On October 5, NetSPI CEO Aaron Shilts was featured in the VentureBeat article called Need for secure cloud environments continues to grow, as NetSPI raises $410M. Read the preview below or view it online.

+ + +

In an era of cloud computing and off-site third-party services, traditional network-based security approaches simply aren’t effective. With research showing that large organizations maintain an average of 600 software-as-a-service (SaaS) applications, the modern attack surface is too vast to manage without a purpose-built attack surface management solution.

Attack surface management solutions provide a tool to automatically discover public-facing assets located outside the perimeter network, and identify vulnerabilities in shadow IT assets and misconfigured systems that hackers can exploit.  

As the need to secure cloud environments increases, these solutions are beginning to pick up more interest, with penetration testing and attack surface management vendor NetSPI today announcing that it has received $410 million in growth funding from global investment firm KKR.

The new funding demonstrates that vulnerability management is giving way to the broader, automated and decentralized approach of mitigating exploits across the entire attack surface. 

NetSPI’s answer to cloud vulnerability sprawl 

The writing on the wall is that enterprises need an approach to managing vulnerabilities that can scale to address exploits across the entire attack surface. For NetSPI, that comes down to offensive security. 

“As we look forward to this next chapter, NetSPI will continue to challenge the status quo in offensive security,” said Aaron Shilts, CEO of NetSPI. “With KKR’s support, we are well positioned to amplify our success building the best teams, developing new technologies, and delivering excellence, so that the world’s most prominent organizations can innovate with confidence.”

In effect, NetSPI provides enterprises with a solution to scan for assets in real-time, 24/7/365, using Open Source Intelligence (OSINT) and other methods. 

You can read the full article at VentureBeat!

Aaron Shilts

On October 5, NetSPI CEO Aaron Shilts was featured in the ISMG article called Pen Test Firm NetSPI Gets $410M Boost From KKR to Fuel M&A. Read the preview below or view it online.

+ + +

Rising offensive security star NetSPI has received a massive follow-up investment from KKR to pursue acquisitions and expand the offensive cybersecurity vendor’s technological and geographic footprint.

The Minneapolis-based penetration testing and attack surface management vendor says the private equity giant’s $410 million growth investment comes on the heels of 50% organic revenue growth in 2021 and 61% year-over-year sales growth thus far in 2022. The latest investment comes just 18 months after KKR led a $90 million growth round to expand the company’s security and client experience teams (see: Hatem Naguib on Charting Barracuda’s New Course Under KKR).

“We’re really challenging the status quo in our segment of cybersecurity,” NetSPI CEO Aaron Shilts tells Information Security Media Group. “Growth is paramount, especially given the market volatility.”

Automation Takes Center Stage

NetSPI was founded in 2001 and employs 400 people, up roughly 50% from a year earlier, according to Shilts. A chunk of the $410 million will be used to recapitalize Sunstone Partners, which brought Shilts in as CEO in 2017, along with an investment. Sunstone Partners is now exiting its position in NetSPI, and with its latest investment, KKR is now the majority owner of NetSPI, he says.

You can read the full article at ISMG Network!

Aaron Shilts

On October 5, NetSPI CEO Aaron Shilts was featured in Twin Cities Business’ article called Minneapolis Cybersecurity Firm NetSPI Raises $410M. Read the preview below or view it online.

+++

Minneapolis-based cybersecurity firm NetSPI has pulled off one of the largest raises in Minnesota this year.

On Wednesday, the company announced that it has secured $410 million from New York City-based investment firm KKR & Co. Inc. In a news release, NetSPI said it will use the funds for “continued technology innovation, talent acquisition, and global expansion.” The company currently employs 400 security professionals and plans to add about 200 more employees over the next year, said NetSPI president and CEO Aaron Shilts in an email. He described the deal as a “growth investment.”

“This is KKR’s second investment in the company, bringing the private equity firm’s total commitment to $500 million,” Shilts said. “KKR is doubling down on NetSPI during a time of high growth activity for the company.”

You can read the full article at Twin Cities Business!

Aaron Shilts

On October 5, NetSPI CEO Aaron Shilts was featured in the StarTribune article called Minneapolis cybersecurity firm NetSPI raises $410M to expand globally. Read the preview below or view it online.

+ + +

A New York investment firm is injecting $410 million in fresh capital into Minneapolis cybersecurity firm NetSPI to fuel the company’s global expansion, a move that reinforces investor confidence in the company’s rising profitability.

The investment from KKR is nearly five times the amount NetSPI raised last May, when it piled up $90 million in growth funding from investors, including KKR, the firm’s first investment in the cyber company. It also is one of the largest this year in Minnesota.

NetSPI will use the money for hiring and further development of its technology, according to a release from KKR. In addition to personnel in Canada, NetSPI is expanding its footprint in Europe, the Middle East, Africa and India.

NetSPI, based in Minneapolis’ North Loop with more than 400 security professionals on payroll, develops offensive security tools that other companies use to test their cyber defense systems against various threats to uncover gaps and reduce security breaches. The list of clients includes financial institutions, cloud providers and health care organizations.

“We’re both grateful and proud of the industry disruption we drove during our partnership with Sunstone Partners,” said Aaron Shilts, CEO at NetSPI. “With KKR’s support, we are well-positioned to amplify our success.”

The company secured its first outside investment in 2017 from Sunstone Partners, an investment firm based in San Mateo, Calif. NetSPI officials did not share the company’s value following the recent funding round, which puts it its total of outside growth capital at or above $500 million since its founding in 2001.

Following the company’s $90 million raise in 2021, Shilts told the Star Tribune he anticipated the company would finish the year with about $50 million in 2021 sales. So far in 2022, the company has experienced a 61% increase in revenue, year over year.

The funding round by NetSPI is one of the largest by an investor-backed, Minnesota private company this year.

“We are excited to double down on our investment in NetSPI to help build a differentiated leader in offensive cybersecurity,” Jake Heller, partner and head of KKR’s technology growth team in the Americas, said in a statement. “We have been very impressed by the performance of the company and the exceptional execution by Aaron and his team over the past 18 months. We believe this is just the beginning of what we can accomplish together.”

You can read the article at Star Tribune!

Aaron Shilts

On October 5, NetSPI was featured in the SiliconANGLE article called Cybersecurity provider NetSPI nabs $410M investment from KKR. Read the preview below or view it online.

+ + +

Cybersecurity services and software provider NetSPI LLC today announced that it has received $410 million in growth funding from private equity firm KKR.

NetSPI will use the capital to grow its workforce, develop new technologies and expand its international business operations. The company added that a part of the funding from KKR will go toward recapitalizing its first institutional investor, private equity firm Sunstone Partner. NetSPI previously raised $90 million last May from KKR and Ten Eleven Ventures. 

Minneapolis-based NetSPI helps companies find and fix vulnerabilities in their technology infrastructure. NetSPI can launch a simulated cyberattack against an organization’s network to find potential weak points. In addition to uncovering vulnerabilities, such simulated cyberattacks enable companies to measure how quickly they can resolve a network breach and find opportunities for improvement.

You can read the full article at SiliconAngle.

Team NetSPI

On October 5, NetSPI was featured in the SecurityWeek article called KKR Boosts NetSPI Stake with $410 Million Investment. Read the preview below or view it online.

+ + +

The $410 growth equity round comes just over a year after NetSPI banked a $90 million funding round led by KKR with participation from Ten Eleven Ventures.

The new funding gives Minneapolis-based NetSPI an extended runway to compete and find profits in the fast-growing attack surface management business. NetSPI offers a cloud-based delivery model that allows customers to perform always-on continuous testing to monitor their attack surface and execute attack scenarios based on real-world attacker tactics, either as a single attack technique or a full attack chain using one pre-built playbook.

In December 2020, NetSPI acquired Silent Break Security, a Utah-based security testing firm that offers network and application testing, red teaming, and adversary simulation. Terms of that deal were not disclosed.

NetSPI says it has found traction with a suite of offensive security solutions – Attack Surface Management, Penetration Testing as a Service (PTaaS), and Breach and Attack Simulation – to help businesses uncover critical security gaps, minimize risk, and reduce the likelihood of a security incident. 

The NetSPI funding for continuous attack surface management technology comes just days after the U.S. government’s cybersecurity agency CISA issued mandatory instructions for federal agencies to improve automated asset discovery and vulnerability detection capabilities.

According to the CISA, the binding operational directive is meant to help federal agencies improve their cybersecurity management capabilities by gaining visibility into all assets in their networks and the vulnerabilities impacting them.

Federal agencies have been given six months to identify network addressable IP-assets in their environments, along with the associated IP addresses (hosts), as well as to discover and report suspected vulnerabilities on those assets, including misconfigurations, outdated software, and missing patches.

The government’s push is sure to attract more attention to the attack surface management category, which has grown in importance to solve problems with vulnerability and patch management, especially for software and other assets that are exposed to the internet. The technology is meant to address gaps in point-in-time penetration testing and vulnerability management and is a highly competitive category with multiple startups jostling for market share. 

You can read the article at SecurityWeek!

Team NetSPI

On October 5, NetSPI was featured in The Business Journal’s article called Cybersecurity company NetSPI raises $410M from KKR. Read the preview below or view it online.

+ + +

NetSPI, a Minneapolis-based cybersecurity company, announced Wednesday that it has raised $410 million in growth funding from investment firm KKR.

The new financing adds to previous funds the New York City-based investment firm had invested in the company last year alongside cybersecurity-focused venture capital firm Ten Eleven Ventures, a deal that totaled $90 million, the Business Journal reported.

You can read the full article at The Business Journal!

Team NetSPI

On October 5, NetSPI CEO Aaron Shilts and VP of Business Development and Strategic Alliances Lauren Gimmillaro were featured in CRN’s article called KKR Invests Another $410M In Fast-Growing Security Firm NetSPI. Read the preview below or view it online.

+ + +

Private equity powerhouse KKR obviously likes what it’s seen since it first invested in cybersecurity firm NetSPI last year.

The New York-based KKR, which led a $90 million funding round for NetSPI in 2021, is now investing an additional $410 million in the penetration testing and attack surface management firm, NetSPI said on Wednesday.

The massive growth investment will be used to support NetSPI’s product development, talent hirings, possible company acquisitions and aggressive expansion of the firm’s channel program, said NetSPI chief executive Aaron Shilts.

Much of the money will also be used to effectively buy out previous majority owner Sunstone Partners, Shilts told CRN.

As for the channel, Shilts said less than 10 percent of the private company’s current revenues come from the channel. But NetSPI, which recently hired a new channel chief and launched a new partner program in August, is determined to boost its sales via various players within the channel, he said.

“It was the right time for us to double down on channel investment,” said Shilts, whose company was founded in 2001 but only received its first outside investment in 2017, led by Sunstone Partners.

Shilts said the firm decided to wait a bit after its first equity investment five years ago before moving from mostly direct sales to channel sales.

“We wanted to ensure that we had the maturity and the growth,” he said. “I think the worst thing that we could do is not have that [initial sales] mastery in place. It was just a matter of maturing over several years before we were ready.”

You can read the full article at CRN!

Aaron Shilts

On October 5, NetSPI was featured in the Channel Future article called KKR Ups Investment in NetSPI with $410 Million in New Funding. Read the preview below or view it online.

+ + +

Global investment firm KKR is providing $410 million in new funding to NetSPI, a provider of enterprise penetration testing and attack surface management.

KKR is increasing its investment in NetSPI with the funding. It initially invested in NetSPI in May 2021.

The funding recapitalizes NetSPI’s first institutional investor Sunstone Partners. The transaction will close by the end of 2022, subject to customary regulatory approvals.

Lauren Gimmillaro is NetSPI’s vice president of business development and strategic alliances.

“The investment from KKR will be used to continue innovating and expanding our technology portfolio, to expand globally, and to increase the talent at NetSPI,” she said. “We launched the NetSPI Partner Program earlier this year. So this funding will help us grow our channel team, ranging from channel development managers to those who can train partners in enablement, and much more. With this investment, we can double down on growth and expansion. And an important piece of that plan is the channel.”

Enterprises use NetSPI’s suite of offensive security solutions to uncover critical security gaps, minimize risk and reduce the likelihood of a security incident. The suite includes attack surface management, penetration testing as a service (PTaaS), and breach and attack simulation.

You can read the full article at Channel Futures!

Team NetSPI

On October 5, NetSPI CEO Aaron Shilts was featured in the Crunchbase article called KKR Invests $410M In Cyber Firm NetSPI. Read the preview below or view it online.

+ + +

Although venture funding in cybersecurity has taken a slight dip this year—as it has in most sectors—that does not mean large growth rounds do not exist.

Minneapolis-based cybersecurity company NetSPI locked up a $410 million growth investment from private equity giant KKR. The company provides enterprise penetration testing and attack surface management by simulating cyber attacks for large enterprises and helping businesses defend against them.

KKR initially invested $90 million into NetSPI in May 2021. This new round of funding will recapitalize Sunstone Partners’ stake in the company and allow the firm to exit.

“As we look forward to this next chapter, NetSPI will continue to challenge the status quo in offensive security,” said CEO Aaron Shilts in a release. “With KKR’s support, we are well positioned to amplify our success building the best teams, developing new technologies, and delivering excellence, so that the world’s most prominent organizations can innovate with confidence.”

Founded in 2001, NetSPI has now raised $500 million. It has grown its revenue fivefold and is seeing 61% revenue growth in 2022 to date, according to the company.

Cyber funding

Funding to VC-backed cybersecurity startups is not on pace to hit last year’s high of more than $23 billion, as it was at about $10.3 billion through the first six months of the year, according to Crunchbase data.

That is not surprising considering venture capital as a whole has seen a slowdown. However, it is worth noting cyber startups saw more funding in the first half of the year than in all of 2020, which saw $8.9 billion invested in the industry.

The NetSPI deal also shows KKR’s continued interest in cybersecurity. In May, the firm led a $200 million Series C for Hoboken, New Jersey-based Semperis, an enterprise identity protection provider.

You can read the article at Crunchbase!

Aaron Shilts