Huntress CEO On Raising $150M To ‘Democratize’ SIEM, Data Protection For SMBs

Kyle Hanslovan tells CRN that the funding round—which more than doubles Huntress’ valuation to surpass $1.5 billion—will boost the company’s R&D and M&A efforts with a focus on key segments for partners.

Huntress announced Tuesday it has raised $150 million in funding to accelerate its expansion into new product segments, as part of a drive to spur growth for partners and better secure their SMB customers, Huntress Co-Founder and CEO Kyle Hanslovan told CRN.

The SMB-focused managed cybersecurity vendor is planning to move into SIEM (security information and event management) and is eyeing additional categories such as security posture management, as well as offerings that will “reinvent” data backup and recovery, Hanslovan said.

[Related: The 20 Coolest Endpoint And Managed Security Companies Of 2024]

The expansion moves come as “the pace that the threat actors in cybercrime have pivoted towards SMBs [has] not slowed,” he said. “I've just had to stop and say, ‘I cannot just wait for where hackers are going to go next.’”

The new funding brings unicorn status to Huntress, more than doubling the company’s valuation to surpass $1.5 billion. The round is also a greater amount of funding than the previous total that’d been raised by the company since its launch in 2015, bringing Huntress to $268 million raised to date.

The Series D round was led by two new investors, Kleiner Perkins and Meritech Capital, as well as by existing backer Sapphire Ventures. Winning the backing of these Silicon Valley venture luminaries is a huge validation for Huntress’ approach of focusing on working with partners to meet the security needs of under-protected SMBs, Hanslovan told CRN.

Now, “we’ve got three of the top five growth-stage VCs backing us,” he said. Additionally, “this is the last round that would likely happen” prior to an initial public offering for Huntress.

“This is all preparing for the future IPO,” Hanslovan said.

Half of the funding or more will be targeted toward R&D and M&A, he noted. “The other half is going to be tons of education, awareness, go-to-market [investments].”

Huntress reached $70 million in annual recurring revenue in 2023 and expects to cross $100 million in ARR later this year, Hanslovan said. In terms of headcount, the company currently employs 360 and will likely surpass 400 by the end of the year, he said.

Ultimately, “one of my biggest efforts with this new approach—both for SIEM as well as the security posture management and the backup-recovery—I'm trying to democratize [security capabilities],” Hanslovan said. “So when somebody gets our implementation, it can be rolled out to every customer. The biggest thing that I'm doing [is] democratizing.”

What follows is an edited and condensed portion of CRN’s interview with Hanslovan.

What prompted you to raise more funding now and what are the major goals for it?

I've been just really stressing about the pace that the threat actors in cybercrime have pivoted towards SMBs — it's not slowed. And the amount of attack service they're now starting to go after [has grown].

We have 14,000 healthcare companies [as customers] — the vast majority of them on that United / Change Healthcare network that were being impacted by not being able to either submit claims or get reimbursed. So I have first-hand, direct experience of where people are getting wrecked. And I've just had to stop and say, “I cannot just wait for where hackers are going to go next.”

Of course I love the detection and response lane. I now have ITDR — identity threat detection and response. That's the [Microsoft] 365, G Suite, SaaS-based detection and response. That's great. And during our Series C, I said we were going to go from a one-product company to a many-product company.

Employees are obviously another thing threat actors [are targeting]. So I’ve got now my foothold in [that] market through awareness training, phishing simulation.

I am about to rip the market open on security posture management. I'm just hearing it all over. I'm ripping into that whole security posture lane of products.

Are you interested in looking at more acquisitions?

I might be doing some M&A on [categories like] security posture management on SaaS apps, security posture management of the cloud. There's a huge opportunity over there. But I'm looking at these backup products and I don't think I'm going to do M&A over there. I've looked at a couple companies. [But] none of my clients come and say, “I need a technology that I can run a backup and manually store.” The things that I'm hearing are, “If you know where my files are ransomed, why aren’t you automatically restoring my files with no interaction? Why isn't that being done autonomously?” And when [an attacker] slipped by, now let me automate the recovery on this. We're really going to try to reinvent backup. We're going to try to really blow this up and build a data recovery solution and a continuity solution — [where] I might have to use the old school words of backup and recovery — but they're just fundamentally not going to look like what [today’s backup products] are doing.

Could you say a bit more on where else your R&D efforts will be focused?

Partners want to own a lot of the security process. For a very long time our partner base was saying, “You elevate to me what the problem is, but I want to own taking the response. I want to own that relationship.” A lot of our partners are starting to see what we've been warning of — if you don't give up a little bit more autonomy to your SOC that's taking care of this for you, we can't make you look like the rock star. So one of the biggest things I'm looking at doing is, I'm trying to completely push the boundaries on not only what should an outside team be able to do on your behalf — but how do they escalate? We're trying to make our products [become] much more fully automated on their behalf.

I finally now have the platform infrastructure I built [after the last funding round]. And you're going to see a lot more research and development and new stuff for our partners that's going to make their whole stack automatically collaborate with each other. Where we want to push the bounds with our research is, imagine if you see credentials stolen off an endpoint — why can't I automatically lock down the SaaS identities that are there? Or vice versa — somebody falls for a phishing email, why can't I automatically cue up the education and training to help prevent that from happening in the future? This is how a real platform is supposed to interoperate. I'm continuing to bring that enterprise-quality tech but really pairing it with enterprise-quality humans.

And that's actually solving the biggest hurdles. Our partners continue to tell me, “I have more attack surface than I can handle. I cannot staff these more senior IT and security people. And I want you to make my most junior IT people into the rock stars.”

Are there other product segments you’re interested in?

SIEM has been a solution that most people only roll out to part of their base. When I go talk to my partners, one story sounds like this: 30 percent of my base gets it, but I only give it to the customers that are willing to pay [for] the premium platform. It's never the doctor’s and dentist’s office that actually need it. It's never the community waterworks or rural electricity company, that actually is a small business itself. Those are never the people with the budget. So one of my biggest efforts with this new approach — both for SIEM as well as the security posture management and the backup-recovery — I'm trying to democratize [security capabilities]. So when somebody gets our implementation, it can be rolled out to every customer. The biggest thing that I'm doing [is] democratizing.

Our [customers] need something that can outrun hackers. But they don't have the budget and the team to maintain a Formula One car. So what Huntress is building is a high-end sports car. We're effectively building a Lamborghini. I'm just in the business of high-end sports cars but I also know what I'm not.

Part of building this for the SMB is being laser-focused on, what do they truly need? Let's build the high-end sports cars for the small business to the small enterprise, and leave the Formula One cars to the Fortune 5000.

Any other ways this funding might help to drive growth for partners?

I'm just starting to realize how much of the market my channel partners don't already have. I am doubling down on a ton of demand gen to bring more of this SMB into my partners. We still haven't changed. We're still channel-first. So even when we do direct marketing, we always give that customer [to the partner]. The question we ask is, “Who would you like to fulfill through.” So we're trying to continue building more and more and bringing that demand into our partners.