Security News

KnowBe4 To Buy Awareness Startup SecurityAdvisor For $80M

Michael Novinson

‘You can take signal from all those products, reduce the noise, get a much better picture of the human risk and correct it in real-time,’ KnowBe4 Founder and CEO Stu Sjouwerman tells CRN.


KnowBe4 has agreed to purchase startup SecurityAdvisor to better identify and correlate human-behavior driven security alerts generated across each layer of the existing security stack.

The Clearwater, Fla.-based security awareness vendor said Sunnyvale, Calif.-based SecurityAdvisor’s alerts are mapped to relevant micro-learning opportunities that are pushed out to users via apps such as Slack and Microsoft Teams to immediately educate the user. Integrating KnowBe4’s platform with real-time user behavior activity and micro-learning should help defend against social engineering attacks.

“You can take signal from all those products, reduce the noise, get a much better picture of the human risk and correct it in real-time,” KnowBe4 Founder and CEO Stu Sjouwerman told CRN. “Channel partners should be able to grab this and provide massive value-add to their customers.”

[Related: ‘We Need Partners:’ KnowBe4 Stock Soars Upon Going Public]

Deploying SecurityAdvisor leads to an immediate and observable reduction in human-related risk such as malware infections in workspaces, users visiting insecure websites, and employees failing to have multi-factor authentication properly enabled, Sjouwerman said.

For instance, Sjouwerman said if CrowdStrike spots a human plugging a USB stick into their Microsoft box, SecurityAdvisor is alerted and sends a real-time Slack or Teams message to the employee explaining why the behavior is unsafe. The deal will allow channel partners to get more value out of the technology they’re already selling from vendors like CrowdStrike, Fortinet, McAfee, Palo Alto Networks and Zscaler.

“We feel that this will be a very attractive channel play. What we’re building here is a brand-new category,” Sjouwerman said. ““We’re really going to take SecurityAdvisor to the channel next year.”

SecurityAdvisor was founded and led by former Intel and Fortscale leader Sai Venkataraman, who will continue with KnowBe4 in a role focused on building and maintaining relationships with technology and channel partners, according to Sjouwerman. He expects to integrate SecurityAdvisor into the KnowBe4 platform in the second half of 2022, at which point it’ll become available to solution providers for resale.

“This will become another tab in the KnowBe4 admin user interface,” Sjouwerman said. “It’s going to look and feel exactly the same as the rest of the console.”

KnowBe4 will spend up to $80 million to buy SecurityAdvisor, paying $50 million when the deal closes this quarter and up to $30 million in incentives if SecurityAdvisor’s product generates $40 million of annual recurring revenue by the end of year 3. The company’s stock is up $0.51 (2.18 percent) to $23.86 per share in trading Thursday morning. The acquisition was announced before the market opened.

SecurityAdvisor was founded in 2018, employs 39 people, and has raised $7.3 million in two rounds of outside funding, according to LinkedIn and Crunchbase. The company most recently closed a Series A round in February 2021 led by venture capital firm ClearSky.

“This acquisition is expected to expand our total addressable market through the addition of HDR [Human Detection and Response] functionality to the platform and will provide enhancements to our R&D teams,” KnowBe4 Co-President and CFO Krish Venkataraman said in a statement. “This addition to our cross-sell capabilities will also provide an opportunity for us to continue to grow.”

Feeding correlated user behavior data from SecurityAdvisor back into the Security Operations Center should enable security teams to identify and remediate gaps in the overall security architecture, making customers’ existing investments in security products more valuable. The acquisition will allow KnowBe4 to get deeper insights into human behavior by correlating real-world, real-time human security events.

SecurityAdvisor was able to drive a 99 percent reduction in endpoint infections in just three months for one customer by identifying and correcting high risk users of Palo Alto Networks Traps, KnowBe4 said. The company was also able to decrease the number of web violations detected by Zscaler for one customer by 52 percent within four months, according to KnowBe4.

SecurityAdvisor also integrated with Google’s G Suite to coach users at one customer to enable multi-factor authentication (MFA), resulting in an 80 percent increase in the number of users with MFA enabled in only two months. The technology is priced per employee, and is used by general users, IT admins and the Security Operations Center (SOC), according to KnowBe4.

The product can be attached to a new sale or cross-sold to existing customers as a one-year or three-year subscription, with money for Security Advisor typically coming from the Chief Information Security Officer (CISO) or the SOC’s budget, KnowBe4 found.

This is KnowBe4’s first acquisition since going public in April. But the company made seven acquisitions between fall 2017 and spring 2021 in the run-up to its initial public offering, capped off by the March 2021 purchase of security and privacy training company MediaPro for $37.9 million. KnowBe4 already has a slate of additional M&A candidates drawn up and will continue along that path, Sjouwerman said.

“One of the reasons we did the IPO is so that we could do these kinds of transactions,” Sjouwerman said.

Sponsored Post