Onapsis Raises $17M Round Led by Evolution Equity Partners to Boost Cyber Security of SAP and Oracle Enterprise Applications
Sharp rise in demand for emerging enterprise application security market drives new funding for cybersecurity firm; supports sales efforts, marketing and research & development
Boston, MA – September 15, 2015 – Onapsis, the global experts in SAP and Oracle enterprise application security, today announced it has closed a $17 million Series B funding round led by Evolution Equity Partners, with full participation of existing investor .406 Ventures as well as new investor Arsenal Venture Partners. This round brings the total investment in Onapsis to $30 million since the inception of the company. J.R. Smith, partner at Evolution and former CEO at AVG Technologies (NYSE: AVG), will join the company’s board of directors.
This news comes in the wake of a new breed of breaches that are stealthy and targeted on corporate espionage, estimated to cost an annual $445 billion for companies globally. The first widely and publicly reported breach affecting SAP enterprise applications involved USIS, which provided security clearance services for Office of Personnel Management (OPM) and Department of Homeland Security (DHS). This recent attack involved exploiting the company’s vulnerable SAP ERP systems and put a public spotlight on why hard to find vulnerabilities in complex SAP enterprise applications are the perfect target for cyber attackers. The oversubscribed investment in Onapsis reflects the sharp rise in demand for specialized, scalable and comprehensive solutions from Global 2000 organizations to secure their critical SAP and Oracle enterprise applications as well as a rapidly maturing market.
Enterprise applications running on SAP and Oracle such as enterprise resource planning (ERP), customer relationship management (CRM), human capital management (HCM), business intelligence (BI) and supply chain management (SCM) house an organization’s most valuable data and support mission-critical business processes. They are also major targets at risk to nation-state attacks, intellectual property theft, financial fraud and sabotage. However, today’s traditional security vendors do not offer detection and response capabilities necessary for fully securing the SAP and Oracle enterprise application layer from attacks. With SAP and Oracle releasing hundreds of security patches annually, security and IT teams are finding it a challenge to keep up. As these applications are increasingly moving to a hybrid cloud model, with mobile and IoT environments, their attack surface is expanding exponentially.
“It’s critical that, as an industry, we get SAP and Oracle enterprise application security right. The economic and legal risk is too high for businesses to continue operating with their critical data exposed,” said J.R. Smith, partner, Evolution Equity Partners. “Onapsis has established itself as the leading global experts in this field. Our commitment to enter one of the fastest growing market segments in security is attributed to Onapsis’ patented technology, a strong research and development team and the quality of execution from their leadership team,” continued Smith.
As estimated by Onapsis, the SAP and Oracle enterprise application security market will grow to approximately $3.3B by 2018 with the majority of the Global 2000 using these applications in traditional as well as cloud and mobile platforms across on-premise, hybrid and public cloud solutions.
“The need to better secure enterprise business application platforms has become increasingly evident, as suggested by recent high-profile breaches that directly targeted vulnerabilities in ERP systems. With the expansion of the attack surface to IoT, mobile and cloud, the potential for unauthorized or malicious access to these high-value assets – and the business risks such exposures entail – will increase along with it," said Scott Crawford, Research Director, Information Security, 451 Research.
With the influx of capital, Onapsis plans to scale research and development efforts and support the rapid adoption and delivery of its platform for the Global 2000 through expansion of sales, marketing and customer success teams.
“Leading CISOs of Global 2000 organizations are realizing that traditional security products and methods are not designed to protect their SAP and Oracle enterprise applications from cyber attacks, leaving their crown jewels exposed,” said Mariano Nunez, CEO and co-founder, Onapsis. “Having been the first company to identify this emerging threat and deliver the advanced technology and research required to address it, we have always been and remain fully committed to enable SAP and Oracle customers to run their business’ securely. This new round of funding, led by firms with an unmatched cybersecurity pedigree, further validates the demand for our solutions and our undisputed leadership in the enterprise application security market.”
“Onapsis has exceeded our expectations on both execution and earnings," says Maria Cirino, Managing Director, .406 Ventures. "It has definitely joined the ranks of the Boston-based cybersecurity elite. We are extremely fortunate to have one of the strongest VC cyber security portfolios and Onapsis is exceptionally well positioned as a first, best and only provider of SAP and Oracle cyber security to enjoy continued rapid growth as it dominates its market segment.”
In 2014, Onapsis achieved over 130 percent year-over-year revenue growth, launched the Onapsis Security Platform, secured a global patent, identified and helped SAP and Oracle solve more than 50 security vulnerabilities, and expanded its presence in Europe. For the year ending 2015, Onapsis is on track to achieve a consistent rate of growth with a strong pipeline, market awareness and an industry-leading solution, as well as a notable board of advisors and directors.
Onapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis’ enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications.
Headquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis’ solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E&Y, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis’ context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms.
About Evolution Equity Partners
Evolution Equity Partners, based in New York City and Zurich, Switzerland, is an international growth stage technology investor helping exceptional entrepreneurs develop market leading companies with global reach. The firm has a focus on Information Security, Enterprise Software and Consumer/Enterprise crossover opportunities. Current and past portfolio companies include: AVG Technologies (NYSE: AVG), Cognitive Security (NASDAQ: CSCO), OpenDNS (NASDAQ: CSCO), 60K, Onapsis, NejTV, SecurityScorecard and others.