As more enterprises migrate apps and workloads into the cloud, so grows the need for more sophisticated tech to secure that activity. That's resulted in a strong run of funding rounds for startups building products to address that gap. In the latest development, AppOmni -- which has built a platform not just to connect with and secure SaaS apps, but to seek out, highlight and help fix vulnerabilities that arise when different apps are used together or in tandem -- has raised $70 million. CEO Brendan O’Connor said the funding, a Series C, will be used to continue both for international growth and to continue building out the platform.
AppOmni's customers include large enterprises and tech names such as Dropbox, Ping and Accenture, as well as large Fortune 100 financial and healthcare companies, which use the platform both to secure their SaaS application stacks (AppOmni integrates with hundreds of SaaS apps including biggies like Box, Confluence, Fastly, GitHub, Google Workspace, Jira, Microsoft 365, Salesforce, ServiceNow, Slack, Workday and Zoom) and also, as of April, any custom apps that they are building and using alongside those.
Thoma Bravo is leading this round, with previous backers such as Scale Venture Partners, Salesforce Ventures, ClearSky and Costanoa Ventures also investing. The valuation is not being disclosed, but as a marker of where it might be, it has now raised $123 million; PitchBook notes that AppOmni was valued at $200 million post-money in its last round -- a $40 million Series B in April 2021 that we covered here -- and it has continued to have triple-digit growth since then. Collectively, it says it now secures apps covering 78 million users and 230 million exposed data records and more than 9 billion monthly events. So even amid the pressures that we have seen on funding overall, and the competition from other security startups searching for funding, there are signs that AppOmni is among the stronger tier of them.
The gap in the security market that AppOmni is targeting is a longstanding one that is in some ways becoming more critical with the evolution of IT. As more companies follow through on the promise of "digital transformation" and embrace doing more and investing more in cloud services, they are adopting an ever-wider array of apps -- some of which are "approved" by IT and some of which are not -- that users can access from a growing number of endpoints (that is, devices, such as laptops, their desks, their phones and tablets, across home Wi-Fi, public hotspots, mobile networks, office networks and so on and so forth). That spaghetti of permutations, taken across a wide array of apps, creates a lot of crossovers that inadvertently lead to vulnerabilities.
These can either pertain to specific apps -- AppOmni says that on average it finds more than 20 unauthortized app usages across a single engagement -- or to specific types of data, or data records. The startup's specialty is to search for these loopholes and provide alerts related to them, as well as begin the process of remediating to fix them. It also generates analytics for security operations teams to get more comprehensive pictures of activity across the network to identify trends as well as handle specific events.
"SaaS has become one of the most essential parts of the IT stack. But even though SaaS apps now house extremely sensitive data and run some of the most critical business workflows, most organizations haven’t adequately prioritized SaaS security," O'Connor told us. "That means that there is a huge amount of data sitting unsecured in the cloud. Our goal is to give businesses and enterprises an easy way to secure their SaaS data and keep it secure over time."
O'Connor and his co-founder, CTO Brian Soby, cut their teeth in exploring the cyber risks in cloud services from years of working for SaaS companies themselves, perhaps most notably at Salesforce, where O'Connor had been an SVP and "chief trust officer" and Soby had been a director of product security. Tellingly, their impact on Salesforce proved to be a positive one, with Salesforce now an investor and partner of AppOmni's. O'Connor went on to work in a similar capacity at ServiceNow, which like other SaaS companies faces many of the similar issues of SaaS apps conflicting with each other (even when they appear to work together).
The traction it has had has helped the startup stand out among its peers, which include the likes of IBM and Amazon, as well as F5's Threat Stack.
“The digitization of businesses across all sectors has accelerated the need for reliable data protection and control, and AppOmni’s security solutions are unmatched in the industry,” added Robert (Tre) Sayle, a partner at Thoma Bravo. “We have been impressed by AppOmni’s rapid scaling, high levels of customer satisfaction and continued product innovation, and we’re thrilled to partner with Brendan and his team as they capitalize on the sizable market opportunity ahead.”