Oort Redacted Investment Memo
Provided here is our redacted investment memorandum, detailing our rationale for investing in Oort at their Seed Stage in 2020.
Oort is a cybersecurity company with an innovative B2B security platform, combining dynamic risk assessment and zero-trust access controls. Founded by Matt Caulfield, who brings a wealth of experience from his tenure at Cisco, Oort addresses modern security challenges associated with third-party enterprise access.
COMPANY OVERVIEW
Companies, both large and small, rely heavily on third-party collaborations. This spans consultants requiring internal application access (HR, finance), as well as diverse entities (customers, distributors, suppliers) seeking data from databases and internal networks. According to a Cyberark survey, 90% of IT and security decision-makers allow third-party access, with 26% managing over 100 vendors. Notably, 72% see third-party access as a top-10 security concern.
Addressing this challenge, Oort is developing a nimble, secure, and efficient third-party access management platform. Founder and CEO Matt Caulfield's 10-year Cisco tenure in security infrastructure fortifies the team. Early recruits like Jihane Bougazzoul (Microsoft, 8 years), Warren Nelson (Cloudflare, Amazon), and Sam Levin (Kinvey, acquired for $49M by Progress.com) reinforce Oort.
Launched in 2019, Oort is based in Boston and secured pre-seed funding in early 2020 from Bain Capital Ventures and First Start.
KEY HIGHLIGHTS
Prominent Highlights at Investment (Seed)
- Market Potential. Oort's scalability presents a significant market opportunity. Dominated by decacorns such as ZScaler ($15-20B market cap), Okta ($25-30B market cap), and Cisco ($200B market cap), the field is expansive. While our initial focus targets a $1.2B market, discussions with go-to-market experts suggest potential growth to 3-4 times that size, particularly by adapting the pricing model to usage-based rather than user-based.
- Founding Team. Matt Caulfield, the company's CEO, and founder, brings a decade of Cisco experience and a four-year tenure at Lockheed Martin. During his Cisco tenure, he led the Boston Innovation Lab and played a pivotal role in developing the edge technology that underpins Oort’s product. Jihane Bougazzoul, Head of Product, boasts nearly eight years as a Microsoft Senior Program Manager and Product Manager. She joined Oort seven months ago to spearhead the product team.
- Advisor Circle. The Oort team has surrounded themselves with a strong group of advisors. Enrique Salem, former Symantec CEO, and Bain Capital investor; Mike Viscuso, Carbon Black founder and personal investor ($2.1B acquisition by VMWare); Paul Morville, Confer founder ($100M acquisition by Carbon Black). These advisors actively engage, guiding Matt in go-to-market strategy, customer connections, and hiring prospects
THE PAIN POINT
Third-party enterprise access involves establishing B2B connections to provide external entities (e.g., service providers, customers) entry to internal network resources (data, applications). Like the broader cybersecurity landscape, the third-party network access security sector is evolving. With remote work and multi-site presence becoming standard, application interconnections and extensive networks are rising. These networks span remote data centers, satellite offices, and remote teams. Companies require a secure, reliable, low-latency solution that's user-friendly.
Currently, VPNs (Virtual Private Networks) are the prevailing norm for third-party access. They form encrypted tunnels for service providers or customers to access critical data. However, as third-party access demands surge, VPN setup and upkeep burden companies. In addition, the typical VPN defines access at the network level versus the application layer, where most access is desired. This heightens data vulnerability, endangering the company's cybersecurity stance. Combined with high VPN costs, these issues present a significant pain point for digitally interconnected businesses.
THE NEW AGE
The concept of a secure digital perimeter is no longer a viable strategy. Network security has migrated from a defensive approach to a pro-active, risk-based model to manage access to digital environments. The latest managed access technique is a zero trust model. The foundation of zero trust is that as perimeters dissolve and networks open, no participant can be innately trusted. Instead, zero trust frameworks leverage micro-segmentation or granular perimeter security (i.e., at the application layer) to protect data from bad actors. Zero trust access is already being deployed for first-party access to digital
COMPETITIVE LANDSCAPE
Zscaler
Total Fundraising
- Zscaler is an American publicly listed competitor to Oort. The company has a market cap of $17.5b and over 1,400 employees.
Product Overview
- Zscaler has a directly competitive product to Oort known as Zscaler Private Access (ZPA). ZPA is a cloud-delivered, zero trust network access service that provides secure access to private applications without the need for a remote access VPN
- ZPA leverages TLS encryption to establish a secure connection between the end user (customer or partner employees) and the application that’s hosted on a private network. Zscaler leverages its global point-of-presence network to deliver a performant and reliable end-user experience that doesn’t tie application access to the physical network.
- Because ZPA was designed as a VPN substitute for internal employees, it lacks key features to enable usable and low-friction B2B secure access for third-party users. (e.g., no Privileged Access Management functionality)
Founding Team
- Zscaler was founded by Jay Chaudhry in 2008. Jay is a serial entrepreneur. His previous companies include AirDefense, CipherTrust, CoreHarbor and Secure IT.
Odo
Total Fundraising
- Odo is an Israeli-American private competitor to Oort. The company, which was founded in 2017, raised $5m from DFJ Tel Aviv Venture Partners in 2019.
Product Overview
- Odo’s competitive product is the closest to Oort’s. Odo brands itself as the easiest and most secure way to manage & monitor privileged access to internal applications, servers, and databases in any environment.
- The Odo cloud includes gateway protections at the data plane (an identity-aware proxy) and a controller at the control place (for user access controls).
- The company offers similar log visibility as Oort and supports VPC and on-premise connections.
Founding Team
- Odo was founded by Or Zilberman, Noa Shafir and Gilad Steinberg, three Israeli entrepreneurs. Prior to starting the company, all three served in security units within the Israeli Defense Force.
- After, Or was a data solutions manager at SimilarWeb in Israel, Noa was a software engineer at Google, and Gilad was a security developer and researcher within the Israeli government and then as a freelancer.
Axis Security
Total Fundraising
- Axis Security is a direct competitor to Oort that has raised $17m across two rounds (a $3m Seed round by Cyberstarts and a $14m round led by TenEleven Ventures)
Product Overview
- Axis’ product is the second nearest competitor to Oort from a product standpoint. The company’s App Access Cloud prides itself on delivering simple, secure and managed third-party access to its customers.
- Axis’ product deployed with no agent or network changes (similar to Oort and Odo) required to enable application access.
- The product’s Adaptive Access Technology features enforces behavior based on user behavior analytics -- a feature that Oort does not currently have.
Founding Team
- Axis was founded by Dor Knafo and Gil Azrielant, who met in the Israeli Defense Forces Unit 8200, the Intelligence Corps unit specializing in cybersecurity. Before Axis Security, Dor was an early employee at Fireglass (acquired by Symantec). Gil went on to co-found and serve as CTO at Cool Cousin, a cloud-based platform for travelers.
AppGate
Total Fundraising
- AppGate is an Oort competitor and recent spinout from Cyxtera, a data center and cybersecurity services firm founded in 2017. The company spun out in 2019 with undisclosed funding.
Product Overview
- AppGate’s Software-Defined Perimeter (SDP) product is an open-network security product based on Zero Trust principles for complex (e.g., hybrid) IT environments.
- AppGate’s SDP product boasts Risk-Based Authentication that provides protection at the user level by adapting to known behaviors and using context to authenticate users and approve transactions.
- AppGate was designed for first-party remote access, but is transitioning to third-party access.
Founding Team
- Cyxtera Technologies was founded in 2017 by former Terremark CEO Manuel Medina, through the PE-backed purchase of CenturyLink’s and Savvis’ data center portfolio in the southeast United States. Cyxtera's business model combines data center colocation with network security. Prior to founding Cyxtera, Medina founded Terremark Worldwide Inc, an IT services and data center firm, which sold to Verizon in 2011 and was resold to Equinix in 2016.
BeyondTrust
Total Fundraising
- Beyond is an indirect competitor to Oort that operates in the privileged access management (PAM) space. The company, which was bootstrapped since its founding in 2006, was acquired by Symark in 2009, by the Blackbird Group (PE) in 2012, by Veritas (PE) in 2014 and by Bomgar in 2018.
Product Overview:
- BeyondTrust has a directly competitive product called BeyondTrust Remote Support, which uses a privilege remote access protocol to secure, manage and audit vendor and internal remote privileged access without a VPN.
- BeyondTrust also has BeyondInsight, a centralized management reporting and analytics system to help improve visibility and simplify deployment to reduce privilege-related risk.
Founding Team
- BeyondTrust was founded in 2006 when Microsoft acquired most of DesktopStandard's products, and DesktopStandard's CEO, John Moyer, formed a new company (BeyondTrust) around the remaining Policy Maker Application Security product.
COMPARABLES ANALYSIS AT TIME OF INVESTMENT
Transaction Comparables | |||
Announced | Acquirer | Acquiree | Price ($M) |
09/2020 | Orange | SecureLink | $550 |
06/2020 | Thycotic | OnionID | Undisclosed |
05/2020 | ZScaler | Edgewise | Undisclosed |
04/2020 | ZScaler | CloudNeeti | Undisclosed |
12/2019 | Tenable | Indegy | $78 |
05/2019 | Brickfish | Banyan | Undisclosed |
05/2019 | ZScaler | Appsulate | Undisclosed |
09/2018 | Bomgar | BeyondTrust | Undisclosed |
09/2018 | Long Ridge Equity Partners | ProcessUnity | Undisclosed |
09/2018 | Palo Alto Networks | $300 | |
08/2018 | Palo Alto Networks | RedLock | $173 |
04/2014 | VMWare | AirWatch | $1,540 |
08/2013 | Cisco | SourceFire | $2,700 |
Public Comparables | ||||
Public Company | Ticker | EV ($M) | Revenue ($M) | EV/Revenue |
Okta, Inc. | OKTA | $25,830 | $644 | 40.1 |
SourceFire | Cisco | $2,700 | $223 | 12.1 |
CyberArk | CYBR | $4,590 | $553 | 8.3 |
ZScaler | ZS | $16,734 | $431 | 38.8 |
Palo Alto Networks | PANW | $22,320 | $3,282 | 6.8 |
Median | $16,734 | $553 | 12.1 x | |
Average | $14,435 | $1,027 | 21.2 x |
TEAM OVERVIEW
Matt Caulfield, the company's CEO, and founder, brings a decade of Cisco experience and a four-year tenure at Lockheed Martin. During his Cisco tenure, he led the Boston Innovation Lab and played a pivotal role in developing the edge technology that underpins Oort’s product.
Jihane Bougazzoul, Head of Product, boasts nearly eight years as a Microsoft Senior Program Manager and Product Manager. She joined Oort seven months ago to spearhead the product team.
Oort is actively recruiting a VPE (Vice President of Engineering), engaging with exceptional candidates. Prominent contenders include Dina Bruzek, previously VPE at SourceFire (acquired for $2.7B by Cisco), and John Kinsella, former VPE at Qualys (NYSE: QLYS), joining after his startup's acquisition by Qualys. Matt has demonstrated a keen ability to attract top-tier talent to Oort.