Skip to main content

Lacework lands $1.3B to expand its cloud cybersecurity platform

Open security lock on credit cards with computer keyboard / Credit card data breach

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


Lacework, a developer of automated containerized workload defense and compliance solutions, today announced that it closed a $1.3 billion funding round, valuing the company at over $8.3 billion post money. Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, and Tiger Global Management led the round with participation from Franklin Templeton, Counterpoint Global (Morgan Stanley), Durable Capital, General Catalyst, XN, Coatue, Dragoneer, Liberty Global, and Snowflake Ventures. Co-CEOs David Hatfield and Jay Parikh said the funding will support Lacework’s product development efforts as the company expands its engineering and R&D initiatives.

As the pandemic prompts companies to move their operations online, many — if not most — face increasing cybersecurity challenges. According to an IDC report, 98% companies surveyed in H1 2021 experienced at least one cloud data breach in the past 18 months. At the same time, 31% of respondents said they’re spending more than $50 million per year on cloud infrastructure, opening them up to additional attacks if their cloud environments aren’t configured correctly. In its 2021 Cloud Security Study, Thales found that only 17% of companies encrypt more than 50% of sensitive data that they host on cloud environments — despite the surge in ransomware attacks.

Lacework, which was founded in 2015 by Mike Speiser, Sanjay Kalra, and Vikram Kapoor, aims to close security gaps across DevOps and cloud environments by identifying threats targeting cloud servers, containers, and accounts. Its agent provides visibility into running processes and apps, using AI to detect anomalous behavior. Concurrently, the agent monitors for suspicious activities like unauthorized API calls and the use of management consoles and admin accounts, limiting access to vulnerable ports and enforcing “least access” privileges.

Kalra previously worked at Cisco as a senior product manager. Kapoor spent six years in various roles at Oracle, overseeing work on the data layer and storage side of the business. Speiser, a managing director at Sutter Hill Ventures, was a founding investor in Lacework and remains an active member of the board.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

“Kapoor and Kalra founded Lacework with the goal of taking a data-driven approach to cloud security. We view security as a data problem and our platform is uniquely suited to solve that problem,” Parikh told VentureBeat via email. “Traditional security solutions force companies to amass a patchwork of point solutions and then manually tell them what to watch for, resulting in an inefficient and ineffective security process. At Lacework, we use data to uncover security risks and threats.”

Analytics-driven security

Parikh describes Lacework’s platform — which is built on top of Snowflake — as “data-driven.” By collecting and correlating data across an organization’s public and private clouds, including Amazon Web Services, Microsoft Azure, and Google Cloud Platform instances, Lacework attempts to identify security events “that matter,” logging incidents to create a baseline against which future events can be measured.

“We believe our solution is uniquely suited to solve the data as a security problem. Our approach to security — as a data problem — is unique,” Parikh said. “[Lacework] uses unsupervised or autonomous machine learning, behavioral analytics, and anomaly detection to uncover unknown threats, misconfigurations, known bads, and outliers across [environments.] The platform automatically learns activities and behaviors that are unique to each of our customer’s environment, creates a baseline, and surfaces unexpected changes so they can uncover potential issues and threats before they become significant problems.”

Lacework offers continuous host vulnerability monitoring, preflight checks, and continuous integration and deployment automation workflows designed to expedite threat investigation. More recently, the company made available tools from Soluble, a platform it acquired that finds and fixes misconfigurations in infrastructure as code to automate testing and policy management. (Infrastructure as code, often shortened to “IaC,” enables developers to write code to deploy and manage hardware infrastructure.)

Continued growth

In a boon for Lacework, the cybersecurity industry shows no sign of slowing. Cybersecurity Ventures — which noted that the cybersecurity market grew by roughly 35 times from 2004 to 2017 — recently predicted that global spending on cybersecurity products and services will exceed $1 trillion cumulatively over the five-year period from 2017 to 2021. During roughly the first half of 2021 alone, venture capitalists (VCs) poured $11.5 billion into cybersecurity startups as supply chain attacks and breaches ramped up. That easily surpassed the $7.8 billion total VCs pledged in all of 2020.

Over the past few months, Lacework — which claims to have “hundreds” of customers — has substantially expanded geographically as it places a concerted effort on marketing and customer acquisition. In October, it entered the Australian and New Zealand market, establishing an office in Sydney as a launchpad for further growth across Asia Pacific. And earlier in the year, Lacework announced it would make “significant investments” in building out Europe, Middle East, and Asia operations, including a European headquarters in Dublin, Ireland; regional offices in the U.K., France, and Germany; and an Amazon Web Services datacenter in Frankfurt, Germany.

“We are experiencing tremendous growth with no signs of slowing down. Our revenue continues to grow along with our customer base and employee base,” Parikh added. “We plan to use this funding to extend our lead in the cloud security market by fueling product innovation that expands the company’s total addressable market and pursuing additional strategic acquisitions, like the recently announced Soluble transaction … We’ll also scale go-to-market strategies, growing our workforce and presence globally to better serve our customers.”

To date, Lacework — which has more than 700 employees — has raised more than $1.85 billion in total capital. The company claims its latest funding round is the largest in security industry history.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.