New investment to fuel the offensive security leader’s record-breaking growth and innovation pipeline.
Minneapolis, MN – NetSPI, a leader in enterprise penetration testing and attack surface management, today announced that global investment firm KKR is increasing its investment in the company with $410 million in new funding. The growth investment validates NetSPI’s significant outperformance since KKR’s initial investment in May 2021 and will support NetSPI’s continued technology innovation, talent acquisition, and global expansion, as well as recapitalizing NetSPI’s first institutional investor Sunstone Partners.
Enterprises rely on NetSPI’s comprehensive suite of offensive security solutions – Attack Surface Management, Penetration Testing as a Service (PTaaS), and Breach and Attack Simulation – to uncover critical security gaps, minimize risk, and reduce the likelihood of a security incident. Founded in 2001, NetSPI leverages its ‘technology powered, human delivered’ penetration testing approach to improve the security of organizations globally, including the top financial institutions, largest cloud providers, leading healthcare organizations, and many of the Fortune 500.
“We are excited to double down on our investment in NetSPI to help build a differentiated leader in offensive cyber security,” said Jake Heller, Partner and Head of KKR’s Technology Growth team in the Americas. “We have been very impressed by the performance of the company and the exceptional execution by Aaron and his team over the past 18 months. We believe this is just the beginning of what we can accomplish together.”
“We’re both grateful and proud of the industry disruption we drove during our partnership with Sunstone Partners,” said Aaron Shilts, CEO at NetSPI. “As we look forward to this next chapter, NetSPI will continue to challenge the status quo in offensive security. With KKR’s support, we are well positioned to amplify our success building the best teams, developing new technologies, and delivering excellence, so that the world’s most prominent organizations can innovate with confidence.”
NetSPI has consistently outpaced growth forecasts. Over the past five years, the company has grown its revenue five-fold, exceeding 50 percent organic revenue growth in 2021 and 61 percent growth in 2022 to date. Key growth drivers include:
NetSPI’s Penetration Testing as a Service (PTaaS) delivery model, where human ingenuity and novel technologies intersect to create consistent, scalable, and efficient pentesting results.
The acquisition of Silent Break Security, which added additional offensive testing expertise and talent depth, along with innovative technologies that have expanded NetSPI’s global offerings.
The introduction of Attack Surface Management to identify and protect the unknown with continuous penetration testing and manual exposure triaging.
The NetSPI University training program which enables NetSPI to develop the next generation of cybersecurity talent through formal curriculum and hands-on labs and mentorship, resulting in the most comprehensive training and certification program in security testing.
Continuous advancement and innovation across all three technology platforms – ASM, Resolve, and AttackSim – to enable teams to deliver more accessible and impactful results.
Establishing strong teams in Canada, EMEA, and India as key component of the company’s global expansion efforts.
NetSPI’s ability to recruit and retain top industry talent. The company recently reached the milestone of more than 400 offensive security professionals globally.
“NetSPI continues its trajectory of strong, and accelerating, organic growth and profitability and we are excited about the opportunity to continue this momentum with further investments in technology, people, geographical expansion and strategic acquisitions,” said Ben Pederson, a Director on KKR’s Technology Growth team. “Penetration testing is an increasingly important and strategic aspect to any enterprise’s security posture and we believe NetSPI is a category defining player in the space through their best-in-class technology and PTaaS delivery model. We look forward to supporting NetSPI’s continued growth on a global scale.”
“Following our investment in 2017, we’ve had the pleasure of working closely with NetSPI’s team as the company evolved and established itself as the high-growth, profitable security leader it is today,” said Gustavo Alberelli, Сo-Founder & Managing Partner at Sunstone Partners. “This transaction demonstrates that even during these turbulent times cybersecurity market leaders such as NetSPI will remain highly valuable – especially those providing mission critical solutions to global enterprise customers. We’ve enjoyed having KKR as co-investors since 2021 and look forward to watching NetSPI’s continued success in the future.”
This investment follows NetSPI’s most recent $90 million funding round from KKR and cybersecurity specialist investor Ten Eleven Ventures and comes from KKR’s Technology Growth strategy, which is dedicated to growth equity investment opportunities in leading high-growth technology companies in North America, Europe and Israel.
The transaction will close by the end of 2022, subject to customary regulatory approvals. Goodwin Procter LLP advised NetSPI on the transaction and Latham & Watkins LLP advised KKR.
NetSPI is the leader in enterprise penetration testing and attack surface management. Today, NetSPI offers the most comprehensive suite of offensive security solutions – attack surface management, penetration testing as a service, and breach and attack simulation. Through a combination of technology innovation and human ingenuity we help organizations discover, prioritize, and remediate security vulnerabilities. For over 20 years, NetSPI’s global cybersecurity experts have been committed to securing the world’s most prominent organizations, including nine of the top 10 U.S. banks, three of the five largest healthcare companies, the leading cloud providers, and many of the Fortune® 500. NetSPI is a KKR and Ten Eleven Ventures portfolio company and is headquartered in Minneapolis, MN, with global offices across the U.S., Canada, the UK, and India. For additional information, visit www.netspi.com or follow us on LinkedIn or Twitter.
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries. For additional information about KKR & Co. Inc. (NYSE: KKR), please visit KKR’s website at www.kkr.com and on Twitter @KKR_Co.
About Sunstone Partners
Sunstone Partners is a growth-oriented private equity firm that makes majority and minority investments in technology-enabled services and software businesses. Recently recognized as one of Inc.’s 50 founder-friendly private equity firms for entrepreneurs, the firm seeks to partner with exceptional management teams, often as their first institutional capital partner, to help accelerate organic growth and fund acquisitions. Founded in 2015, the firm has $1.7 Billion of committed capital. For more information, visit www.sunstonepartners.com.
PTaaS is NetSPI’s delivery model for penetration testing. It enables customers to simplify the scoping of new engagements, view their testing results in real time, orchestrate faster remediation, perform always-on continuous testing, and more - all through the Resolve™ vulnerability management and orchestration platform.
We help organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
At NetSPI, we believe that there is simply no replacement for human-led manual deep dive testing. Our Resolve platform delivers automation to ensure our people spend time looking for the critical vulnerabilities that tools miss. We provide automated and manual testing of all aspects of an organization’s entire attack surface, including external and internal network, application, cloud, and physical security.
Our proven methodology ensures that the client experience and our findings aren’t only as good as the latest tester assigned to your project. That consistency gives our customers assurance that if vulnerabilities exist, we will find them.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
YouTube session cookie.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
NetSPI acquires nVisium, bringing top penetration testing talent together.