📡 TCP #67: Earnings SZN; Bigger Budgets; and Product News
Security Product News | Nov 13th - Dec. 4th, 2024
Welcome to Issue 67 of The Cybersecurity Pulse! I'm Darwin Salazar, PM at Monad and former Detection Engineer. Each week, I explore the latest security product innovations and industry news. Stay ahead of security trends and themes by subscribing below to receive weekly digests directly to your inbox. Share with a friend if already sub’d! 📩
Welcome to another jam-packed issue of TCP! It's been a couple of weeks since the last TCP so we have a lot of ground to cover, especially on the earnings front! 💰
Peering in on the quarterly results and earnings call transcripts of publicly traded security companies is valuable for a plethora of reasons regardless of your position in the security ecosystem. I may or may not have a full post coming out on this soon. That said, what you'll read today are just observations and not financial advice.
Apart from it being earnings season, we're also in the final stretch of the year and AWS Re:Invent is currently taking place so lots going on.
Anyhow, let's cyber! 🕺🏽
Earnings
Palo Alto Networks (PANW 0.00%↑) reported earnings yesterday with total revenue coming in at $2.1 billion. A 14% increase from the same quarter last year. Their CEO, Nikesh Arora, attributes much of this success to their platformization approach. PANW also announced a 2:1 stock split which will go into effect on Dec. 16th, 2024.
To see their full presentation including slide deck, see here.
Crowdstrike (CRWD 0.00%↑) also recently reported earnings. Quarterly revenue came in at $1.02 billion. 29% increase YoY. They added $153M in new ARR. They're now at $4 billion in ARR. 97% gross retention signals that the July BSD fiasco, which seemed catastrophic at the time, has not impacted them as folks had initially thought. Huge kudos to the CEO, Mr. Kurtz for handling the matters head on.
As you can see in #2 in the image above, CrowdStrike has also benefited tons from the platformization strategy. Despite the strong quarter, where they topped Wall St. analyst expectations, the stock price has taken a hit since reporting last week.
See here for all Q3 FY25 result assets.
Though ZScaler (ZS 0.00%↑) had a fairly strong quarter with $628M in quarterly revenue (+26% YoY), Wall St. analyst seemed to be underwhelmed and dropped the stock leading to a ~9% decline the following day. Haven't fully dug into this one but seems like their GTM strategy and team are getting a bit of an overhaul. New CRO, new CMO + more new sales leadership.
You can read more about Zscaler's earnings report here.
Okta is another one that reported a very strong quarter. Quarterly revenue came in at $665M (+14% YoY). The Okta stock (OKTA 0.00%↑) was up 15% in after hours after reporting earnings 🚀
You can read more about Okta's earnings report here.
SentinelOne (S 0.00%↑) reports earnings after US market close today, Dec. 4th.
Sponsor Spotlight🌟
Organizations use an average of 129 shadow apps, often connected to core business apps—posing significant data risks. The State of SaaS Security 2024 Report by Reco provides actionable insights for managing your expanding SaaS footprint.
Among the findings, 26% of apps operate without visibility from Security teams; 1 in 10 accounts lack Multi-Factor Authentication (MFA); and 91% of Salesforce instances face unauthorized file-sharing risks. Discover the most critical SaaS security challenges today and learn practical steps to address them.
Picks of the Week🎯
2025's CISO: Bigger Budgets But Higher Stakes
"Gartner's information security budget forecast for 2025 foresees a marked increase in cybersecurity investments. Global spending in this sector is set to reach $212 billion, reflecting a 15.1% rise from 2024. " - Kirsten Doyle, TripWire
Data Engineering For Cybersecurity Part IV! ⚙️
I recently wrote a blog post on the internals + importance of data transformation in security. It’s a meaty, technical one with lots of real-world examples. When done right, data transformation can absolve security teams from much of their data wrangling woes which is one of the root causes for alert fatigue.
Check it out the full blog here!
OCSF Joins The Linux Foundation 🎉
Speaking of data transformation: Open Cybersecurity Schema Framework (OCSF) officially joins The Linux Foundation. By joining, the OCSF project gets a boost in support, contributors, reputability, and guidance on how to scale into becoming the go-to security data schema framework.
GitHub Launches Fund to Improve Open Source Project Security
Github has announce and open source security fund which will invest $1.25 million across 125 open source projects and providing free access to Copilot, Secret Scanning and free training for project maintainers. Kudos to Github for blazing the trail for open source security!
CISOs can now obtain professional liability insurance
“If everything goes right, that’s what people expect. If something goes wrong, they’re the person that everybody looks at and they’re left holding the bag. Then, there are potentially significant financial ramifications for them because they’re often not covered by traditional insurance policies.”
After the SEC sued SolarWinds CISO in October 2023, it sent a chilling a effect through the CISO community with many reconsidering their career choice and whether they'd have ample legal protection if such an event were to happen to them. Thankfully, insurers and lawyers have been taking note and devising ways in how to protect CISOs from such instances.
Sponsor Spotlight🌟
SecOps teams are stretched thin, burdened by manual processes and fragmented workflows while facing an ever-evolving threat landscape. Prophet AI SOC Analyst transforms how teams investigate and respond to threats—triaging and investigating alerts in seconds instead of the 20-60 minutes a typical investigation requires.
By automatically handling false positives and streamlining alert investigations, Prophet AI empowers analysts to focus on high-impact tasks that strengthen defenses, reduce burnout and attrition, and boost productivity.
Product News 📰
Product news. My favorite kind of news.
AI Security
AI-SPM has been hot lately as you could imagine. I would say it’s more of a product extension (CSPM) than an entirely new category. Simply put it revolves around providing visibility and governance for cloud provider’s AI services. SentinelOne is piloting with support for Amazon SageMaker, Amazon Bedrock, Google Vertex AI and Microsoft Azure OpenAI.
Read more about the launch here.
More AI Security news ⬇️
Application Security
Microsoft integrates source-code analysis into its cloud security suite
Microsoft recently partnered with Endor Labs to bring their Source-Code Analysis (SCA) capabilities into its’ CNAPP, Microsoft Defender for Cloud.
“…the native integration enables teams to correlate SCA findings with runtime alerts to view code-to-runtime attack paths. That means they can trace exploitable vulnerabilities found in open-source software dependencies to potential exploit paths in their cloud environments.” - Endor Labs
More AppSec product news ⬇️
Cloud Security
My friend has an amazing analysis coming out on this one later today. Monitor his LinkedIn to see when it drops. Check out this sick meme vid he made in the meantime 🤣
More cloud security product news ⬇️
Data Security
Cyera Raises $300 Million at $3 Billion Valuation
A $300M Series C is thick. Cyera is the real deal and the one to top in the data security space. Next-level leadership team from CEO to CMO to CISO + its product primes it for success in the long run. Will be fun to watch them continue to grow!
Let's Grow Together!🫱🏽🫲🏻
Are you looking to boost your brand's visibility? Partner with us! Sponsoring TCP not only helps us continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of over 4,500 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye For Now!
That’s all for this week… ¡Nos vemos la próxima semana! 👋🏽