10 Cybersecurity Companies Making Moves: February 2023

We’re taking a look at the cybersecurity companies that launched products and partner program updates, raised major funding, announced acquisitions or made key executive changes in February.

Hot Market, Big Moves

It was a short but busy month for the cybersecurity industry, which continued to show signs of being quite resistant to the effects of the economic slowdown that’s been impacting the overall tech sector. While a handful of cybersecurity companies did announce layoffs in February, far more had other types of announcements to share during the month — including major funding rounds, new partner programs, notable product launches, acquisitions and key executive hires.

[Related: Palo Alto Networks CEO Nikesh Arora On SASE, AI And Why Partners Are ‘More Important’ Than Ever]

In February, major moves by cybersecurity companies included a massive funding round and valuation boost for fast-growing cloud security startup Wiz, while Proofpoint was among the cybersecurity companies that unveiled new partner programs last. Check Point announced several big executive moves, including a major hire, and Zscaler announced a new product line as well as an acquisition of a security startup. And in an interview with CRN, Palo Alto Networks CEO Nikesh Arora signaled that he’ll be a lot more involved in the cybersecurity giant’s channel-related efforts going forward.

What follows are details on 10 of the cybersecurity companies we’re following that made big moves in February.

Zscaler Expands Into ‘Cloud Resilience,’ Acquires SaaS Security Startup

Security service edge powerhouse Zscaler made two major announcements in February, both focused on extending the company’s platform to offer greater protection of data and applications from attack.

On Feb. 1, the company announced the launch of Zscaler Resilience, which provides new capabilities that aim to keep interconnections to apps intact even in the event of a major security incident. Such “black swan” events can include nation-state attacks, natural disasters and digital vandalism, Zscaler said in a news release, which have created a dire need for greater “cloud resilience” for organizations.

The Zscaler Resilience offering includes disaster recovery capabilities that allow customer operations to directly connect to Zscaler’s Private Service Edge in the event of a serious incident, allowing updated security policies to continue to be followed. Other capabilities include dynamic performance-based selection for rapid performance recovery after a brownout, as well as a customer-controlled data center exclusion to enable the setting of a temporary exclusion period for data centers that are having connectivity problems.

Following up on that launch, in mid-February Zscaler announced an agreement to acquire Canonic Security, a startup focused on protecting against attacks that target software-as-a-service. Terms of the acquisition deal were not disclosed. Canonic’s technology aims to “prevent organizations’ growing risks of SaaS supply chain attacks,” Zscaler said in a news release.

Many organizations have adopted hundreds of SaaS apps at this point, and “their users are connecting thousands of third-party applications and browser extensions to their critical SaaS platforms like Atlassian Suite, Microsoft 365, Salesforce, Google Workspace, and Slack without IT’s permission,” the company said. “Canonic’s solution allows cybersecurity and IT teams to quickly gain visibility to this ungoverned surface area and streamline SaaS application governance and enforcement.”

Zscaler said it will integrate Canonic’s capabilities into a data protection offering that was announced in October 2022, including by enhancing its cloud access security broker (CASB) solution as well as its SaaS security posture management (SSPM) tool.

ThreatLocker Unveils Its First Detection Tool

ThreatLocker last month announced its first-ever capabilities for detection of malicious activity, such as an attempted cyberattack, in a move to help managed services providers do even more to protect their end customers. On Feb. 2, the endpoint security firm unveiled Ops, a new threat detection tool that aims to augment the capabilities of the 4,000 MSPs using its platform.

Because ThreatLocker’s “application allowlisting” functionality ensures that malware cannot run in customer IT systems, the company hadn’t previously focused on detection of cyberattacks. However, ThreatLocker has recognized that even if it’s just an attempted cyberattack on an IT system, there is still value in being able to detect that activity, since it can often help an MSP to take other cyber defense measures for the customer that’s been targeted, according to co-founder and CEO Danny Jenkins (pictured).

And while ThreatLocker has already significantly displaced the need for using endpoint detection and response (EDR) tools with application allowlisting and its other capabilities, the new Ops tool could displace even more usage of EDR by MSPs, Jenkins said. “I think the reliance on EDR is going to be massively reduced by using Ops,” he said.

Ops is a “community-based platform” because it will leverage findings and detection rules that are provided by its community of users at MSPs and customers, Jenkins said.

Skyhigh Security Debuts Partner Program Of Its Own

Skyhigh Security announced its first distinct partner program since the split of McAfee Enterprise last year, which is initially focused on reseller and distributor partners.

The program unveiled on Feb. 6, the Skyhigh Security Altitude Partner Program, includes generous backend rebates, deal registration, a new partner portal and a commitment that 100 percent of business will transact through the channel, according to Scott Goree (pictured), vice president of worldwide channels at Skyhigh Security. It’s the first partner program to launch under the Skyhigh Security name and the first that is distinct from what Skyhigh had in its prior iteration, as the security service edge (SSE) business of McAfee Enterprise, he said. “This is a big step in [us] forming our own path,” Goree said.

Following the merger of McAfee Enterprise and FireEye in 2021, the combined company was then split into two parts in 2022 — with the SSE division becoming Skyhigh Security. The remainder of the company, including the endpoint security business, was renamed Trellix.

Skyhigh’s Altitude program includes three tiers — registered, essential and advanced. The program offers a revamped training platform, available through the portal, for sales and technical training that partners can take free of charge to move up to a higher tier, Goree said.

Looking ahead, Skyhigh’s plan is to expand the program later this year to include professional services partners and managed services partners (MSPs), he said.

Proofpoint Launches Revamped Partner Program

Also announcing a major partner program update in February was Proofpoint, which unveiled the new Proofpoint Element program on Feb. 15. The program aims to offer a simplified structure to partners along with enhanced incentives and training, as the company looks to work with more solution providers on areas beyond its widely used email security offering.

Additional key areas where Proofpoint is looking to drive increased awareness among partners and customers include information protection — with data security solutions such as data loss prevention (DLP) and cloud access security broker (CASB) — and compliance solutions including archiving and e-discovery. “When I talk to partners across the world, the first thing they say is, ‘Email protection — you’re the best,’” said Joe Sykora (pictured), senior vice president for global channel and partner sales at Proofpoint. “That’s great — but we do so much more.” For instance, many don’t realize that Proofpoint is also among the world’s largest providers of integrated information protection, which includes DLP, he told CRN.

Proofpoint Element switches to a two-tier structure from the prior metal-based program structure. The two tiers are “Core” for partners that can meet minimum program requirements, and “Elite” for partners that are willing to make a larger investment in training and meet higher revenue goals. Partners that qualify for the Elite tier will receive higher discounts and marketing funds as well as a dedicated channel account manager, Proofpoint said.

Other updates to the Proofpoint channel program include expanded and refreshed training through the company’s partner portal, as well as new opportunities for hands-on training through planned road show stops in U.S. cities.

Open Systems Launches Partner Program For MDR Division

In February, cybersecurity firm Open Systems launched a new partner program for Ontinue, its rebranded managed detection and response (MDR) division. Ontinue by Open Systems aims to help Microsoft partners extend their security offerings beyond Sentinel and Defender or even start up a security practice, May Mitchell (pictured), CMO of Open Systems and Ontinue, told CRN.

“Security as we all know is complex—and it doesn’t have to be,” Mitchell said. “We believe that if a customer or partner has a more secure environment, it’s a more innovative environment.”

Ontinue promises to bring Microsoft partners more expertise around the Redmond, Wash.-based vendor’s Defender and its security information and event management (SIEM) tool Sentinel while adding the option for Ontinue’s own Ion platform and a 24-hour globally distributed security adviser and defender staff, according to Ontinue. The company’s offerings integrate with existing Microsoft environments, and customer data stays in the tenant. Ontinue offers security automation and uses Microsoft collaboration application Teams to bring together the stakeholders needed to solve security issues.

Passwordless-Focused Startup Descope Raises $53 Million

Tech startups typically don‘t raise initial seed funding rounds in excess of $50 million, but the reputation of Descope’s founders paired with a powerful new tool for improving authentication led the company to do just that last month. On Feb. 15, Descope raised $53 million in seed funding led by Lightspeed Venture Partners and GGV Capital and announced the debut of its tool for enabling developers to more easily integrate passwordless authentication into applications. Other investors include CrowdStrike co-founder and CEO George Kurtz and Rubrik co-founder and CEO Bipul Sinha.

Descope has a total of eight founders, all of which were behind Demisto — a security orchestration, automation and response (SOAR) vendor that was acquired by Palo Alto Networks for $560 million in 2019. However, at Demisto and earlier companies, inordinate amounts of time and energy were spent on building identity and authentication mechanisms into their products, said Slavik Markovich (pictured), co-founder and CEO at Descope. And so when the time came for the leaders of Demisto to move on to the “next adventure,” they agreed that authentication would be a “big, interesting problem where we could save developers a huge amount of time and complexity — and [improve] security — by just implementing this as-a-service,” Markovich told CRN. And since this is 2023, he said, the team decided to prioritize enabling passwordless authentication — with a focus on allowing for easier connections into the passwordless systems such as “passkeys” that are now supported by devices and platforms from major vendors including Apple, Microsoft and Google. The Descope tool is available through both free and paid versions, with higher user counts and other capabilities offered by the paid version.

While it’s very early for the company, Markovich said that Descope expects to explore bringing the technology to market through partners down the road. “There are going to be partnerships to help us get to both customers and the large dev shops,” he said.

Wiz Lands $300 Million In Funding, $10 Billion Valuation

Fast-growing cloud security startup Wiz announced Feb. 27 that it has raised $300 million in new funding and achieved a valuation of $10 billion in connection with the round, making it the top-valued cybersecurity unicorn. Though only founded in 2020, Wiz quickly found huge traction for its product that brings together numerous cloud security capabilities while deploying quickly and offering greater visibility and prioritization of threats.

In August 2022, Wiz disclosed that it had crossed $100 million in annual recurring revenue, achieving this key startup milestone in the shortest amount of time of any company to date at 18 months, according to the company. About 75 percent of Wiz’s deals involve a value-added reseller (VAR) partner, and major VAR partners of Wiz include Trace3, Optiv, Presidio, WWT and GuidePoint Security.

Wiz had previously been valued at $6 billion in connection with its $250 million funding round in October 2021. With the $10 billion valuation, Wiz moves to the top spot on CB Insights’ list of highest-valued cybersecurity unicorns, from No. 6 previously. In a news release, Wiz said it has become the fastest SaaS company to achieve a $10 billion valuation.

The $300 million Series D round was led by Lightspeed Venture Partners, Greenoaks Capital Partners and Index Ventures. Wiz has now raised $900 million in funding to date.

Check Point Hires New Chief Product Officer

Cybersecurity giant Check Point announced Feb. 28 that it has hired Nataly Kremer (pictured), a longtime R&D leader at AT&T, as its new chief product officer and head of R&D. Meanwhile, longtime Check Point Chief Product Officer Dorit Dor has moved into the role of chief technology officer, and Rupal Hollenbeck has been promoted to president from her prior role as chief commercial officer.

Kremer had spent the prior 12 years with AT&T, where headed the company’s software and delivery group and served as general manager of its Israel R&D center. She “will oversee all product and technology units and use her proficiency in delivering network, security, and cloud technologies for large enterprises to meet customer needs,” Check Point said an a news release.

Dor has been with Check Point since 1995, having joined just a few years after its founding by CEO Gil Shwed. Hollenbeck joined Check Point as an executive in March 2022.

In the release, Shwed said that “the combination of strengthening our leadership team with highly accomplished leaders, the unmatched experience and expertise people like Dorit represent, and the organizational changes designed to leverage our capabilities, are crucial to our efforts in accelerating our technology and business performance.”

SlashNext Unveils Generative AI To Thwart Email Attacks

On Feb. 28, SlashNext debuted new capabilities powered by its own generative AI technology, aimed at blocking email-based attacks that are created by similar technology such as OpenAI’s widely used ChatGPT application. The company has spent the past two years developing its own large language model akin to OpenAI’s GPT-3, which is the underlying technology for ChatGPT.

SlashNext is now making the first offering powered by the large language model available to customers and partners — and the company believes it to be the first cybersecurity product of any kind to utilize independently developed generative AI, according to CEO Patrick Harr (pictured). At a time when malicious actors clearly have much to gain from generative artificial intelligence such as ChatGPT, the team at SlashNext believes that “you have to fight AI with AI,” Harr told CRN.

Specifically, the new SlashNext offering is focused on thwarting a type of email impersonation attack known as business email compromise (BEC). The scams typically target executives or other employees of a company, and involve an attacker pretending to be a colleague that is requesting a transfer of funds.

The new generative AI offering from SlashNext works by leveraging the company’s large language model algorithm to proactively anticipate potential BEC threats created using generative AI. The product automatically generates thousands of new variants of BEC attacks — and then consults that information when deciding which incoming emails to block on behalf of users.

Palo Alto Networks CEO Nikesh Arora: 2023 ‘All About’ Channel

In interviews with CRN for our February magazine cover story, Palo Alto Networks executives said the theme of 2023 is bringing the vendor’s work with the channel to the next level as it seeks wider customer adoption of its newer products, which span from cloud and application security to zero trust and secure access service edge (SASE) to extended detection and response (XDR) and automated security operations.

Among other things, this partner push will mean Palo Alto Networks CEO Nikesh Arora will be taking a more visible role in the vendor’s channel efforts. Arora recently told CRN that channel partners may be “surprised” by how much they see of him going forward.

“We’ve taken four and a half years to get to a place where we believe we have a robust product portfolio in the most relevant categories of today,” Arora told CRN in December at the company’s 2022 Ignite conference. That has meant spending 70 percent of his time focusing on the product portfolio, leaving other executives to worry about the go-to-market and channel strategy, he said.

“If I didn’t fix the product portfolio, it wouldn’t matter if I had a good channel strategy or a bad one, so I spent my time [on products],” Arora said, likening himself to a doctor who had to triage the damage. “People didn’t see me in the channel because I was busy fixing the broken elbow and the bleeding arm.” Now that the portfolio he envisioned is a reality, Arora said his focus over the next three years will shift to spending 70 percent of his time “to make sure we actually take all these products to market and upsell all of our customers into a better security proposition.”

That will include a lot more involvement with initiatives that impact the channel, he told CRN. “[This] year is going to be all about go-to-market and the channel,” Arora said, “and they’ll be surprised to find me.”