According to Gartner, the worldwide public cloud services market is projected to grow 18% in 2017 to reach $246.8 billion, up from $209.2 billion in 2016. The highest growth is expected to come from cloud Infrastructure as a service (IaaS), which is projected to grow 36.8% in 2017 to reach $34.6 billion. The public cloud management and security services market is expected to grow 22.5% to $8.7 billion in 2016.
There is a clear inflection point in enterprise adoption of public cloud infrastructure as businesses deploy mission-critical workloads and data in the public cloud. The threat landscape is evolving to take advantage of the gaps that are created by the lack of security know-how and appropriate tools to protect public cloud environments. The recent attacks on Scottrade and CloudPets are examples of this. The principles and best practices around securing public cloud workloads are generally well understood, but challenging to operationalize at scale. Dome9 Security is a cloud security solution provider that addresses the need for new tools that enable enterprise-class security orchestration and automation to manage security operations in the cloud.
Dome9 Security offers an innovative SaaS platform called Dome9 Arc that delivers verifiable infrastructure security and compliance for public and multi-cloud environments. With Dome9 Arc, businesses can visualize and monitor the security posture of their cloud environments, detect and fix vulnerabilities in their security posture, actively protect workloads running in the public cloud, manage compliance, and model and enforce IT governance policies efficiently at any scale.
Dome9 Security was founded in 2011 by CEO Zohar Alon and CTO Roy Feintuch in Tel Aviv. Zohar is a veteran in network security and policy management and had worked at Check Point Software for several years. He had built Provider-1, the service provider security management solution that is still used today by the world’s largest managed service providers and enterprises.
Being at the forefront of the security industry, Zohar saw a gap between what traditional datacenter security tools offered and what was needed in cloud environments. At that time, security concerns with public cloud services stopped several businesses from using the cloud for mission-critical workloads. But Zohar and Roy saw the inevitable rise of the public cloud and set out to build a born-in-the-cloud security platform that would address the security needs of enterprises running production applications at scale in public and multi-cloud environments.
The main value proposition of Dome9 Security is that it offers an agentless platform that natively supports all three major public clouds – AWS, Azure, and Google Cloud Platform (GCP). Dome9 goes beyond just monitoring and reporting and provides rich visualization to find problems and offers in-place remediation that provides the detail and control needed to fix them and active protection to stay secure in the cloud.
Dome9 Security targets both enterprise (over 2500 employees and/or 1000 protected cloud assets) and SME (less than 2500 employees) markets. It has seen strong traction in industries such as financial services, healthcare, technology, and technology-enabled services companies that face regulatory compliance pressures or have strict internal IT governance requirements as they see the value in automating and simplifying security operations.
Dome9 Secuirty’s initial traction came from early adopters of the public cloud. Companies such as Nexgate, which has been acquired by Proofpoint, saw the importance of investing in third-party solutions to manage network security in their AWS environments. Companies that embraced DevOps practices were looking for automation capabilities that would allow them to incorporate security into the software development lifecycle through testing and deployment without slowing things down.
The company has over 250 active paying customers including Proofpoint, Apigee, Virgin Pulse, Pacific Life, Citrix, Cadence, and Aon.
The Dome9 platform is priced based on per instance per month and starts at $250/instance/month for up to 20 instances. It has three product modules – network security, compliance, and IAM protection. Customers can buy one, two, or all three of the modules. It offers a free two-week trial of the platform, which is where most of its customers start. In December 2016, it introduced a new pricing model called Dome9 Flex for AWS customers. It offers truly fractional consumption by allowing customers to pay for enterprise-class cloud infrastructure security and compliance only when instances and services are running in their AWS environment.
Dome9 Security claims to be growing at over 100% y-o-y. It estimates the market for its public cloud security solutions to be around $2 billion, growing at over 60% annually. Its ARR with enterprise customers is around $50,000 – $60,000. Its sales have been largely through direct and inbound efforts, but it is ramping its engagement with channel partners. It is targeting Managed Service Providers (MSPs) and resellers primarily in North America as well as channel distributors in EMEA and ANZ. Cloud Technology Partners (CTP) is partnering with Dome9 Security to offer managed compliance services. It has also announced recently that Westcon-Comstor will be its global distributor.
Dome9 Security has raised $29 million so far. In May 2011, it raised $2 million in a Series A led by Opus Capital. It raised $2.5 million in October 2013 through a convertible note. In October 2015, it raised $8.3 million in a Series B led by ORR Partners with participation from JAL Ventures, Lazarus Israel Opportunities Fund and Pinnacle. In its latest Series C round in April 2017, it raised $16.5 million in a round led by SoftBank Corporation with participation from existing investors. According to the terms of the agreement, Softbank will be the leading distributor of Dome9 Arc in the Japanese market. It is currently focused on building a healthy, independent company.
This segment is a part in the series : 1Mby1M Deal Radar 2017