New investment led by Menlo Ventures will fund global expansion of Obsidian’s R&D and Go-to-Market teams to meet surging demand as the adoption of SaaS in large enterprises accelerates

NEWPORT BEACH, Calif.--(BUSINESS WIRE )--Obsidian Security, the leader in SaaS Security and Posture Management (SSPM), today announced $90 million in Series C financing led by Menlo Ventures, Norwest Venture Partners and IVP, with participation from existing investors Greylock, Wing and GV. Obsidian, which has now raised $119.5 million in total financing, will add Menlo Ventures Partner Venky Ganesan to its board of directors.

A leader in the SaaS Security Posture Management (SSPM) category coined by Gartner, Obsidian was founded in 2017 to help security and IT operations teams bridge the security and compliance gaps created when lines of business adopt SaaS applications to run business-critical functions like finance, payroll, HR, sales and operations. The adoption of tools like Salesforce, Workday, Github, Google Workspace, Microsoft 365, ServiceNow and Zoom only accelerated during the COVID-19 pandemic with organizations of more than 1,000 employees using more than 150 SaaS applications on average. This need to secure the most critical applications from external attacks, insider threats and misconfiguration, drove explosive revenue growth in 2021 for Obsidian. With 5x growth in deals of $100,000 or more last year, Obsidian has only just begun addressing the SaaS security gap.

“There’s a myopic focus on securing cloud infrastructure and company endpoints leaving a significant gap in the middle where users, data and business assets live — SaaS applications,” said Menlo Ventures Partner, Venky Ganesan. “In our conversations with CISOs and CIOs we have seen a profound shift that legacy security and configuration tools are not enough to protect an organization’s most critical assets. We believe that Obsidian’s holistic approach to SaaS security will help define this category.”

Obsidian fills the gap left by traditional security solutions by analyzing state and activity data within and across applications to help reduce over-privilege, optimize configurations, prevent sensitive data from being exposed, and detect compromised accounts and insider threats. This protection is critical as according to Microsoft, 80 percent of employees use applications that may not be compliant with an organization’s security and compliance policies. The security challenge is further complicated by the thousands of integrations and plugins available for some of the world’s most popular applications.

“There hasn’t been a comprehensive and contextual platform for securing third-party SaaS applications until Obsidian,” said Hasan Iman, CEO of Obsidian Security. “We’re not only enabling security teams to detect more threats and proactively improve their security posture, we’re bringing together all the stakeholders in SaaS adoption — application vendors, lines of business, security and IT operations — to create a shared-responsibility model for SaaS security. The need for this is exemplified by the recent breach at Okta. We’re honored to have investment partners like Menlo, Norwest and IVP join us in our mission.”

Obsidian Security is the first truly comprehensive threat and posture management solution built for SaaS. Our platform consolidates data across core applications to help your team optimize configurations, reduce over-privilege, and mitigate account compromise and insider threats. The company was founded in 2017 by industry experts from Carbon Black and Cylance including Ben Johnson, Glenn Chisholm and Matt Wolff. Notable Fortune 500 companies trust Obsidian Security to secure SaaS applications, like Salesforce, Workday, Microsoft 365, ServiceNow, Google Workspace and Github. Headquartered in Southern California, Obsidian Security is privately-held and backed by Menlo Ventures, IVP, Greylock, GV, Norwest Venture Partners, and Wing. For more information, visit www.obsidiansecurity.com.

Jill Creelman Obsidian@inkhouse.com

Jill Creelman Obsidian@inkhouse.com