Boston Security Firms CyberArk, Veracode Make Deals as Threats Mount

Been hacked lately? Sure you have. But a couple of longstanding local tech companies have been combating cyber threats for years, and now they’re making noise on the financial front.

One of them, CyberArk Software, has been preparing to go public since about 2011 and has just set its IPO terms. The Israel-founded company, whose U.S. headquarters are in Newton, MA, is planning to raise $75 million by offering 5.4 million shares at a price range of $13 to $15. The firm plans to trade on the Nasdaq under the symbol “CYBR.” (It’s apparently the first tech company to set its terms after Alibaba, the Chinese e-commerce giant, effectively cleared the U.S. IPO queue in May.)

CyberArk got started in 1999 and makes software to help banks and other businesses manage user privileges, sensitive data, and applications security, with a focus on protecting against insider threats. The company most recently raised a $40 million equity round in 2011. Its top shareholders are Jerusalem Venture Partners (48 percent pre-IPO stake), Goldman Sachs (19 percent), Vertex Venture Capital (9 percent), Cabaret Securities (6 percent), and founder and CEO Udi Mokady (4 percent).

The other security company making noise around town is Veracode. The Burlington, MA-based application security firm has just raised $40 million in a round led by Wellington Management, pushing its total funding north of $100 million. Its other investors include Atlas Venture, .406 Ventures, and Polaris Partners. Veracode has been talked about as an IPO candidate, but the company has been understated about any plans to go public.

Veracode has evolved a lot since its founding in 2006. It now has a strong focus on security for mobile and Web software—basically, building security into apps during the development and testing process. It’s a huge market with the world’s biggest companies as potential customers, but it’s hard to do well.

The exit strategy for most security startups is to get acquired by an IBM (see Q1 Labs, Trusteer) or Intel (see NitroSecurity). But CyberArk and Veracode have stood the test of time, and may be just entering their prime.

Author: Gregory T. Huang

Greg is a veteran journalist who has covered a wide range of science, technology, and business. As former editor in chief, he overaw daily news, features, and events across Xconomy's national network. Before joining Xconomy, he was a features editor at New Scientist magazine, where he edited and wrote articles on physics, technology, and neuroscience. Previously he was senior writer at Technology Review, where he reported on emerging technologies, R&D, and advances in computing, robotics, and applied physics. His writing has also appeared in Wired, Nature, and The Atlantic Monthly’s website. He was named a New York Times professional fellow in 2003. Greg is the co-author of Guanxi (Simon & Schuster, 2006), about Microsoft in China and the global competition for talent and technology. Before becoming a journalist, he did research at MIT’s Artificial Intelligence Lab. He has published 20 papers in scientific journals and conferences and spoken on innovation at Adobe, Amazon, eBay, Google, HP, Microsoft, Yahoo, and other organizations. He has a Master’s and Ph.D. in electrical engineering and computer science from MIT, and a B.S. in electrical engineering from the University of Illinois, Urbana-Champaign.