Snyk bags another $200M at $2.6B valuation 9 months after last raise

When we last reported on Snyk in January, eons ago in COVID time, the company announced $150 million investment on a valuation of over $1 billion. Today, barely nine months later, it announced another $200 million and its valuation has expanded to $2.6 billion.

The company is obviously drawing some serious investor attention and even a pandemic is not diminishing that interest. Addition led today’s round, bringing the total raised to $450 million with $350 million coming this year alone.

Snyk has a unique approach to security, building it into the development process instead of offloading it to a separate security team. If you want to build a secure product, you need to think about it as you’re developing the product and that’s what Snyk’s product set is designed to do — check for security as you’re committing your build to your git repository.

With an open source product at the top of funnel to drive interest in the platform, CEO Peter McKay says the pandemic has only accelerated the appeal of the company. In fact, the startup’s annual recurring revenue (ARR) is growing at a remarkable 275% year over year.

McKay says, even with the pandemic, his company has been accelerating adding 100 employees in the last 12 months to take advantage of the increasing revenue. “When others were kind of scaling back we invested and it worked out well because our business never slowed down. In fact, in a lot of the industries it really picked up,” he said.

That’s because as many other founders have pointed out, COVID is speeding up the rate at which many companies are moving to the cloud, and that’s working Snyk’s favor. “We’ve just capitalized on this accelerated shift to the cloud and modern cloud native applications,” he said.

The company currently has 375 employees with plans to add 100 more in the next year. As it grows, McKay says that he is looking to build a diverse and inclusive culture, something he learned about as he moved through his career at VMware and Veeam.

He says one of the keys at Snyk is putting every employee through unconscious bias training to help limit bias in the hiring process, and the executive team has taken a pledge to make the company’s hiring practices more diverse. Still, he recognizes it takes work to achieve these goals, and it’s always easy for an experienced team to go back to the network instead of digging deeper for a more diverse candidate pool.

“I think we’ve put all the pieces in place to get there, but I think like a lot of companies, there’s still a long way to go,” he said. But he recognizes the sooner you embed diversity into the company culture, the better because it’s hard to go back after the fact and do it.

Addition founder Lee Fixel says he sees a company that’s accelerating rapidly and that’s why he was willing to pour in so big an investment. “Snyk’s impressive growth is a signal that the market is ready to embrace a change from traditional security and empower developers to tackle the new security risk that comes with a software-driven digital world,” he said in a statement.

Snyk was founded in 2015. The founders brought McKay on board for some experienced leadership in 2018 to help lead the company through its rapid growth. Prior to the $350 million in new money this year, the company raised $70 million in 2019.


By Ron Miller

VMware to acquire Kubernetes security startup Octarine and fold it into Carbon Black

VMware announced today that it intends to buy early-stage Kubernetes security startup, Octarine and fold it into Carbon Black, a security company it bought last year for $2.1 billion. The company did not reveal the price of today’s acquisition.

According to a blog post announcing the deal from Patrick Morley, general manager and senior vice president at VMware’s Security Business Unit, Octarine should fit in with what Carbon Black calls its “intrinsic security strategy” — that is, protecting content and applications wherever they live. In the case of Octarine, it’s cloud native containers in Kubernetes environments.

“Acquiring Octarine enables us to advance intrinsic security for containers (and Kubernetes environments), by embedding the Octarine technology into the VMware Carbon Black Cloud, and via deep hooks and integrations with the VMware Tanzu platform,” Morley wrote in a blog post.

This also fits in with VMware’s Kubernetes strategy, having purchased Heptio, an early Kuberentes company started by Craig McLuckie and Joe Beda, two folks who helped develop Kubernets while at Google before starting their own company,

We covered Octarine last year when it released a couple of open source tools to help companies define the Kubernetes security parameters. As we quoted head of product Julien Sobrier at the time:

“Kubernetes gives a lot of flexibility and a lot of power to developers. There are over 30 security settings, and understanding how they interact with each other, which settings make security worse, which make it better, and the impact of each selection is not something that’s easy to measure or explain.”

As for the startup, it now gets folded into VMware’s security business. While the CEO tried to put a happy face on the acquisition in a blog post, it seems its days as an independent entity are over. “VMware’s commitment to cloud native computing and intrinsic security, which have been demonstrated by its product announcements and by recent acquisitions, makes it an ideal home for Octarine,” the company CEO Shemer Schwarz wrote in the post.

Octarine was founded in 2017 and has raised $9 million, according to Pitchbook data.


By Ron Miller

Takeaways from KubeCon; the latest on Kubernetes and cloud native development

Extra Crunch offers members the opportunity to tune into conference calls led and moderated by the TechCrunch writers you read every day. This week, TechCrunch’s Frederic Lardinois and Ron Miller discuss major announcements that came out of the Linux Foundation’s European KubeCon/CloudNativeCon conference and discuss the future of Kubernetes and cloud-native technologies.

Nearly doubling in size year-over-year, this year’s KubeCon conference brought big news and big players, with major announcements coming from some of the world’s largest software vendors including Google, AWS, Microsoft, Red Hat, and more. Frederic and Ron discuss how the Kubernetes project grew to such significant scale and which new initiatives in cloud-native development show the most promise from both a developer and enterprise perspective.

“This ecosystem starts sprawling, and we’ve got everything from security companies to service mesh companies to storage companies. Everybody is here. The whole hall is full of them. Sometimes it’s hard to distinguish between them because there are so many competing start-ups at this point.

I’m pretty sure we’re going to see a consolidation in the next six months or so where some of the bigger players, maybe Oracle, maybe VMware, will start buying some of these smaller companies. And I’m sure the show floor will look quite different about a year from now. All the big guys are here because they’re all trying to figure out what’s next.”

Frederic and Ron also dive deeper into the startup ecosystem rapidly developing around Kubernetes and other cloud-native technologies and offer their take on what areas of opportunity may prove to be most promising for new startups and founders down the road.

For access to the full transcription and the call audio, and for the opportunity to participate in future conference calls, become a member of Extra Crunch. Learn more and try it for free. 


By Arman Tabatabai

Harness hauls in $60M Series B investment on $500M valuation

Series B rounds used to be about establishing a product-market fit, but for some startups the whole process seems to be accelerating. Harness, the startup founded by AppDynamics co-founder and CEO Jyoti Bansal is one of those companies that is putting the pedal the metal with his second startup, taking his learnings and a $60 million round to build the company much more quickly.

Harness already has an eye-popping half billion dollar valuation. It’s not terribly often I hear valuations in a Series B discussion. More typically CEOs want to talk growth rates, but Bansal volunteered the information, excited by the startup’s rapid development.

The round was led by IVP, GV (formerly Google Ventures) and ServiceNow Ventures. Existing investors Big Labs, Menlo Ventures and Unusual Ventures also participated. Today’s investment brings the total raised to $80 million, according to Crunchbase data.

Bansal obviously made a fair bit of money when he sold AppDynamics to Cisco in 2017 for $3.7 billion and he could have rested after his great success. Instead he turned his attention almost immediately to a new challenge, helping companies move to a new continuous delivery model more rapidly by offering Continuous Delivery as a Service.

As companies move to containers and the cloud, they face challenges implementing new software delivery models. As is often the case, large web scale companies like Facebook, Google and Netflix have the resources to deliver these kinds of solutions quickly, but it’s much more difficult for most other companies.

Bansal saw an opportunity here to package continuous delivery approaches as a service. “Our approach in the market is Continuous Delivery as a Service, and instead of you trying to engineer this, you get this platform that can solve this problem and bring you the best tooling that a Google or Facebook or Netflix would have,” Basal explained.

The approach has gained traction quickly. The company has grown from 25 employees at launch in 2017 to 100 today. It boasts 50 enterprise customers including Home Depot, Santander Bank and McAfee.

He says that the continuous delivery piece could just be a starting point, and the money from the round will be plowed back into engineering efforts to expand the platform and solve other problems DevOps teams face with a modern software delivery approach.

Bansal admits that it’s unusual to have this kind of traction this early, and he says that his growth is much faster than it was at AppDynamics at the same stage, but he believes the opportunity here is huge as companies look for more efficient ways to deliver software. “I’m a little bit surprised. I thought this was a big problem when I started, but it’s an even bigger problem than I thought and how much pain was out there and how ready the market was to look at a very different way of solving this problem,” he said.


By Ron Miller

Container security startup Aqua lands $62M Series C

Aqua Security, a startup that helps customers launch containers securely, announced a $62 million Series C investment today led by Insight Partners.

Existing investors Lightspeed Venture Partners, M12 (Microsoft’s venture fund), TLV Partners and Shlomo Kramer also participated. With today’s investment, the startup’s investments since inception now total over $100 million, according to the company.

Early investors took a chance on the company when it was founded in 2015. Containers were barely a thing back then, but the founders had a vision of what was coming down the pike and their bet has paid off in a big way as the company now has first-mover advantage. As more companies turn to Kubernetes and containers, the need for a security product built from the ground up to secure this kind of environment is essential.

While co-founder and CEO Dror Davidoff says the company has 60 Fortune 500 customers, he’s unable to share names, but he can provide some clues like five of the world’s top banks. As companies like that turn to new technology like containers, they aren’t going to go whole hog without a solid security option. Aqua gives them that.

“Our customers are all taking very dramatic steps towards adoption of those new technologies, and they know that existing security tools that they have in place will not solve the problems,” Davidoff told TechCrunch. He said that most customers have started small, but then have expanded as container adoption increases.

You may thank that an ephemeral concept like a container would be less of a security threat, but Davidoff says that the open nature of containerization actually leaves them vulnerable to tampering. “Container lives long enough to be dangerous,” he said. He added, “They are structured in an open way, making it simple to hack, and once in, to do lateral movement. If the container holds sensitive info, it’s easy to have access to that information.”

Aqua scans container images for malware and makes sure only certified images can run, making it difficult for a bad actor to insert an insecure image, but the ephemeral nature of containers also helps if something slips through. DevOp can simply take down the faulty container and put a newly certified clean one quickly.

The company has 150 employees with offices in the Boston area and R&D in Tel Aviv in Israel. With the new influx of cash, the company plans to expand quickly, growing sales and marketing, customer support and expanding the platform into areas to cover emerging areas like serverless computing. Davidoff says the company could double in size in the next 12-18 months and he’s expecting 3x to 4x customer growth.

All of that money should provide fuel to grow the company as containerization spreads and companies look for a security solution to keep containers in production safe.


By Ron Miller

Blameless emerges from stealth with $20M investment to help companies transition to SRE

Site Reliable Engineering (SRE) is an extension of DevOps designed for more complex environments. The problem is that this type of approach is difficult to implement and has usually only been in reach of large companies, requiring custom software. Blameless, a Bay Area startup, wants to put it reach of everyone. It emerged from stealth today with an SRE platform for the masses and around $20 million in funding.

For starters, the company announced two rounds of funding with $3.6 million in seed money last April and a $16.5 million Series A investment more recently in January. Investors included Accel,  Lightspeed Venture Partners and others.

Company co-founder and CEO Ashar Rizqi knows first-hand just how difficult it is to implement an SRE system. He built custom systems for Box and Mulesoft before launching Blameless two years ago. He and his co-founder COO Lyon Wong saw a gap in the market where companies who wanted to implement SRE were being limited because of a lack of tooling and decided to build it themselves.

Rizqi says SRE changes the way you work and interact and Blameless gives structure to that change. “It changes the way you communicate, prioritize and work, but we’re adding data and metrics to support that shift” he said.

Screenshot: Blameless

As companies move to containers and continuous delivery models, it brings a level of complexity to managing the developers, who are working to maintain the delivery schedule, and operations, who must make sure the latest builds get out with a minimum of bugs. It’s not easy to manage, especially given the speed involved.

Over time, the bugs build up and the blame circulates around the DevOps team as they surface. The company name comes because their platform should remove blame from the equation by providing the tooling to get deeper visibility into all aspects of the delivery model.

At that point, companies can understand more clearly the kinds of compromises they need to make to get products out the door, rather than randomly building up this technical debt over time. This is exacerbated by the fact that companies are building their software from a variety of sources, whether open source or API services, and it’s hard to know the impact that external code is having on your product.

“Technical debt is accelerating as there is greater reliability on micro services. It’s a black box. You don’t own all the lines of code you are executing,” Rizqi explained. His company’s solution is designed to help with that problem.

The company currently has 23 employees and 20 customers including DigitalOcean and Home Depot.


By Ron Miller

Evolute debuts enterprise container migration and management platform

Evolute, a 3-year old startup out of Mountain View, officially launched the Evolute platform today with the goal of helping large organizations migrate applications to containers and manage those containers at scale.

Evolute founder and CEO Kristopher Francisco says he wants to give all Fortune 500 companies access to the same technology that big companies like Apple and Google enjoy because of their size and scale.

“We’re really focused on enabling enterprise companies to do two things really well. The first thing is to be able to systematically move into the container technology. And the second thing is to be able to run operationally at scale with existing and new applications that they’re creating in their enterprise environment,” Francisco explained.

While there are a number of sophisticated competing technologies out there, he says that his company has come up with some serious differentiators. For starters, getting legacy tech into containers has proven a time-consuming and challenging process. In fact, he says manually moving a legacy app and all its dependencies to a container has typically taken 3-6 months per application.

He claims his company has reduced that process to minutes, putting containerization within reach of just about any large organization that wants to move their existing applications to container technology, while reducing the total ramp-up time to convert a portfolio of existing applications from years to a couple of weeks.

Evolute management console. Screenshot: Evolute

The second part of the equation is managing the containers, and Francisco acknowledges that there are other platforms out there for running containers in production including Kubernetes, the open source container orchestration tool, but he says his company’s ability to manage containers at scale separates him from the pack.

“In the enterprise, the reason that you see the [containerization] adoption numbers being so low is partially because of the scale challenge they face. In the Evolute platform, we actually provide them the native networking, security and management capabilities to be able to run at scale,” he said.

The company also announced that it been invited to join the Chevron Technology Ventures’ Catalyst Program, which provides support for early stage companies like Evolute. This could help push Evolute to business units inside Chevron looking to move into containerization technology and be big boost for the startup.

The company has been around in since 2015 and boasts several other Fortune 500 companies beyond Chevron as customers, although it is not in a position to name them publicly just yet. The company has 5 full time employees and has raised $500,000 in seed money across two rounds, according to data on Crunchbase.


By Ron Miller