Cloud Security Series #2: Pre-IPO, Lacework
Summary
- Lacework has an interesting backstory culminating in an All-Star leadership team and a staggering $1.3bn raised in November 2021. But right now, the company is going through tough times.
- Nonetheless, the startup has a novel approach to cloud security and is worth learning about to further an understanding of the cloud security landscape and the future of cybersecurity.
- We dive into Lacework’s machine learning security platform. We also explain the benefits and drawbacks of Lacework’s technology architecture, and also the cost disadvantage built in.
- Lastly, we discuss Lacework’s advantages and disadvantages versus the competition, and highlight some risks to Lacework’s recovery.
Intro
Lacework is one of the key players in the race toward the goal of CNAPP (Cloud-Native Application Protection Platform). In November 2021, Lacework was valued at $8.3bn following its staggering raise of $1.3bn in its Series D, which is the largest funding round in cybersecurity history. Estimates available online indicate 2021 revenue was around $100m. If it wasn’t for the economic downturn, Lacework would probably be preparing for an IPO right now. Due to economic conditions and the impact on Lacework’s business, this isn’t the case, however. Though, for keen cybersecurity investors, we think its worth building some knowledge about this young company as they may eventually get back on their commercial track and the path toward an IPO.
Lacework is approaching cloud security by viewing it as a data problem. Much of the hype is centred around its unsupervised machine learning, which ingests large volumes of data to understand normal baseline behaviours, and then triggers high-fidelity alerts when a threat has been detected. With its ML technology, Lacework is addressing one of the biggest pain points in cybersecurity - the unmanageable volume of alerts. By reducing alerts by orders of magnitude and surfacing only the alerts that need urgent attention, Lacework allows SecOps to alleviate alert fatigue and to channel efforts toward more value-generating activities.
The ML platform combined with an agentless plus agent-based architecture, provides rich insights for prevention, compliance, detection, and speedy remediation. As Lacework continues to expand its scope of capabilities, it is one of the leading vendors in the race to becoming the first true CNAPP (Cloud-Native Application Protection Platform).
The Race Toward CNAPP
Source: Convequity
As we discuss in the Competition section, the agentless plus agent-based architecture gives Lacework comprehensiveness (and one of the winners toward CNAPP). It also scores them high in timeliness (i.e., the time difference between the presence of a threat and the detection of the threat). However, the agent component appears to be a significant cause of Lacework's troubles of late. At present, the industry is swaying more toward agentless approaches, which have speedy and lower-stress deployments. This is evident in Wiz's recent success. Lacework has recently attempted to address the issue by introducing an agentless workload scanning solution which is currently in beta mode. This should give its customers an easier way to scale out their environments in a secure manner. It's certainly an area of their business that deserves monitoring to see whether it helps the company turn around its outlook.
Backstory: CEO, Founder, Investor
Lacework has a CEO with substantial pedigree, the technical founder is very much still involved as the CTO, and it has the backing of a highly successful venture capitalist who is actively engaged.
Founder & CTO
Lacework was founded in 2014 by Vikram Kapoor. Prior to founding Lacework, Kapoor worked for nearly seven years at Oracle as a Development Manager for the company’s database products, and then 3+ years at Bromium as the Senior Director of Engineering. Bromium was an endpoint security startup that used micro virtualisation to sandbox (i.e., isolate) incoming traffic, like an email, a web page, or file, etc. to protect the device from potential malicious code.
Interestingly, Kapoor joined Bromium as the first employee only a few months after it was founded in 2010. He left the startup in its early stages, though his contributions helped Bromium raise its profile enough for it to eventually be acquired by HP in 2019. Following his departure at Bromium, Kapoor started Lacework as an Entrepreneur-in-Residence at Sutter Hill Ventures.
When considering Kapoor’s background, his motivation to create Lacework is clear. He has the skills and experience in databases and security, and wanted to combine these to bring a data-driven platform to the cloud security market.
Current CEO & CEO Backstory
The current CEO is Jay Parikh, who previously spent 11 years as the VP of Engineering at Facebook. Parikh is credited with building the data centre infrastructure that supports Meta’s numerous apps and services, and remarkably managed the engineering team expansion from 300 to over 30,000 engineers. The calibre of the current CEO is promising for Lacework; however, it’s worth pointing out that Lacework has experienced substantial CEO turnover for such a young startup – as we’ll briefly outline next.
In 2019, Dan Hubbard (considered a thought leader in cybersecurity and currently founder and CEO of Disrupt Security) became the CEO. And then in February 2021, Hubbard returned to his CPO role when David Hatfield was brought in as CEO (Hubbard left Lacework ten months later).
Hatfield has held executive positions at Akamai, Symantec, and Limelight Networks before serving as President at Pure Storage. Hatfield took charge of Pure Storage in 2013, when it had only 100 employees and little revenue. He then led Pure Storage to its IPO in 2015, and to becoming the fastest company in history to reach $1bn in annual revenue. Incidentally, Pure Storage was Sutter Hill Ventures' first major success, and provided the backbone for Mike Speiser's future investments, both in terms of capital and talent source.
In July 2021, Parikh joined Lacework (following two months in an advisory role), and both Hatfield and Parikh served as co-CEOs. Lacework has been hit hard by the economic downturn, having to lay off about 20% of its employees. Sidenote: this may imply that Lacework’s platform, being laid on top of Snowflake, which in turn is laid on top of AWS, leads to a product that is too pricey for customers, especially in the current climate. We’ll discuss this in detail later in the report. As part of a restructure to the business, earlier this month, it was announced that Hatfield is stepping down as co-CEO and will remain on the board, and that Parikh will be the sole CEO going forward.
The Leadership Team Going Forward
Indeed, there has been instability within Lacework’s leadership team. Notwithstanding the disruption, the startup still has an All-Star leadership team. Parikh as CEO and Kapoor as CTO, have recently welcomed distinguished security engineer Ulfar Erlingsson to serve as the Chief Architect. Erlingsson has a PhD in computer science from Cornell University, and among his long list of accomplishments, he serves as the Chair of the IEEE Technical Committee on Security and Privacy, has authored numerous publications, founded a startup acquired by Google that forms the basis of Google Chrome’s security, and worked at Google as a Manager for Infrastructure Security for several years.
Mike Speiser of Sutter Hill Ventures
Probably the biggest star of the All-Star team, however, is Mike Speiser. Speiser, Managing Director of Sutter Hill Ventures, is a VC with a differentiated approach that has proved to be highly successful. Rather than make a diversified set of bets across many startups, Speiser has a concentrated portfolio which has enabled him to focus more resources into his investments. It’s a risky strategy but has paid off handsomely.