Coro secures $60M at ~$500M valuation for an all-in, SaaS-based cyber protection platform aimed at SMBs

Enterprises typically dedicate significant money and talent towards protecting themselves from security breaches. That leaves a wide opportunity for cybersecurity specialists to build tools aimed at smaller organizations that still face the same security issues — and as some have argued, perhaps even more — as their larger counterparts but don’t have the same resources to fight them.

Coro — a startup building an all-in-one cybersecurity platform aimed at mid-market companies, with functions to monitor devices, users, email, networks, data and apps and remediate any malicious activity — has raised $60 million, funding it plans to use to continue doubling down on this particular gap in the market.

This is a Series C and it’s being led by Balderton Capital out of London, with participation from Jerusalem Venture Partners, a previous backer. Alongside this latest round, the company is also disclosing for the first time an additional $20 million raised in the last six months, bringing the total to $80 million in the period.

The company — based out of Israel but with a substantial operation in the U.S., based out of New York and Chicago — has been around for a while. It used to be called CoroNet (a legacy still alive in its URL) and even participated in our Startup Battlefield in NYC in 2015 — but about three years ago it pivoted away from protecting consumer gadgets from cyberthreats on public WiFi and towards its cybersecurity platform for businesses, a move that CEO and co-founder Guy Moskowitz said has led to 300% growth each year since then, with a total of some 4 million users across 4,500 businesses now covered on its platform.

The company is not disclosing its valuation but we understand from a reliable source that it is now around $500 million. It’s raised around $120 million to date with other investors including Sound Ventures and MizMaa.

Mid-market in Moskowitz’s estimation is between 500 and 4,000 employees, and he considers that a “sweet spot” (if cyber has such a thing) for building security tools that can automate regular work and make some of the other typical functions in an IT security system much easier to handle.

“1,000 to one is the typical ratio for cyber professionals,” he said in reference to how many people get hired, and how many they “account” for in terms of oversight. That means, “if you are an organization smaller than 1,000 often there is nobody there, just IT.”

Add to this how larger enterprises invest in software to equip their security teams. A company like Goldman Sachs might use more than 40 products, he said. A smaller business might these days need to buy between six and 13 different apps to cover aspects of security, such as e-mail filtering, network security, device management, application management, and so on.

“But even if you managed to get the budget for all that and install it, who would chase all the events that these apps will generate?” he asked. “So we decided to look at the problem from the ground up.”

That turn produced Coro as it is today, a platform that acts as a kind of security “super app” that provides coverage in all of the potential attack surfaces that a malicious hacker or virus might touch, with Coro having built the whole stack of services itself: no integrations of third-party apps. Priced at $7 per user per month, it claims to be able to automate and take care of 95% of the security workload that might be generated at a typical business. (Coro’s claim is that a comparable package of point solutions might cost between $45 and $115 per user per month.)

“What we have done is truly shifted the paradigm,” he said. “This is fundamentally different from the old way of using point solutions to address security.” (It is not the only one: there are dozens of other firms targeting mid-market, although often with more point-based solutions. Some like AlienVault and BlueVoyant are also taking a platform approach, albeit with different concepts of how to address the challenge.)

In the world of work (or any place that is dependent on IT, like education), it’s often a frustrating experience for users when those who hold the IT purse strings decide that they will opt for a larger, multi-functional platform over individual point solutions to serve the needs of its users. Typically, that results in a loss of dedicated functionality and customizability.

Moskowitz however believes that Coro is the exception to that state of affairs because of the approach it has taken and that the whole system is underpinned with AI.

“We have one huge really smart AI engine that is being fed from every attack vector, so not only is it not just as good but a whole lot better than any point solution because it doesn’t have blind spots,” he said, noting that anti-phishing, anti-malware and data loss prevention all really go hand-in-hand. “When we can see from everywhere, we can react better. Our solution is embedded across the entire chain.”

With that, though, the platform does come with some compromises. For example, it means a customer cannot customize any part of Coro: WYSIWYG.

“But you can’t customize Dropbox, either,” countered Moskowitz. “We are basically the Dropbox of security. You don’t know cyber as well as we and our machines do.”

It’s a pitch that has wooed customers and investors.

“Coro is the only company in the cyber security industry that is dedicated to servicing the mid-market sector with a solution that is at once affordable, easy-to-implement and truly comprehensive, enabling mid-sized businesses to protect themselves in the midst of a rapidly escalating cyber security climate,” said Rana Yared, general partner at Balderton Capital, in a statement. “Coro is poised to dominate this immense and hugely underserved segment of the market, and we believe that their growth will continue at an exponential rate. We are excited to partner with Coro’s innovative team and participate in their journey to make non-disruptive security a mainstay of growing businesses across industries.”

“We’ve been strong believers in the Coro vision since day one, and have seen the company grow exponentially with real innovation in AI automation and extensive adoption of the Coro platform by growing businesses in every industry,” added Yoav Tzruya, a general partner at JVP. “Coro is well-positioned to become the go-to cybersecurity solution for the mid-market sector, and we are delighted to welcome Balderton Capital to the team as we work together to support Coro’s explosive growth.”

Updated to change the total funding to $120 million and to remove Cisco as an investor.