As our world rapidly moves online, cybersecurity — the business of protecting that online world from nefarious activity — is becoming a major industry. The global cybersecurity market is on track to be worth more than $165 billion this year, and is expected to more than double by 2028. Of course, this means investors are eager to put their weight behind the industry’s leading companies.
Here in Boston, three such companies announced nine-digit funding rounds on Wednesday, amounting to a whopping $535 million combined.
At the head of the pack is Snyk, an application security startup that helps identify vulnerabilities in the development stage. It raised a $300 million Series E co-led by Accel and Tiger Group. Then there’s Aqua Security, a startup that focuses on securing cloud-native services, which raised a $135 million Series E led by ION Crossover Partners. Finally, cyber insurance provider Corvus raised a $100 million Series C led by Insight Partners.
Although each of these startups focuses on a different area of cybersecurity, they all have one common goal: to ensure that our increasingly digital world remains secure.
Secure From the Start
Today, nearly half of security breaches are due to vulnerabilities in a company’s web applications. This means ensuring a platform’s security needs to start in the development stages, before it is deployed.
This is where Snyk comes in. The software security company has created a suite of tools designed to spot and correct vulnerabilities at the developer level, helping to ensure the software meets specific security standards as it evolves from source code to production. The idea is to bring security to the forefront of developers’ minds as they build a product.
Snyk has experienced massive growth lately. It reached a $1 billion valuation at the beginning of 2020, then doubled its valuation 10 months later after a $200 million Series D. This latest funding round brings Snyk’s valuation to $4.7 billion, which means the six-year-old company has quadrupled its value in just over a year.
“Our relentless focus on the experience of the 2.2 million developers building applications of all kinds securely with Snyk has resulted in our success to date, and we believe there is an exponential, generational opportunity still in front of us,” CEO Peter McKay said in a statement. “This latest investment allows us to accelerate our growth at every level — doubling down on our successful product led growth strategy, adding to our customer roster, recruiting talent to our team worldwide and expanding geographically.”
Snyk recently added industry leaders Jeff Yoshimura, Erica Geil and Shaun McLagan to its leadership team as its new chief marketing and consumer experience officer, chief information officer, and vice president of sales, respectively. The company also added Snowflake CFO Michael Scarpelli and Accel partner Ping Li to its board of directors.
The company is also now hiring across the board, with more than a dozen open tech positions available now.
Securing Companies in the Cloud
Meanwhile, Aqua Security protects applications that have already been built, providing prevention, detection and response automation across a product’s entire lifecycle.
Founded in 2015, Aqua Security claims to be one of the first companies of its kind of focus on container deployments. Today, it remains hyper-focused on helping businesses secure their cloud-native, container-based and serverless infrastructure, allowing them to adopt Kubernetes and other cloud-based workloads in a secure way.
To date, the company has raised $265 million (including a $30 million Series D closed in May), and is now valued at $1 billion in light of this Series E. The money will be used to further develop the platform and expand into new markets.
Aqua Security says his latest funding round comes on the heels of a “stellar year,” in which the company achieved many milestones. For one, it doubled its number of paying customers, garnering business from major players in the federal, financial, energy, telecom and automotive sectors. The adoption of Aqua Security’s open-source tools more than doubled too, and its Trivy tool has been made the “default scanner” for companies like GitLab and Harbor Registry.
Aqua Security’s co-founder and CEO Dror Davidoff says he is proud of everything the company has accomplished in the last several years, and that he and his team have a “clear direction forward to provide the best platform for cloud-native security.”
“As attacks targeting cloud-native applications are now a fast-growing threat, we are here to empower our customers to protect their investment and secure their future in the cloud,” he continued in a statement.
Mitigating the Risk of Cybercrime
Indeed, while the cybersecurity industry has been growing, so too has the frequency of cyber attacks, especially amid the pandemic.
In fact, the Federal Bureau of Investigation reported last spring that the number of complaints to its cyber division is up to as many as 4,000 a day, a 400 percent increase from what it was seeing before the pandemic. Interpol also says it is seeing an “alarming rate of cyber attacks aimed at major corporations, governments and critical infrastructure.” And as more organizations turn to burgeoning tech like machine learning, artificial intelligence and 5G, these attacks are only going to get more sophisticated.
Corvus Insurance understands this, which is why it has developed a platform to better predict and prevent cybercrime-related loss. By using proprietary sets of data and machine learning, Corvus says it can analyze a given company’s IT and software infrastructure in as little as a minute, then evaluate, score and price policies for those that qualify. An average policy size with Corvus is $9,000 annually.
More broadly, this approach helps policyholders, brokers, underwriters and reinsurers incorporate data into the rapidly evolving commercial insurance market.
“At Corvus, we are employing the power of data to build insurance products that result in a safer world,” Corvus’ founder and CEO Phil Edmundson said in a statement. “During these times of unprecedented cyber attacks, we are arming brokers and their policyholders with the most intuitive tools and capabilities to mitigate risks for companies of all sizes.”
This Series C is the largest fundraising round of a cyber insurance company to date, according to Edmundson, and brings the company’s total valuation to $750 million. The money will be used to double down on its underwriting, product development and go-to-market strategies, and to further expand its platform. The company also plans to double its headcount, and has more than 60 open tech positions available now.
Like Corvus, the larger cyber insurance industry is growing quickly — projected to be worth about $20 billion in 2025 — and Corvus’ co-founder and chief product officer Mike Lloyd says the company is poised to dominate the industry going forward.
“Corvus is uniquely positioned to acquire a significant share of the commercial insurance market due to our software, data science playbooks, and team,” Lloyd said in a statement. “Our proven ability to extract actionable insights from novel data using AI and then apply those insights to improve underwriting, the broker/client experience, and loss prevention for our policyholders will enable us to continue to grow in a fast and scalable way across many product lines.”
