Security News

ThreatLocker Scores $100M In Funding Led By General Atlantic, Zeroes In On $1B Unicorn Valuation

Steven Burke

“I’m confident we are going to hit unicorn valuation this year,’ says ThreatLocker co-founder and CEO Danny Jenkins. ‘Our valuation has increased 500 percent in the last year with our business growth up 540 percent. We have created a great product that works and solves a problem and we have backed it up with support. It is not brain surgery.’


Cybersecurity software superstar ThreatLocker, which is adding MSPs at a record-setting pace, has scored $100 million in Series C funding led by private equity powerhouse and growth equity investor General Atlantic.

The funding - which includes participation from venture capital firm Elephant VC and early growth capital investor Arthur Ventures - comes with ThreatLocker set to add a record 700 new MSPs in April in the midst of a barrage of attacks against businesses.

“This is going to allow us to continue to improve our products and to grow our customer base,” said ThreatLocker co-founder and CEO Danny Jenkins. “We’re just scratching the surface from an MSP perspective. This year we’re hoping to add 3,000 more MSPs.”

ThreatLocker is on track to achieve the prestigious “unicorn” status this year, breaking the $1 billion valuation mark for a privately held company, said Jenkins.

“I’m confident we are going to hit unicorn valuation this year,” said Jenkins. “Our valuation has increased 500 percent in the last year with our business growth up 540 percent. We have created a great product that works and solves a problem and we have backed it up with support. It is not brain surgery.” Threat Locker now provides its software to 23,000 businesses including large enterprises such as JetBlue Airways.

[RELATED: Zero Trust For MSPs: ThreatLocker Unleashes Network Access Control Service ]  

The new funding is going to fuel new breakthrough development aimed at making zero-trust security a reality for more MSPs, said Jenkins.

“The more we put into R&D and the more we focus put on making our products stop more threats with less friction, the better the life of the MSPs we serve,” said Jenkins. “This is going to change the trajectory of how we think about how security operates.”

Specifically, Jenkins said the additional funding will open the door for ThreatLocker to keep refining its zero-trust security vision to improve the security of MSPs and their customers with additional software innovation.

ThreatLocker, which is in midst of beta-testing network access control, is poised to expand the platform with additional capabilities this year, said Jenkins.“We are going to continue to expand development to make it easy for MSPs to provide security for their customers,” he said.

General Atlantic Operating Partner Gary Reiner called ThreatLocker a ransomware killer that has changed the cybersecurity landscape with its “default deny” whitelisting and ring-fencing technology.

“We spoke to probably 15 MSPs in the course of doing our due diligence, every single one of them loves what ThreatLocker is doing for them,” said Reiner, a former GE CIO who serves on, among others, the boards of directors for Citigroup and Hewlett Packard Enterprise. “The majority of them had experienced ransomware with their customers prior to deploying ThreatLocker, even with the use of traditional EDR [endpoint detection response] software. ThreatLocker basically makes it impossible [for ransomware to infect businesses] because the only thing that is allowed to run in that environment is what has been previously approved by the customer.”

Jenkins has built a software product that many believed could not be achieved, namely a whitelisting and ring-fencing solution that does not put an administrative burden on MSPs and their customers, said Reiner, who also sits on the boards of MSP stalwarts Atera and JumpCloud.

Jenkins is “incredibly driven to build the business to change the approach to cybersecurity so it is not just finding the bad stuff but preventing the bad stuff from operating in the first place,” said Reiner. “I think he is going to be a long-term CEO of a business that thrives.”

MSPs said the funding is well-deserved recognition for a cybersecurity software company that has turned the tables on ransomware criminals looking to cash in on the security failings of SMBs.

Juern Technology, a San Antonio-based MSP, has tripled its sales and transformed itself into an MSSP with a 24-hour-a-day, seven-day-a-week security operations center (SOC) after partnering with ThreatLocker three years ago, said Juern Technology founder and CEO Neal Juern.

“Danny is a genius and a security technology visionary,” said Juern. “He had the foresight to see what was going on in the market and realized that it was going to get bad enough that the only way to prevent cybersecurity breaches would be to implement a default deny whitelisting technology. If you try to filter out known bad threats, you will never be able to do it.”

Juern sought out out ThreatLocker after one of his customers that he had secured with one of the top endpoint solutions was hit with ransomware by clicking on a resume.

“We were very security-aware and had one of the best endpoint protection systems that you could get,” he said. “I’ll never forget going into that meeting with the customer—I called it a ‘beating meeting.’ We had to sit there and answer how it happened and why didn’t the security software stop it. When I came out of that meeting, I said there has to be a better way. I cannot survive this.”

That was the point when Juern started searching for a new security solution and discovered ThreatLocker. “I knew right away this is what I was looking for,” he said. “I told my team I would rather put more effort into prevention than helping customers recover. Downtime costs customers a lot of money. We had to up our game to protect our customers.”

Juern Technology, which has grown from just three employees to 23 as its sales have soared, has a 90 percent win rate when it goes head to head in a security proposal showdown with another MSP or MSSP that is not using ThreatLocker, said Juern.

Juern expects ThreatLocker to continue to power his company’s growth. “I see us continuing to build on this partnership to protect small- and medium-size businesses,” he said. “We are laying down that gauntlet. I can’t wait to see what breakthrough security capabilities ThreatLocker brings to the market with this investment. This funding is only going to enhance and speed up ThreatLocker’s mission to help MSPs.”

Juern said he couldn’t be happier for Jenkins, his family and the ThreatLocker team. “They have put in the effort to make ThreatLocker a great solution for MSPs,” he said. “General Atlantic could have invested in a lot of other security companies. They have made a very wise choice by investing in ThreatLocker. The reason ThreatLocker is getting a lot of attention is because their solution is so good and they are so focused on helping MSPs.”

David Stinner, CEO of US itek, a Buffalo, N.Y.-based MSP that has made ThreatLocker a mandatory requirement for his customers, said he is glad that ThreatLocker opted for additional funding to build out the business rather than being acquired by a larger company.

“This allows ThreatLocker to be independent of these big MSP conglomerates,” he said. “Some people used to say that PSA and RMM were the most important tools for MSPs. In my view ThreatLocker’s whitelisting software is much more important than any platform provided by the likes of ConnectWise, Kaseya or Datto. I couldn’t be happier for Danny Jenkins and his awesome team of ThreatLocker cyber-heroes. I love ThreatLocker. They have the best technology and the best customer service. They are MSP-focused and MSP-strong. I look forward to working with them for many years to come.”

When Jenkins and his wife Sami, co-founder and COO of ThreatLocker, started the company investors ridiculed and even sneered at the company’s mission to protect businesses with its whitelisting software product.

“Now we’re actually achieving what we set out to do,” said Jenkins. “This funding allows us to achieve our goal of changing the way the world thinks about security even faster. This has a snowball effect. The faster the world changes, the faster we get to a better place with security.”

The funding is going to accelerate the company’s efforts to get the product to more customers, said Jenkins. He said approximately 30 percent of MSPs who experience a ThreatLocker web demo end up deploying the product for their customers. In addition, a whopping 80 percent of customers that conduct an internal trial end up implementing the product.

“This funding is a game-changer that is going to allow us to execute faster,” he said. “This is going to allow us to educate more people and show them there is a better way to protect businesses.”

The fast growth that ThreatLocker is now seeing is a far cry from the uncertainty the company faced just four years ago.“In some respects this company nearly killed me financially,” said Jenkins. “Four years ago, everything we had—every credit line, every bit of our finances—was run into the ground to the point where we were almost going to file for bankruptcy. We were in the hole and now we may well be the fastest-growing cybersecurity company in the industry. It’s in our family blood at this point. It is cultural. My kids wear ThreatLocker T shirts.”

The tide turned as Jenkins demoed the product for one MSP and customer after another and started to get traction, leading to funding from angel investors and eventually to $20 million in Series B Funding in 2021 from Elephant, based in Boston.

The General Atlantic led funding comes with SMBs facing increasing cyberthreats including a recent attack from a Russian-government-backed botnet aimed at taking down SMB and home-office networks. In that case, the FBI launched a pre-emptive strike to prevent the botnet built by the GRU—the Russian government’s military intelligence agency, from infecting customers.

In that case, the GRU implanted a specific type of malware known as Cyclops Blink on thousands of WatchGuard Technologies’ Firebox devices, mainly firewalls, that are typically deployed in small to midsize businesses.

Jenkins said the Russian state-sponsored attack is one more reason MSPs need to implement a “deny by default” strategy with ThreatLocker, which is aimed at preventing malicious code execution.

“A lot of vulnerabilities are there because you’ve got VPN ports open, web ports open, software applications that are running that shouldn’t be,” he said. “Stop relying on some magic that is going to detect everything that is bad and lock it down. MSPs need to close ports on their firewalls so traffic is only coming from trusted locations and only where needed. The less ports you have open, the less software that can run, and the less permissions given means the less likely hackers will be successful.”

Jenkins said he is not surprised that cyber terrorists like the Russian state sponsored hackers are going after Main Street rather than Wall Street. “We’ve been seeing this for years,” he said. “We don’t see that many attacks on Wall Street. We see more attacks on small and midsize businesses. The lion’s share of the attacks are on small businesses.”

The barrage of cyberattacks create big opportunities for MSPs who are determined to step up as a “security-first” partner for their customers.

Jenkins said he is looking forward to expanding ThreatLocker’s solutions to stop the attacks that are hurting businesses of all sizes.

“We started this company with the idea of bringing zero-trust-based security to the masses,” he said. “That didn’t exist when we started this company. We are changing the way the world thinks about security.”