Snyk
Auto Added by WPeMatico
Auto Added by WPeMatico
Snyk, the Boston-based late-stage startup that is trying to help developers deliver more secure code, announced another mega-round today. This one was for $530 million, with $300 million in new money and $230 million in secondary funding, the latter of which is to help employees and early investors cash in some of their stock options.
The long list of investors includes an interesting mix of public investors, VC firms and strategics. Sands Capital Ventures and Tiger Global led the round, with participation from new investors Baillie Gifford, Koch Industries, Lone Pine Capital, T. Rowe Price and Whale Rock Capital Management. Existing investors also came along for the ride, including Accel, Addition, Alkeon, Atlassian Ventures, BlackRock, Boldstart Ventures, Canaan Partners, Coatue, Franklin Templeton, Geodesic Capital, Salesforce Ventures and Temasek.
This round brings the total raised in funding to $775 million, excluding secondary rounds, according to the company. With secondary rounds, it’s up to $1.3 billion, according to Crunchbase data. The company has been raising funds at a rapid clip (note that the last three rounds include the Snyk money plus secondary rounds):

While the company wouldn’t share specific revenue figures, it did say that ARR has grown 158% YoY; given the confidence of this list of investors and the valuation, it would suggest the company is making decent money.
Snyk CEO Peter McKay says that the additional money gives him flexibility to make some acquisitions if the right opportunity comes along, what companies often refer to as “inorganic” growth. “We do believe that a portion of this money will be for inorganic expansion. We’ve made three acquisitions at this point and all three have been very, very successful for us. So it’s definitely a muscle that we’ve been developing,” McKay told me.
The company started this year with 400 people and McKay says they expect to double that number by the end of this year. He says that when it comes to diversity, the work is never really done, but it’s something he is working hard at.
“We’ve been able to build a lot of good programs around the world to increase that diversity and our culture has always been inclusive by nature because we’re highly distributed.” He added, “I’m not by any means saying we’re even remotely close to where we want to be. So I want to make that clear. There’s a lot we still have to do,” he said.
McKay says that today’s investment gives him added flexibility to decide when to take the company public because whenever that happens it won’t have to be because they need another fundraising event. “This raise has allowed us to set up with strong, highly reputable public investors, and it gives us the financial resources to pick the timing. We are in control of when we do it and we will do it when it’s right,” he said.
Powered by WPeMatico
With more than 200,000 customers, a market cap of nearly $56 billion, and the recent acquisition of Segment for $3.2 billion, Twilio is a SaaS behemoth.
It’s hard to imagine companies like Twilio as anything but a giant. But everybody starts out small, and you can usually trace success back to key decisions made in the early days.
First, you need to have a product that developers can actually sign up for. This means ditching demos for real-time free trials or freemium tools.
For Twilio, a big differentiator was being one of the first technology-focused SaaS organizations that focused on empowering and building for the end user (which in their case is developers) with a self-service function. Another differentiator was, the executive team designed the organization to create tight feedback loops between sales and product with national roadshows, during which CEO Jeff Lawson frequently met with users.
Moreover, Twilio’s “secret sauce” per their S-1 is a developer-focused model and a strong belief in the future of software. They encourage developers to explore and innovate with Twilio’s flexible offering, which led to an incredible 155% net-dollar expansion rate at the time of the IPO.
Most importantly, Twilio put the product in the hands of teams before the sale happened, standing by to answer hard questions about how Twilio would fit into their infrastructure. This was pretty rare at the time — sales engineering resources aren’t cheap — and it was a strong differentiating factor. So much so that when the company went public, they were growing at 106% annually.
Twilio sells to developers at large enterprises by solving a problem that developers come up against regularly: Getting in touch with customers.
But as more successful public software companies emerge, it’s clear that Twilio’s secret sauce can and will be replicated.
Powered by WPeMatico
On Friday, former Tiger Global Management investor Lee Fixel registered plans for the second fund of his new investment firm, Addition, just four months after closing the first. According to a report on Friday by the Financial Times, the outfit spent last week finalizing the fundraising for the $1.4 billion fund, which Addition reportedly doesn’t plan to begin investing until next year.
But a source close to the firm now says the capital has not been raised. That’s perhaps good news for investors who were shut out of Addition’s $1.3 billion debut fund and who might be hoping to write a check this time around.
The mere fact that Fixel is back in the market already has tongues wagging about the dealmaker, one whose reluctance to talk on the record with media outlets seems only to add to his mystique. Forbes published a lengthy piece about Fixel this summer, in which Fixel seems to have provided just one public statement, confirming the close of Addition’s first fund and adding little else. “We are excited to partner with visionary entrepreneurs, and with our 15-year fund duration, we have the patience to support our portfolio companies on their journey to build impactful and enduring businesses,” it read.
According to Forbes, that first fund — which Fixel is actively putting to work right now — intends to invest one-third of its capital in early-stage startups and two-thirds in growth-stage opportunities.
Whether that includes some of the special purpose acquisition vehicles, or SPACs, that are coming together right and left, isn’t yet known, though one imagines these might appeal to Fixel, who has long seemed to be at the forefront of new trends impacting growth-stage companies in particular. (A growing number of SPACs is right now looking to transform into public companies some of the many hundreds of richly valued private companies in the world.)
Clearer is that Addition is wasting little time in writing some big checks. Among its announced deals is Inshorts, a seven-year-old, New Delhi, India-based popular news aggregation app that last week unveiled $35 million new funding led by Fixel.
The deal represents Addition’s first India-based bet, even while Fixel knows both the country and the startup well. He previously invested in Inshorts on behalf of Tiger; he’s also credited for snatching up a big stake in Flipkart on behalf of Tiger, a move that reportedly produced $3.5 billion in profits when Flipkart sold to Walmart.
Addition also led a $200 million round last month in Snyk, a five-year-old, London-based startup that helps companies securely use open-source code. The round valued the company at $2.6 billion — more than twice the valuation it was assigned when it raised its previous round 10 months ago.
And in August, Addition led a $110 million Series D round for Lyra Health, a five-year-old, Burlingame, California-based provider of mental health care benefits for employers that was founded by former Facebook CFO David Ebersman.
A smaller check went to Temporal, a year-old, Seattle-based startup that is building an open-source, stateful microservices orchestration platform. Last week, the company announced $18.75 million in Series A funding led by Sequoia Capital, but Addition also joined the round, having been an earlier investor in the company.
According to PitchBook data, Addition has made at least 17 investments altogether.
Fixel — whose bets while at Tiger include Peloton and Spotify — isn’t running Addition single-handedly, though according to Forbes, he is the single “key man” around which the firm revolves, as well as the biggest investor in Addition’s first fund.
He has also brought aboard at least three investment principals from Wall Street and a head of data science who worked formerly for Uber (per Forbes). Ward Breeze, a longtime attorney who worked formerly in the emerging companies practice of Gunderson Dettmer, is also working with Fixel at Addition.
(Correction: An earlier version of this story reported that Fixel’s newest fund was already raised, per the FT.)
Powered by WPeMatico
When we last reported on Snyk in January, eons ago in COVID time, the company announced $150 million investment on a valuation of over $1 billion. Today, barely nine months later, it announced another $200 million and its valuation has expanded to $2.6 billion.
The company is obviously drawing some serious investor attention, and even a pandemic is not diminishing that interest. Addition led today’s round, bringing the total raised to $450 million with $350 million coming this year alone.
Snyk has a unique approach to security, building it into the development process instead of offloading it to a separate security team. If you want to build a secure product, you need to think about it as you’re developing the product, and that’s what Snyk’s product set is designed to do — check for security as you’re committing your build to your git repository.
With an open-source product at the top of funnel to drive interest in the platform, CEO Peter McKay says the pandemic has only accelerated the appeal of the company. In fact, the startup’s annual recurring revenue (ARR) is growing at a remarkable 275% year over year.
McKay says even with the pandemic his company has been accelerating, adding 100 employees in the last 12 months to take advantage of the increasing revenue. “When others were kind of scaling back we invested and it worked out well because our business never slowed down. In fact, in a lot of the industries it really picked up,” he said.
That’s because as many other founders have pointed out, COVID is speeding up the rate at which many companies are moving to the cloud, and that’s working to Snyk’s favor. “We’ve just capitalized on this accelerated shift to the cloud and modern cloud-native applications,” he said.
The company currently has 375 employees, with plans to add 100 more in the next year. As it grows, McKay says that he is looking to build a diverse and inclusive culture, something he learned about as he moved through his career at VMware and Veeam.
He says one of the keys at Snyk is putting every employee through unconscious bias training to help limit bias in the hiring process, and the executive team has taken a pledge to make the company’s hiring practices more diverse. Still, he recognizes it takes work to achieve these goals, and it’s always easy for an experienced team to go back to the network instead of digging deeper for a more diverse candidate pool.
“I think we’ve put all the pieces in place to get there, but I think like a lot of companies, there’s still a long way to go,” he said. But he recognizes the sooner you embed diversity into the company culture, the better because it’s hard to go back after the fact and do it.
Addition founder Lee Fixel says he sees a company that’s accelerating rapidly and that’s why he was willing to pour in so big an investment. “Snyk’s impressive growth is a signal that the market is ready to embrace a change from traditional security and empower developers to tackle the new security risk that comes with a software-driven digital world,” he said in a statement.
Snyk was founded in 2015. The founders brought McKay on board for some experienced leadership in 2018 to help lead the company through its rapid growth. Prior to the $350 million in new money this year, the company raised $70 million in 2019.
Powered by WPeMatico
Snyk, the company that wants to help developers secure their code as part of the development process, announced a $150 million investment today. The company indicated the investment brings its valuation to more than $1 billion (although it did not share the exact figure).
Today’s round was led by Stripes, a New York City investment firm, with help from Coatue, Tiger Global, BoldStart,Trend Forward, Amity and Salesforce Ventures. The company reports it has now raised more than $250 million.
The idea behind Snyk is to fit security firmly in the development process. Rather than offloading it to a separate team, something that can slow down a continuous development environment, Snyk builds in security as part of the code commit.
The company offers an open-source tool that helps developers find open-source vulnerabilities when they commit their code to GitHub, Bitbucket, GitLab or any CI/CD tool. It has built up a community of more than 400,000 developers with this approach.
Snyk makes money with a container security product, and by making available to companies as a commercial product the underlying vulnerability database they use in the open-source product.
CEO Peter McKay, who came on board last year as the company was making a move to expand into the enterprise, says the open-source product drives the revenue-producing products and helped attract this kind of investment. “Getting to [today’s] funding round was the momentum in the open source model from the community to freemium to [land] and expand — and that’s where we are today,” he told TechCrunch.
He said the company wasn’t looking for this money, but investors came knocking and gave them a good offer, based on Snyk’s growing market momentum. “Investors said we want to take advantage of the market, and we want to make sure you can invest the way you want to invest and take advantage of what we all believe is this very large opportunity,” McKay said.
In fact, the company has been raising money at a rapid clip since it came out of the gate in 2016 with a $3 million seed round. A $7 million Series A and $22 million Series B followed in 2018, with a $70 million Series C last fall.
The company reports over 4X revenue growth in 2019 (without giving exact revenue figures), and some major customer wins, including the likes of Google, Intuit, Nordstrom and Salesforce. It’s worth noting that Salesforce thought enough of the company that it also invested in this round through its Salesforce Ventures investment arm.
Powered by WPeMatico
A growing number of IT breaches has led to security becoming a critical and central aspect of how computing systems are run and maintained. Today, a startup that focuses on one specific area — developing security tools aimed at developers and the work they do — has closed a major funding round that underscores the growth of that area.
Snyk — a London and Boston-based company that got its start identifying and developing security solutions for developers working on open-source code — is today announcing that it has raised $70 million, funding that it will be using to continue expanding its capabilities and overall business. For example, the company has more recently expanded to building security solutions to help developers identify and fix vulnerabilities around containers, an increasingly standard unit of software used to package up and run code across different computing environments.
Open source — Snyk works as an integration into existing developer workflows, compatible with the likes of GitHub, Bitbucket and GitLab, as well as CI/CD pipelines — was an easy target to hit. It’s used in 95% of all enterprises, with up to 77% of open-source components liable to have vulnerabilities, by Snyk’s estimates. Containers are a different issue.
“The security concerns around containers are almost more about ownership than technology,” Guy Podjarny, the president who co-founded the company with Assaf Hefetz and Danny Grander, explained in an interview. “They are in a twilight zone between infrastructure and code. They look like virtual machines and suffer many of same concerns such as being unpatched or having permissions that are too permissive.”
While containers are present in fewer than 30% of computing environments today, their growth is on the rise, according to Gartner, which forecasts that by 2022, more than 75% of global organizations will run containerized applications. Snyk estimates that a full 44% of Docker image scans (Docker being one of the major container vendors) have known vulnerabilities.
This latest round is being led by Accel with participation from existing investors GV and Boldstart Ventures. These three, along with a fourth investor (Heavybit) also put $22 million into the company as recently as September 2018. That round was made at a valuation of $100 million, and from what we understand from a source close to the startup, it’s now in the “range” of $500 million.
“Accel has a long history in the security market and we believe Snyk is bringing a truly unique, developer-first approach to security in the enterprise,” said Matt Weigand of Accel said in a statement. “The strength of Snyk’s customer base, rapidly growing free user community, leadership team and innovative product development prove the company is ready for this next exciting phase of growth and execution.”
Indeed, the company has hit some big milestones in the last year that could explain that hike. It now has some 300,000 developers using it around the globe, with its customer base growing some 200% this year and including the likes of Google, Microsoft, Salesforce and ASOS (side note: you know that if developers at developer-centric places themselves working at the vanguard of computing, like Google and Microsoft, are using your product, that is a good sign). Notably, that has largely come by word of mouth — inbound interest.
The company in July of this year took on a new CEO, Peter McKay, who replaced Podjarny. McKay was the company’s first investor and has a track record in helping to grow large enterprise security businesses, a sign of the trajectory that Snyk is hoping to follow.
“Today, every business, from manufacturing to retail and finance, is becoming a software business,” said McKay. “There is an immediate and fast growing need for software security solutions that scale at the same pace as software development. This investment helps us continue to bring Snyk’s product-led and developer-focused solutions to more companies across the globe, helping them stay secure as they embrace digital innovation – without slowing down.”
Powered by WPeMatico
Open source software is now a $14 billion+ market and growing fast, in use in one way or another in 95 percent of all enterprises. But that expansion comes with a shadow: open source components can come with vulnerabilities, and so their widespread use in apps becomes a liability to a company’s cybersecurity.
Now, a startup out of the UK called Snyk, which has built a way to detect when those apps or components are compromised, is announcing a $22 million round of funding to meet the demand from enterprises wanting to tackle the issue head on.
Led by Accel, with participation from GV plus previous investors Boldstart Ventures and Heavybit, this Series B notably is the second round raised by Snyk within seven months — it raised a $7 million Series A in March. That’s a measure of how the company is growing (and how enthusiastic investors are about what it has built so far). The startup is not disclosing its valuation but a source close to the deal says it is around $100 million now (it’s raised about $33 million to date).
As another measure of Snyk’s growth, the company says it now has over 200 paying customers and 150,000 users, with revenues growing five-fold in the last nine months. In March, it had 130 paying customers.
(Current clients include ASOS, Digital Ocean, New Relic and Skyscanner, the company said.)
Snyk plays squarely in the middle of how the landscape for enterprise services exists today. It provides options for organisations to use it on-premises, via the cloud, or in a hybrid version of the two, with a range of paid and free tiers to get users acquainted with the service.
Guy Podjarny, the company’s CEO who co-founded Snyk with Assaf Hefetz and Danny Grander, explained that Snyk works in two parts. First, the startup has built a threat intelligence system “that listens to open source activity.” Tapping into open-conversation platforms — for example, GitHub commits and forum chatter — Snyk uses machine learning to detect potential mentions of vulnerabilities. It then funnels these to a team of human analysts, “who verify and curate the real ones in our vulnerability DB.”
Second, the company analyses source code repositories — including, again, GitHub as well as BitBucket — “to understand which open source components each one uses, flag the ones that are vulnerable, and then auto-fix them by proposing the right dependency version to use and through patches our security team builds.”
Open source components don’t have more vulnerabilities than closed source ones, he added, “but their heavy reuse makes those vulnerabilities more impactful.” Components can be used in thousands of applications, and by Snyk’s estimation, some 77 percent of those applications will end up with components that have security vulnerabilities. “As a result, the chances of an organisation being breached through a vulnerable open source component are far greater than a security flaw purely in their code.”
Podjarny says the plan is not to tackle proprietary code longer term but to expand how it can monitor apps built on open source.
“Our focus is on two fronts – building security tools developers love, and fixing open source security,” he said. “We believe the risk from insecure use of open source code is far greater than that of your own code, and is poorly addressed in the industry. We do intend to expand our protection from fixing known vulnerabilities in open source components to monitoring and securing them in runtime, flagging and containing malicious and compromised components.”
While this is a relatively new area for security teams to monitor and address, he added that the Equifax breach highlighted what might happen in the worst-case scenario if such issues go undetected. Snyk is not the only company that has identified the gap in the market. Black Duck focuses on flagging non-compliant open source licences, and offers some security features as well.
However, it is Snyk — whose name derives from a play on the word “sneak”, combined with the acronym meaning “so now you know” — that seems to be catching the most attention at the moment.
“Some of the largest data breaches in recent years were the result of unfixed vulnerabilities in open source dependencies; as a result, we’ve seen the adoption of tools to monitor and remediate such vulnerabilities grow exponentially,” said Philippe Botteri, partner at Accel, who is joining the board with this round. “We’ve also seen the ownership of application security shifting towards developers. We feel that Snyk is uniquely positioned in the market given the team’s deep security domain knowledge and developer-centric mindset, and are thrilled to join them on this mission of bringing security tools to developers.”
Powered by WPeMatico