Vanta, a security compliance automation startup, today announced that it has raised $40 million in Series B funding extension that closed in June, valuing the company at $1.6 billion. Notably, CrowdStrike invested in the extension along with several individual investors.
CEO Christina Cacioppo told TechCrunch that the new cash will be used to support Vanta’s customer acquisition, product R&D and go-to-market efforts. It brings the company’s total capital to $203 million.
Cacioppo founded Vanta in 2016 to – in her words – help companies adopt and maintain a strong security posture. Formerly a professor at New York’s School of Visual Arts, Cacioppo co-founded the software development house Nebula Labs before joining Dropbox Paper as a product manager.
With companies such as Uber, Sony, Equifax, and more and more major breaches, they realize that ensuring their security is a priority. should To do business. why? Because enterprises won’t buy an unsafe product, and regulators will crack down on any company with a poor safety posture. “The problem is that emerging companies lack the resources and know-how to properly protect their environment, leaving them open to threats of infringement and penalties.”
Vanta offers services designed to enable businesses to meet regulations, compliance standards and laws such as HIPAA and GDPR. The company provides workflows and controls for a variety of applications and services to ensure compliance, allowing auditors to complete audits in Vantaa and deliver alerts and instructions via email and apps like Slack.
Behind the scenes, a monitoring engine collects data from Vanta customers’ software-as-a-service applications and cloud stack and runs analytics to identify security threats. Cacioppo explains: “The customer journey is driven by Vanta using data-driven insights from the thousands of companies that have used Vanta to build and demonstrate their security. Every new customer benefits from the experience of previous Vanta customers.
To be sure, compliance is a tricky field – one that many companies struggle with. In the year A 2021 survey from The Harris Poll found that nearly two-thirds (63%) of organizations see compliance issues as a critical barrier to growth. According to research from Telos, an IT cybersecurity firm, organizations report that on average they must comply with 13 different IT security and privacy regulations and spend $3.5 million annually on compliance activities, with audits taking nearly two months each fiscal quarter.
That was good for business. Based in San Francisco, Vanta, which employs more than 350 people, now has a customer base of north of 4,000 organizations, which includes brands such as Quora, Modern Treasury and Autodesk. When asked, Cacioppo did not disclose annual recurring revenue figures — saving for that revenue has grown “at a faster rate” than Vanta’s assessment.
“Vanta continues to innovate in the space by building a suite of security tools that help address the risks of running businesses in the cloud, beyond enhancing ‘checkbox compliance,'” Cacioppo said, citing a Polaris market research report. The enterprise management, risk and compliance software market is forecast to reach $96.98 billion by 2028. “’Growth at any cost’ has never been our MO. [I] He launched the company until it reached $10 million in annual recurring revenue to prove a strong product market fit and prove the company could stand on its own… The metrics investors are now scrutinizing — burn rate, capital efficiency, gross profit — are vandalism. It is always superior. “
Vanta Challenge beats out competitors in the increasingly crowded risk and compliance space. Just in May, Kintent, a startup that provides enterprise compliance and security solutions, raised $18 million in venture capital. Earlier this year, SecureFrame raised $56 million for a platform that automates an organization’s compliance with requirements such as HIPAA and SOC 2. Other competitors include Etika, Ketch, Sovereign, and Anecdotes, the latter of which raised $25 million in Series A funding.
There’s money to go around, luckily. Investors poured $5.1 billion into governance, risk and compliance startups in Q2 2021, up 113 percent from Q2 2020, according to Crunchbase data cited by The Wall Street Journal. In the year In the first 10 weeks of 2022 alone, funding reached nearly $1 billion — spurred by international sanctions and data privacy laws like California’s Consumer Privacy Act.
In an emailed statement, CrowdStrike CTO Michael Sentonas said: “Compliance is no longer a silent activity – it’s a boardroom priority and an essential part of the modern security stack. The reason we’ve invested in Vanta is because they’ve created a way for every company, big or small, to automate and secure their end-to-end processes.