build a better platform and a more scalable platform.”
Valuation: $2.5 billion (December 2021)
Customers: 700 at the end of 2021 (roughly doubled year-over-year)
Employees: Nearly 600 (up from roughly 250 a year ago)
Container and cloud security vendor Sysdig offers a security platform that offers deeper visibility and better prioritization of threats than other vendors, CEO Suresh Vasudevan said.
The platform’s “open source foundation” — it’s built on top of two open-source threat detection projects — has also continued to help set the company apart, Vasudevan said.
Sysdig’s platform offers capabilities spanning cloud-native application development security; detection and response for runtime threats; and management of configurations and permissions.
“The fact that we’ve built an end-to-end platform allows us to have a much better sense of how to prioritize, what to focus on, and how to remediate issues at the source — at the time when you’re building your software rather than much later when you’re deployed in production,” Vasudevan said.
Valuation: $1.8 billion (October 2021)
Customers: “Hundreds of customers” (up 400% year-over-year)
Employees: 307 (up from 71 a year ago)
Orca Security offers a cloud protection platform that unites a number of different tools and doesn’t require an agent, simplifying and expediting the deployment of the platform.
The biggest value for customers is “having one platform that leverages data from the entire stack to prioritize risk,” CEO and cofounder Avi Shua said. In that way, Orca is able to surface not just the underlying security issue, but also its business impact, Shua said.
Using Orca’s “SideScanning” technology that collects data from cloud environments, the platform provides full visibility of cloud environments and connects the dots in security alert data to enable risk prioritization, Shua said.
Key capabilities include solutions for managing cloud vulnerabilities; spotting misconfigurations in cloud accounts and workloads; and detecting malware and lateral movement in cloud environments.
Valuation: $1.1 billion (February 2022)
Customers: Total number not disclosed; customer base grew 640% in 2021, year-over-year
Employees: 185 (up from 118 a year ago)
Beyond Identity has developed a solution for multifactor authentication (MFA) that’s focused on “cutting out the friction — making it truly invisible to a user, or to a company, that they’ve turned on MFA,” said cofounder and CEO Tom “TJ” Jermoluk.
A key element is that the MFA solution is passwordless, accomplished through cryptographically embedding a user’s identities into their devices. “Our users don’t have to look at a one-time code or a push notification, or any of that,” Jermoluk said. When a user opens an application on their PC or smartphone, using the company’s system, the user can be automatically logged in without needing to enter any information.
Beyond Identity also provides a zero trust “risk engine” that ensures only valid users can authenticate, Jermoluk said — which “allows us to have this visibility that nobody else can get” in an identity security solution. Among the goals for Beyond Identity, he said, is “to have this platform be adopted as the de facto zero trust platform.”
Ultimately, Beyond Identity brings the opportunity to “solve so many of the different problems that have existed [in security] with one platform,” Jermoluk said.
Valuation: “Substantially more than $1 billion” (February 2022)
Customers: More than 700 at the end of 2021 (up 80% year-over-year)
Employees: Nearly 600 (almost doubled from a year ago)
BlueVoyant provides both internal security and external cyber risk management for customers. The company’s managed detection and response (MDR) offering stands out with capabilities for analyzing massive amounts of data as part of its threat detection, according to BlueVoyant cofounder and CEO Jim Rosenthal.
And when it comes to external cyber risk management, what BlueVoyant offers is one-of-a-kind, Rosenthal said. “We do supply chain defense, as opposed to supply chain risk scoring,” he said.
BlueVoyant looks at every participant in a customer’s supply chain, and identifies any externally detectable, severe vulnerabilities that an attacker would see. The company then interacts with the supplier to make sure that the issues are remedied — solving the problem on the customer’s behalf, Rosenthal said.
As of right now, when it comes to supply chain defense of this type, “no one else does it,” Rosenthal said. “And it is what the world needs — if you want to prevent attackers from either disrupting your operations, or disrupting the supply chain, or moving upstream in an operation to the enterprise itself.”
Valuation: “In excess of $1 billion” (March 2021)
Customers: More than 450 (up from 400 a year ago)
Employees: 530 (up from 300 a year ago)
Aqua Security offers a cloud-native application protection platform that spans the app development lifecycle, with capabilities for securing the build, infrastructure and workload/runtime. The company acquired a startup in December, Argon, that adds a solution for securing the software supply chain to the platform, as well.
When it comes to securing cloud-native technologies such as containers and microservices, there is now “a clear realization in the market that [companies’] existing security solutions do not apply for this new stack,” said cofounder and CEO Dror Davidoff.
Aqua’s various modules are offered individually, but are also integrated in order to “connect the dots” and provide a full security picture for a customer’s cloud-native stack, Davidoff said. The company has been investing heavily to “create a lot of complementary value between the different modules — and really turn it into one solution,” he said.
Ultimately, “I can say very comfortably that we’re the one that’s really looking at the complete lifecycle — from your software supply chain all the way to your production, and having all the [solutions] along the way,” Davidoff said.