Key Security News and the Growing Importance of LLM Security

•

Lots of key security news dropped this week. Funny most coincided with my convos w/ security investors in SF. Signal of more M&A ahead? A quick recap of the key news from the week (Mostly on 4 themes): • Developer & App security • Security for AI/LLMs • $MSFT sec • Data sec

Security for LLMs is becoming a big topic One of the best frameworks I've seen is we need AI security solutions that protect: 1. Customer-facing apps 2. Internal apps 3. Self-hosted LLMs 4. 3rd party OSS This security mrket could be HUGE! See more below boringappsec.substack.com/p/edition-21-a-framework-to-securely

Protect AI (and another Hidden Layer) appear to be leading this market on the early private markets. Protect AI just raised $35M on little to no-revenue around ML detection & response. Time will tell if they win, but this market is getting competitive! techcrunch.com/2023/07/26/protect-ai-raises-35m-to-build-a-suite-of-ai-defending-tools/

The big question I've been having with investors is differentiating between these two categories: 1. Security for AI 2. AI for Security There's a big difference between the maturity curves. IMHO, I believe startups are best positioned to win #1 meanwhile, incumbents win #2.

$MSFT dropped earnings this week: - They now have 1+ million custs. on MSFT security (26% YoY) - 60% of custs. use 4+ security products - Their identity product has 610M Users (on 720K orgs) - Security Co-pilot, GA release this fall! See my piece on MSFT investianalystnewsletter.substack.com/p/microsofts-20b-cybersecurity-behemoth

In the world of Dev security, $CRWD is close to completing a deal for Bionic. Bionic will likely complement its cloud security & observability modules when apps get deployed on the cloud. Interesting to see $CRWD get active in the developer market - hm? techcrunch.com/2023/07/26/crowdstrike-bionic-ai/

Within a similar dev sec market, Thales, a data security co., has acquired Imperva to allow them enter the application security mrket. Imperva was acquired for $3.6B! (roughly 6.1x fwd revenue) - bottoms-in? Add in $DDOG in this mrket, App Sec is ridiculously competitive nw!

Data security is another market heating up! SentinelOne launched its cloud data sec. suite. Its bundled to help protect customers against malware on Amazon's S3 object storage. It closely resembles their CSPM product. As data & LLMs become more important, data sec shows promise

OneTrust, another data sec & privacy company announced they raised. OT focuses more on privacy & gov't compliance use cases but already covers some areas of data sec. This market appears to be big w/ many sub-sectors, but its equally fragmented. prnewswire.com/news-releases/onetrust-secures-150m-investment-led-by-generation-investment-management-301883935.html

What's funny is that I've been speaking to some of the leading investors in security all week and in real-time, these deals are manifesting - both late stage + early stage mrkts I won't be surprised to more deals happen in AppSec, Software supply chain, data sec and AI security.

All these developments happened within one week. As CISOs demand for consolidation, large cos need to move into these new markets quickly & *some* security startup val. are cheap. This signals to me that in H2 2023, we'll likely see more security acquisitions. Cheers to more!

If interested - we'll be discussing these security trends and acquisitions in our bootcamp! @BreakingSaaS and I are hosting our 2nd Cybersecurity & SaaS bootcamp where we break down the security industry. Our biggest discount of 40% off ends July 31st! maven.com/saas101live/saasbootcamp

I'm open to your thoughts on what types of security acquisitions we could see next in this market!