This startup hit a $1.1 billion valuation by removing email hacks

A growing wave of tech layoffs has led to remorseful laments from CEOs they hired too quickly during the pandemic. When starting Material Security, Ryan Noon says he faces no such issues; on the contrary, he says, he is being hired “probably a little slower” than necessary. “I think the last two years of Silicon Valley will be remembered as a time of waste,” says Noon, co-founder and CEO. “You don’t need a lot of people to do a lot if you have the right people.”

Material Security employs less than 40 people, but has exceeded its weight class to sign enterprise customers like Mars, Stripe and insurance giant Chubb for its security software that can protect emails even if they are pirated. “We significantly outnumber our number of customers by at least a binary order of magnitude or two,” says Noon, adding that he has yet to lose a single customer.

Now, with others relying on bloated payrolls, Noon believes the time is right to expand his staff. Investors agreed and poured $100 million in new funds announced Wednesday into the Redwood City, Calif.-based startup. The Series C fundraising, which values ​​the company at $1.1 billion, was primarily an insider round, led by existing investors Founders Fund, with participation from former backers Andreessen Horowitz and l solo investor Elad Gil.

In the pandemic era alone, Russian-backed hackers hacked Microsoft Office 365 email accounts from various US government agencies, while hackers suspected of being linked to China accessed Gmail accounts from journalists employed by News Corp. The idea of ​​Material Security is that even if these hackers are able to break into an organization’s email accounts, they can still be prevented from stealing valuables. The premise came to Noon in 2016 while he was on sabbatical in Berlin after a stint as head of engineering at Dropbox. Obsessed with the intrigues of the US presidential election that year, Noon says he became particularly drawn to leaked emails from the personal Gmail account of Clinton campaign chairman John Podesta.

To make the idea a reality, Noon returned to the United States to team up with former Dropbox colleagues Abhishek Agrawal and Chris Park. They launched their startup in 2017 (Agrawal is CTO, Park VP of Engineering) with an initial product that identifies important emails in an inbox – for example, a message containing a financial document sensitive – and obfuscates them so that if a hacker tries to download such an email, they are unable to see the sensitive information. An additional step, such as confirming a multi-factor authentication prompt on Duo or Okta, reopens email access for the authentic user.

Realizing that the same technology for personal email accounts could be applied to their corporate counterparts, the founders made the business decision to target large corporations rather than individuals. “An Office 365 account is just a very expensive Hotmail account, and a Google Workspace account is just a very expensive Gmail account,” says Noon. “We have all the time in the world to go and protect Grandma, but we decided to start with the real businesses first. (Clients include a handful of “VIP” people, such as billionaires and professional athletes, according to Noon.)

Material Security has since added more features, such as detecting hackers’ attempts to gain access to a user’s other non-email accounts by attempting to reset their passwords via email. The company’s net revenue retention is over 150%, with customers often paying more money to access more features over time. The new round of funding will go towards expanding engineering efforts to build more functionality around email security, but also beyond email. Some of the same principles used to protect email documents can be used to protect other content stores, such as files in Dropbox or Google Drive, says CTO Agrawal. “All of our patents are written in a fairly generic way,” adds Noon.

Ready now to bolster headcount – rough plan is to double in size over the next 12 months, says Agrawal – Material Security intends to build a go-to-market team to complement its mostly technical staff. The company currently has almost no marketing employees, and the bulk of sales has been driven by the founders. “Trae Stephens says founder-led sales usually end much sooner than they currently do” because the company would be better served to hire a sales manager with experience in selling to large clients. partner of the Founders Fund, which led the last round. “It was really cool to see them having that much momentum at this point.”

Founders and investors have been tight-lipped on what exactly this momentum means from a revenue perspective (Noon only offers this revenue which has more than doubled year over year). “Growth VCs will take every data point and they will extrapolate and then they will scale to certain audiences [stock comparison] curve and you’ll wish you hadn’t said a thing,” Noon says.

Still, Noon is confident enough to say he thinks hardware security can carve out an independent space for itself in the cybersecurity world. “There’s a lot of fake innovation and snake oil and all those things in our industry that are very hateful,” he says. Material Security customers, he adds, complained to him about former security software companies that promised exciting products but ultimately sold their businesses and cashed in before they got there.

“There haven’t been a lot of really big cybersecurity companies because entrepreneurs are playing it safe,” says Noon. “I have already sold a business. It’s not great; it’s a bit pointless. So I wanna keep the promise we made [to our customers]. It’s quite obvious and quite personal.