Data Loss Prevention (DLP) , Email Security & Protection , Email Threat Protection

Abnormal Security Secures $250M for AI Cybersecurity Growth

Wellington Management Leads Series D Funding Round to Fuel More R&D, Global Growth
Abnormal Security Secures $250M for AI Cybersecurity Growth
Mike DeCesare, president, Abnormal Security (Image: Abnormal Security)

A startup led by an ex-Twitter executive raised $250 million to expand its global presence and enhance its email security and account takeover prevention offerings.

See Also: 2024 Threat Hunting Report: Insights to Outsmart Modern Adversaries

The San Francisco-based human behavior security vendor said the Series D funding will enable Abnormal to push into non-English speaking markets, enter the U.S. federal sector, and look into building data loss prevention and insider threat offerings, said President Mike DeCesare. The Wellington Management-led round values Abnormal at $5.1 billion, and comes after hitting $200 million in annual recurring revenue.

"It comfortably gives us the capitalization that we need in the business to navigate this to be a long-term generational company," DeCesare told Information Security Media Group.

The latest funding comes 27 months after Abnormal Security closed a $210 million Series C round at a $4 million valuation, meaning Abnormal boosted its market cap by 27.5% despite the economic downturn. The company, founded in 2018, employs 747 people and has been led by Evan Reiser, who previously headed product management and machine learning for the advertising business at Twitter (see: Abnormal Security Raises $210M to Push Beyond Email Defense).

Expanding Beyond English-Speaking Countries

DeCesare praised Wellington Management for its shared vision, forward investment in AI and the potential to aid Abnormal in its eventual transition to a public company. Although Abnormal has strong financials and operates efficiently, the company needs to expand its product portfolio and market presence, especially in non-English speaking regions, to be ready for an initial public offering, DeCesare said.

"Having a cornerstone like Wellington on your cap table and helping us navigate those waters and also be consistent through that transition [to a public company] is super positive," said DeCesare, noting that Abnormal has doubled its annual recurring revenue over the past year.

Abnormal aims to extend its reach beyond English-speaking nations by localizing its products for various markets, including Japan, Germany and France, DeCesare said. This expansion is driven by the desire to capture additional market share and support multinational customers with global operations who expect local support in all the regions they operate, according to DeCesare.

In addition, DeCesare said Abnormal is making significant investments to penetrate the federal market, including technical support and professional services tailored to the needs of the U.S. government. The need for FedRAMP certification to serve federal agencies has created a major opening for Abnormal's capabilities around email security, according to DeCesare.

From a product standpoint, DeCesare said Abnormal aims to strengthen its email security suite with additional products such as AI security mailbox and account takeover protection, and to address new types of threats emerging from cloud applications. The company enjoys high adoption of its email account takeover offering, and plans to focus on cross-selling ancillary tools to its core email security customers (see: From Email to Human Behavior: Abnormal Security's Evolution).

"There's a whole expansion opportunity for us just inside the email stack," DeCesare said. "Every customer we've sold to, there are other email products we actively are trying to sell them that make the experience of having email security even stronger. Then outside of that, there is a whole other set of products, which really starts with account takeover."

What Makes DLP, Insider Threat Prevention Attractive

DeCesare said Abnormal is exploring areas like data loss prevention and insider threat prevention tools as potential areas for future expansion since those markets align with customer demand and Abnormal's capabilities in behavioral analysis. Abnormal's human behavioral baseline technology is well-positioned to set the company apart around insider threats, while rivals like Proofpoint and Mimecast play in DLP.

"DLP is obvious because it's the biggest thing that the traditional security email gateway providers have that Abnormal doesn't," DeCesare said. "So it'd be a very logical next step for us to go into."

Abnormal has a high win rate against companies like Proofpoint and Mimecast due to proof-of-value engagements that show the company catching threats that traditional secure email gateways miss, according to DeCesare. He said the company leverages AI to enhance its products, ensuring the company can autonomously respond to and neutralize threats in real time (see: Abnormal Snags Exabeam, Forescout CEO Mike DeCesare as Prez).

Key metrics for Abnormal include maintaining high top-line growth, achieving free cash flow positivity, and ensuring high customer retention rates, which DeCesare said are crucial for a successful initial public offering.

"We've been able even at scale to maintain an above-average growth rate," DeCesare said. "I mean, $200 million ARR and 100% year-over-year growth is obviously pretty strong at that level of scale."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.