Searching for the next Snyk

It’s the developers, stupid

When Snyk launched in 2015, it took an unusual approach for a security vendor by offering a free, self-service version of its product.

But after winning over developers — and getting lots of businesses to write checks for a paid version of the product with more features — Snyk ranks at No. 2 among the most valuable privately held cybersecurity vendors.

• Now, venture investors are on the hunt for the next Snyk, seeing the company’s approach as the go-to model for the next generation of companies in application security. And maybe even beyond.
• While Atlassian, Snowflake and Twilio are just a few of the enterprise software success stories to pursue what’s known as “product-led growth,” that strategy "really hasn't hit security yet," said Rama Sekhar, partner at Norwest Venture Partners.
• Snyk is the most prominent company in cybersecurity that’s figured it out, but the potential for others to do the same is immense, Sekhar said.
• Product-led growth, he said, is "what I'm looking for next in security startups."

For many enterprises, getting buy-in from developers on tools to help improve code security is something leaders would welcome.

• With critical threats such as software supply chain attacks and rampant exploits of software bugs, there's a growing urgency around improving the security of both open-source and proprietary code.
• But a bottom-up approach makes sense from the developer vantage point too. In many organizations, "developers get frustrated with the fact that application security is pushed on them," said Janet Worthington, a senior analyst at Forrester.

A number of developer security startups have embraced the freemium model from their inception, emulating Snyk.

• "The whole idea of taking anything that is top-down, and shifting it to developer-first — I think it's a huge growth opportunity," said Ed Sim, the founder and managing partner of Boldstart Ventures. The VC firm invested in Snyk as far back as its seed round, and is now an investor in three developer security startups that offer freemium tools.
• Without developer-focused tools, according to Snyk co-founder Guy Podjarny, “you can't get true developer adoption.”

Read the full story here.

— Kyle Alspach (email | twitter)

SPONSORED CONTENT FROM PEPSICO

Thinking outside your wall: How the path to net zero requires a new approach to collaboration and knowledge sharing:The emissions that make up a full greenhouse gas footprint can emanate from outside the four walls of your own manufacturing operations, like in the case of PepsiCo, where 93% of emissions come from its value chain.

Read more from Pepsico

Mind the gap

The Biden administration is calling the shortage of cybersecurity talent a "national security challenge" ahead of a summit at the White House Tuesday focused on accelerating progress on the issue. In a news release, the White House cited estimates that there are 700,000 cybersecurity jobs currently open in the U.S. alone.

Tuesday's summit is expected to include participation from a number of top Biden administration officials, as well as executives from the private sector and "thought leaders" in academia and the cybersecurity community. The summit is being convened by National Cyber Director Chris Inglis, and participants will include Secretary of Commerce Gina Raimondo, Secretary of Labor Martin Walsh and Secretary of Homeland Security Alejandro Mayorkas, as well as Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.

With the massive cybersecurity talent gap, "America faces a national security challenge that must be tackled aggressively," the White House said in the news release. Planned discussion topics at the summit include how to create “new skills-based pathways to cybersecurity jobs" in educational institutions and training programs. Notably, the Biden administration pointed out that the U.S. has "an opportunity to build pipelines for historically untapped talent, including underserved and diverse communities" as part of filling open cybersecurity roles.

What the White House release didn't specifically touch on was the need for more employers to create entry-level positions — something that a number of industry leaders have told Protocol is the biggest missing piece for closing the cybersecurity talent and diversity gap.

When the bubbles burst

As the old saying goes, if we don’t learn from our history, we are doomed to repeat it. In this Protocol Pipeline event, hosted by Biz Carson tomorrow at 10 a.m. PDT, we will be joined by a panel of VCs who expertly navigated the 2001 and 2008 crashes to talk about the downturn around the corner.

They will share lessons on how to shift strategies when the market changes, what emerging VCs should focus on in order to survive and when it is — and isn’t — time to make that next big bet. Joining Biz on the panel are Beezer Clarkson, partner at Sapphire Partners; Geoff Yang, founding partner and managing director at Redpoint Ventures; and Matt Murphy, partner at Menlo Ventures.

Financial corner

SingleStore raised $116 million to provide databases for cloud and on-premises apps.

Tecton raised $100 million to help enterprises put machine learning into production with its MLOps platform.

Bishop Fox raised $75 million for its enterprise-grade attack surface management software.

Around the enterprise

Fabless chip companies like Nvidia are leaning toward supporting the Chips Act,according to Reuters, even though they won’t see any of the major benefits that are geared toward manufacturing companies.

SPONSORED CONTENT FROM PEPSICO

Thinking outside your wall: How the path to net zero requires a new approach to collaboration and knowledge sharing:Asking suppliers and associated companies to overhaul the way they work is no small feat, but PepsiCo is taking a three-pronged approach centered around the principles of educating, enabling and incentivizing. The Sustainability Action Center aims to engage and equip value chain partners with tools to undergo their own sustainability journey.

Read more from Pepsico