Lacework lands $1.3B to expand its cloud cybersecurity platform
Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more
Lacework, a developer of automated containerized workload defense and compliance solutions, today announced that it closed a $1.3 billion funding round, valuing the company at over $8.3 billion post money. Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, and Tiger Global Management led the round with participation from Franklin Templeton, Counterpoint Global (Morgan Stanley), Durable Capital, General Catalyst, XN, Coatue, Dragoneer, Liberty Global, and Snowflake Ventures. Co-CEOs David Hatfield and Jay Parikh said the funding will support Lacework’s product development efforts as the company expands its engineering and R&D initiatives.
As the pandemic prompts companies to move their operations online, many — if not most — face increasing cybersecurity challenges. According to an IDC report, 98% companies surveyed in H1 2021 experienced at least one cloud data breach in the past 18 months. At the same time, 31% of respondents said they’re spending more than $50 million per year on cloud infrastructure, opening them up to additional attacks if their cloud environments aren’t configured correctly. In its 2021 Cloud Security Study, Thales found that only 17% of companies encrypt more than 50% of sensitive data that they host on cloud environments — despite the surge in ransomware attacks.
Lacework, which was founded in 2015 by Mike Speiser, Sanjay Kalra, and Vikram Kapoor, aims to close security gaps across DevOps and cloud environments by identifying threats targeting cloud servers, containers, and accounts. Its agent provides visibility into running processes and apps, using AI to detect anomalous behavior. Concurrently, the agent monitors for suspicious activities like unauthorized API calls and the use of management consoles and admin accounts, limiting access to vulnerable ports and enforcing “least access” privileges.
Kalra previously worked at Cisco as a senior product manager. Kapoor spent six years in various roles at Oracle, overseeing work on the data layer and storage side of the business. Speiser, a managing director at Sutter Hill Ventures, was a founding investor in Lacework and remains an active member of the board.
“Kapoor and Kalra founded Lacework with the goal of taking a data-driven approach to cloud security. We view security as a data problem and our platform is uniquely suited to solve that problem,” Parikh told VentureBeat via email. “Traditional security solutions force companies to amass a patchwork of point solutions and then manually tell them what to watch for, resulting in an inefficient and ineffective security process. At Lacework, we use data to uncover security risks and threats.”
Parikh describes Lacework’s platform — which is built on top of Snowflake — as “data-driven.” By collecting and correlating data across an organization’s public and private clouds, including Amazon Web Services, Microsoft Azure, and Google Cloud Platform instances, Lacework attempts to identify security events “that matter,” logging incidents to create a baseline against which future events can be measured.
“We believe our solution is uniquely suited to solve the data as a security problem. Our approach to security — as a data problem — is unique,” Parikh said. “[Lacework] uses unsupervised or autonomous machine learning, behavioral analytics, and anomaly detection to uncover unknown threats, misconfigurations, known bads, and outliers across [environments.] The platform automatically learns activities and behaviors that are unique to each of our customer’s environment, creates a baseline, and surfaces unexpected changes so they can uncover potential issues and threats before they become significant problems.”
Lacework offers continuous host vulnerability monitoring, preflight checks, and continuous integration and deployment automation workflows designed to expedite threat investigation. More recently, the company made available tools from Soluble, a platform it acquired that finds and fixes misconfigurations in infrastructure as code to automate testing and policy management. (Infrastructure as code, often shortened to “IaC,” enables developers to write code to deploy and manage hardware infrastructure.)
In a boon for Lacework, the cybersecurity industry shows no sign of slowing. Cybersecurity Ventures — which noted that the cybersecurity market grew by roughly 35 times from 2004 to 2017 — recently predicted that global spending on cybersecurity products and services will exceed $1 trillion cumulatively over the five-year period from 2017 to 2021. During roughly the first half of 2021 alone, venture capitalists (VCs) poured $11.5 billion into cybersecurity startups as supply chain attacks and breaches ramped up. That easily surpassed the $7.8 billion total VCs pledged in all of 2020.
Over the past few months, Lacework — which claims to have “hundreds” of customers — has substantially expanded geographically as it places a concerted effort on marketing and customer acquisition. In October, it entered the Australian and New Zealand market, establishing an office in Sydney as a launchpad for further growth across Asia Pacific. And earlier in the year, Lacework announced it would make “significant investments” in building out Europe, Middle East, and Asia operations, including a European headquarters in Dublin, Ireland; regional offices in the U.K., France, and Germany; and an Amazon Web Services datacenter in Frankfurt, Germany.
“We are experiencing tremendous growth with no signs of slowing down. Our revenue continues to grow along with our customer base and employee base,” Parikh added. “We plan to use this funding to extend our lead in the cloud security market by fueling product innovation that expands the company’s total addressable market and pursuing additional strategic acquisitions, like the recently announced Soluble transaction … We’ll also scale go-to-market strategies, growing our workforce and presence globally to better serve our customers.”
To date, Lacework — which has more than 700 employees — has raised more than $1.85 billion in total capital. The company claims its latest funding round is the largest in security industry history.
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more
Source: Read Full Article