10 Cybersecurity Companies Making Moves: August 2023

We’re taking a look at security vendors that launched notable new products and partner programs, announced key executive hires or unveiled startup acquisitions in August.

Hot Market, Big Moves

For cybersecurity companies, last month signified two of the paradoxical themes of the moment: Even as many security vendors launch new products, unveil startup acquisitions and plot IPOs, others are scaling back. August saw a string of well-known cybersecurity companies cutting staff, most prominently with Rapid7’s disclosure that it will cut about 18 percent of its workforce, equalling layoffs for about 470 employees.

The month also saw an outbreak of clashes between major security vendors: Comments during CrowdStrike’s quarterly call prompted responses from top executives at both SentinelOne and BlackBerry, while SentinelOne was ensnared in further drama after three-year-old cloud security firm Wiz suggested it might want to acquire the publicly traded company.

Still, there was a lot more going on in the cybersecurity industry in August 2023, which kicked off with an avalanche of announcements in connection with the Black Hat 2023 conference.

A wide array of companies — from industry giants to startups — announced notable new cybersecurity products at Black Hat, while acquisitions announced in connection with the event included Rubrik’s deal to acquire Laminar. Later in the month, Google Cloud unveiled a number of new security capabilities at its Next 2023 conference. And throughout August, cybersecurity vendors announced key executive hires, new partner programs and significant funding rounds.

What follows are the biggest things to know about 10 cybersecurity companies making moves in August 2023.

Laminar CEO Amit Shaked

Rubrik Acquires Laminar

In August, Rubrik disclosed its acquisition of an up-and-coming startup in cloud data security, Laminar, to further extend the IPO-bound vendor’s data security platform. Laminar supports the three largest public clouds — AWS, Microsoft Azure and Google Cloud — as well as two leading cloud-based data warehouses, Snowflake and Google’s BigQuery. In late August, Laminar, now under the umbrella of Rubrik, announced the addition of support for Microsoft OneDrive and Google Drive.

Key data security capabilities for Laminar’s offering include posture management — used for enforcing policy and and protecting sensitive data — as well as access governance, threat monitoring and threat response.

The addition of Laminar’s technology to the Rubrik data security platform will “create the industry’s first complete cyber posture and cyber recovery offering of its kind,” Rubrik said in a news release.

Financial terms of the Laminar acquisition were not disclosed by Rubrik. A source close to the agreement put the value of the acquisition at more than $100 million, with the deal including both cash and stock. Rubrik reportedly beat out other potential acquirers that had been interested in the startup, including Datadog.

Endor Labs Raises $70M

On Aug. 3, code security startup Endor Labs announced a sizable Series A funding round at $70 million. The funding from investors including Lightspeed Venture Partners and Dell Technologies Capital came just 10 months after the startup emerged from stealth.

Endor Labs aims to provide enhanced security for the software supply chain, with a platform focused on enabling the secure use of open-source software, panning dependency selection, management and remediation of code security issues. Endor Labs was founded in 2021 by Varun Badhwar and Dimitri Stiliadis, former leaders of Palo Alto Networks’ Prisma Cloud division whose companies, RedLock and Aporeto, were acquired by the cybersecurity giant.

In March, Endor Labs launched a global partner program and said it’s making a “100 percent commitment” to working with channel partners to drive its business.

In August, the company was also named one of four finalists in the Black Hat USA 2023 startup spotlight competition.

CrowdStrike Launches Counter Adversary Operations

On Aug. 8, cybersecurity giant CrowdStrike announced the introduction of an expanded threat hunting service, Counter Adversary Operations. The unit combines the company’s Falcon OverWatch managed threat hunting service with its Falcon Intelligence offering, and ultimately “gives us the ability to really link together intelligence and hunting and action it much faster,” said Adam Meyers, head of Counter Adversary Operations at CrowdStrike. By bringing those two sides together, it enables CrowdStrike to “create a disruptive environment where we raise the cost for the adversary and make it difficult for them to operate,” Meyers told CRN.

The first new combined offering from CrowdStrike’s Counter Adversary Operations team is Identity Threat Hunting, the company announced. The service takes what CrowdStrike’s OverWatch team has been doing around threat hunting on endpoints, and brings that to identity-based threats — the first identity-focused threat hunting offering to date, according to Meyers. The service is “using the same intelligence and know-how that we have developed on the threat hunting side to go after identity-based threats,” he said. Key focus areas of the service will include preventing lateral movement and earlier detection of credentials that have been compromised, according to CrowdStrike.

Google Cloud Expands SecOps Capabilities

In late August, in connection with its Next 2023 conference, Google Cloud unveiled several new capabilities aimed at bringing improvements for security operations (SecOps) teams.

A new managed threat hunting service, Mandiant Hunt for Chronicle Security Operations, is now available in preview. The service provides threat hunting on Chronicle Security Operations data — integrating Mandiant’s “frontline intelligence and expertise with Google Cloud technology to proactively search for undetected attacks,” Google Cloud said in a post.

Meanwhile, Google Cloud also added new Duet AI features into three major security offerings — Chronicle Security Operations, Mandiant Threat Intelligence and Security Command Center, with the goal of driving further enhancements for SecOps teams. Duet AI in Chronicle Security Operations, for instance, “can help transform threat detection, investigation and response for cyber defenders by simplifying search, complex data analysis and threat detection engineering” — ultimately helping to “reduce toil and elevate the effectiveness of each defender,” Google Cloud said in a blog.

SentinelOne Unveils Ranger Insights

In August, SentinelOne expanded into the vulnerability management space with the debut of a new product for its Singularity Ranger network discovery offering. The tool, Singularity Ranger Insights, aims to offer a simplified way of prioritizing the most important software vulnerabilities that must be dealt with, according to Lana Knop, vice president of product management for endpoint and identity products at SentinelOne. Ranger Insights does this in part through putting vulnerabilities in the larger context of security issues and risks that a security analyst is assessing, using the same SentinelOne console and same software agent that is used to enable other key security tools such as endpoint detection and response, Knop said.

An analyst using Ranger Insights will therefore “see everything else that we provide to you through that same agent as well, [including] endpoint-based threats, and it’s side-by-side with all these vulnerabilities,” she told CRN. “So you can see a prioritized list of third-party application vulnerabilities, operating system vulnerabilities, as well as information that gives you context for any potential exploitation that can occur.”

Forescout Hires Channel Chief

On Aug. 15, Forescout announced hiring a veteran of cybersecurity channel programs, David Creed (pictured), as its new vice president of worldwide channel sales. Creed had most recently worked as a vice president in the service provider partner program at Armis, a Forescout competitor, since 2021. Before that, he’d served in director roles in the channel organizations at Carbon Black (acquired by VMware in 2019) and McAfee, for a total of 15 years.

In a news release, Forescout — which offers an automation-driven security platform focused on protecting the full range of connected devices — said that Creed will be “responsible for shepherding the next phase of growth across the company’s channel ecosystem.”

The hire follows the appointment of former MobileIron CEO Barry Mainz as chief executive of Forescout, and the departure of Forescout channel chief Keith Weatherford, earlier this year. In a quote included in the news release, Mainz said that Creed brings an “acute understanding of the rapidly evolving changes taking place across the cybersecurity marketplace,” paired with a “passion for the channel.” Ultimately, Creed is “the ideal leader for our channel business,” Mainz said in the release.

Sophos Launches Incident Response Retainer

On Aug. 23, Sophos announced the launch of a new retainer option that aims to enable greater predictability on cost for its incident response engagements, which provide investigation and remediation in the event of a major attack such as ransomware. The offering stands out from other incident response retainers on predictability through providing customers with a fixed-cost, fixed-term agreement for the IR service, according to Joe Levy, president, CTO and chief product officer at Sophos.

Another unique element of the Sophos Incident Response Retainer is that it comes with 45 days of 24/7 MDR (managed detection and response) coverage, the company said. The goal is to ensure that “we were actually fully successful in neutralizing the threat,” Levy told CRN.

The incident response retainer is also optimized for Sophos channel partners to bring to their customers, he said. The IR retainer enables partners to help customers “enhance their resilience, by making them much better prepared in the event that there’s some sort of a security incident that actually requires expert response,” Levy said.

All in all, the Sophos Incident Response Retainer is aimed at expediting the access that customers have to response services in the wake of a ransomware attack, data breach or other major cyber incident, according to the company.

Trend Micro Debuts MSP-Focused Platform

On Aug. 22, Trend Micro announced a service-focused version of its Vision One cybersecurity platform and a new MSP partner category, aimed at helping to enable channel partners to add or expand managed services around the platform. The new Trend Vision One for Service Providers offering seeks to present expanded opportunities for channel partners such as resellers to launch managed services practices around the unified, AI-driven platform for threat detection, response and prevention, according to Louise McEvoy (pictured), vice president of U.S. channels at Trend Micro. For partners that are “transforming into a services approach, this allows them to extend their offerings,” McEvoy told CRN.

Meanwhile, for partners that already offer managed services based on Vision One—including MSSPs—the new version of the offering introduces critical features such as multi-tenancy, extended SOAR (security orchestration, automation and response) capabilities and a wide array of integrations with third-party tools. For MSSPs that “already know how to manage end customers, this allows us to extend [Vision One] to newly recruited MSSPs,” McEvoy said.

Meanwhile, Trend Micro also unveiled the new MSP partner category in its channel program to formalize its work with MSPs around the use of Vision One.

Abnormal Security Hires Two Top Execs

On Aug. 15, Abnormal Security announced achieving a key growth milestone as well as a pair of big hires: Michael DeCesare as its new president and Maya Marcus as its chief people officer. DeCesare (pictured) had stepped down as CEO of cybersecurity vendor Exabeam in June, and prior to that had served as CEO of Forescout, including overseeing its initial public offering in 2017. Marcus had most recently served as vice president of people at cybersecurity giant Palo Alto Networks, and earlier had worked for Pure Storage and Nvidia.

At the same time, Abnormal Security — which has become a major force in email security thanks to its platform powered by behavioral AI technologies — announced that it has surpassed $100 million in annual recurring revenue.

SaaS Alerts Fortify

In early August, SaaS Alerts, which offers an MSP-focused platform for protecting software-as-a-service, introduced its Fortify tool for accelerating implementation of Microsoft’s security recommendations. The tool enables MSPs to rapidly deploy the Microsoft recommendations “across all their customers in minutes,” SaaS Alerts said in a news release. In addition to helping with the implementation of security recommendations, SaaS Alerts Fortify also enables MSPs to compare a customer’s Microsoft secure score with the scores of similarly sized organizations, according to the company.