Inner Loop Capital shares updates from its portfolio including PerfectScale's new investment, xtype's additional funding, DNSFilter's Series A Extension, and Digma's product launch. The firm also discusses its Israeli-connected portfolio amidst the ongoing war.
Firm and Portfolio Updates August 2023
Inner Loop Capital is a pre-seed and seed venture capital fund investing in Digital Infrastructure, including Cybersecurity, Cloud Technologies, and Data Science. Inner Loop is based in Baltimore, and the current portfolio spans from San Francisco to Israel. Inner Loop is currently investing out of a $30m-target Fund II. Inner Loop Capital is a solo-GP firm managed by Justin Label.
Investment Pace and Perspective on the Investing Environment
Inner Loop Capital continues its mission of driving returns for investors through investments in early-stage Digital Infrastructure and other software businesses. There are currently 29 (going on 31) active portfolio companies at Inner Loop Capital, across three funds (2019-vintage Pilot Fund, 2020-vintage Fund I, and 2022-vintage Fund II).
Inner Loop continues to manage this portfolio as a solo-GP fund, while relying on operational support from an extended team that includes Fund Administration, contracted VC Operations (portfolio data tracking, investor relations, outbound communications, tech stack, and CFO services), and a remote executive admin.
Investment Pace
The chart below tells several stories about the evolution of Inner Loop Capital in just one picture.
Inner Loop began making investments on behalf of LPs in Q1 of 2019, after I had spent four years full-time angel investing in Cybersecurity and/or in the Baltimore/D.C. region. Inner Loop has invested in 1.8 “net new” companies per quarter since then, with reasonable consistency. Initial check sizes have increased somewhat with each fund cycle, and now sits at about double the amount I was investing from the Pilot Fund in 2019.
Net new investments exclude cross-over investments, which are not new portfolio logos, even if they are new investments from the perspective of a single fund. We have executed four of these cross-over investments to date.
There is a notable gap in net new investments from Q2 to Q4 of 2022. This caution was reflected in my GP letter from May 2022 (reproduced and updated for the broader community in October 2022), where I noted the significant pullback in the Nasdaq since November 2021, and shared my perspective that the venture finance market was in the midst of a readjustment roughly on par with those I had experienced in 2000 and 2009.
I generally believe that any investor is far more confident than they are competent in timing markets. Nevertheless, some fairly inviolable rules apply to venture finance. First, markets are sticky and slow to adjust, especially on the downside. Second, pre-seed and seed financings almost always provide for 18- to 24-months’ runway, after which time start-ups will need to face the financing markets again on the basis of their accomplishments and momentum. My view in 2022 was that the necessary synthesis of these two axioms was that unless the public market tech multiples returned to mid-2021 levels more or less immediately (they haven’t), the bar would be very high for existing companies to raise new capital for the foreseeable future.
It seemed prudent therefore to take a foot off the gas and not build a large portfolio that would be coming to the financing markets in 2023/24. The result was adding no new logos to the Inner Loop portfolio for three quarters, until Phin Security in January 2023, ProtectOnce in February, and Tamnoon in June. Moreover, I believe that each of these companies will be more financeable than the typical start-up, in any environment. This is due variously to their low burn, creative business models and GTM strategies, and low-friction sales processes enabling continuous growth.
While I now believe it is possible to envision a more robust financing environment by the end of 2024 (when today’s new investments will invariably need to tap the venture markets again), I also think this is not guaranteed. It is no coincidence, then, that new logos I have added to the portfolio in 2023 are intended to carry a lower inherent financing risk than standard early-stage technology companies. Over the next 12-18 months, we should be able to test the fidelity of my assessments.
Current State of Public and Private Tech Markets
(data as of August 18, 2023)
To summarize emerging tech markets in the past 7 quarters, suffice to say that public markets have returned close to the historical norm for valuations, and private markets are still struggling to make that adjustment.
As interest rates near a possible plateau, and while the investing world’s imagination has been consumed by Generative AI, the mega-cap-heavy Nasdaq (red line below) has staged a strong recovery. However, many “higher beta” names have decoupled from the Nasdaq and struggle to keep up as the markets reassess the relative value of growth (their strong suit) and profits (not their strong suit!). This ongoing malaise for emerging growth is seen in the BVP-Nasdaq Emerging Cloud Index below (blue line). This index is one of the best available public-market indices for Inner Loop’s private company investing universe. (Top-20 components of this index include ServiceNow, Snowflake, Atlassian, Crowdstrike, Datadog, MongoDB, Zscaler, Cloudflare, Okta, and Twilio, all of which I view as public market comps, partners, and potential acquirers for Inner Loop portfolio companies.)
The BVP-Nasdaq Emerging Cloud Index peaked on November 9, 2021 and the Nasdaq peaked eight trading days later. While the Nasdaq recently reached within 10% of that prior high (now 16.2% below it), the ECI is still more than 53% below its peak. The vaunted tech recovery of 2023 has been driven by mega-cap names such as Apple, Alphabet, Meta, Microsoft, and now Nvidia. 2021 valuations have not returned to emerging public companies for the most part.
This negative decoupling for emerging growth has become evident this year. The Nasdaq bottomed on December 29, 2022. In the 13+ months on the way down, the ECI fell 1.8x faster than the Nasdaq. But since the 12/29/22 turnaround, the ECI is rising at only 0.9x of the Nasdaq. That is a harsh headwind for emerging growth companies today. Some day, I expect this will equilibrate. When the market is prepared to reward growth again, the growthiest companies should return to a >1 beta correlation with the Nasdaq. But I am not taking a position on when this re-rating of growth will return.
The ECI now trades at a median forward revenue multiple of 5.6x, roughly its 2013-17 average. Meanwhile, many mid- and late-stage private companies are trying to grow into their 25x (or even higher) revenue multiples they were granted in 2020-21. This process is still playing out slowly.
Nevertheless, since my May 2022 letter on market conditions, I have abided by its key conclusions and continue to do so:
- Stay focused on the things I can control:
- Build relationships with outstanding founders
- Find great companies operating in the markets I understand
- Work with supportive and long-term co-investors
- Advise our founders and companies the best way I know how, with a view to the long-term
- Help founders understand the realities of the current financing markets they now face
- Do those things across a long series of vintages and market cycles
Therefore, Inner Loop continues to add new logos to Fund II, while also managing and nurturing our existing portfolio. I am now pleased to highlight our most recent portfolio addition.
New Investment: Tamnoon
In June, Inner Loop Capital Fund II made a new investment into Tamnoon, an Assisted Cloud Remediation Service. The thesis for our Tamnoon investment is that with the explosion of cloud workloads, multi-cloud environments, hybrid on-prem/cloud deployments, cloud configuration options, and cloud security threats, enterprises are not keeping pace in managing their cloud resources.
This is not a controversial statement, and a plethora of tools have been launched in recent years to address this problem and opportunity. The insight from Tamnoon (from the Hebrew word for Octopus) is that even cloud managers with access to the most modern toolsets are overwhelmed. There is little-to-no automation to close the gaps identified by cloud security management tools, and arguably there cannot and should not be – the configuration steps are too sensitive and important.
Tamnoon introduces Assisted Cloud Remediation – an AI-augmented managed service that combines human expertise with technology to help teams quickly and safely remediate their cloud risks. Tamnoon’s service helps teams fix more risks in less time while avoiding negative consequences for their environments.
Tamnoon is not a late entrant into cloud security tools (although they do have their own proprietary tools for internal use), but rather a managed service that helps customers realize the full value of investments in cloud and cloud management technologies.
I was primed to like this opportunity from over 20 years of participating in similar businesses and security delivery models. Beginning in 2001, I was a board observer at Counterpane, the first independent Managed Security Services Provider (MSSP). Founded by cybersecurity legend Bruce Schneier and with a Series A investment from Bessemer Venture Partners in 1999 (I joined Bessemer in 2001), Counterpane endeavored to create a new industry.
Counterpane faced headwinds including customer skepticism around internet-delivered services (the internet was so new!) and a rising cost of capital after the bursting of the first internet bubble. Counterpane built a solid business, but perhaps never truly found Product-Market-Fit as we would define it today – that feeling of running downhill with sales so fast, you can’t even keep up with the orders. Counterpane sold for a healthy sum to British Telecom in 2006.
While Counterpane did not return the fund for Bessemer, it did manage to launch a new industry. Today the MSSP market is estimated to generate over $14 billion in revenues, growing at 14%. Among other lessons, looking back 24 years since its Series A, the Counterpane story reminds us how very long it can take to innovate and disrupt in large markets.
Ten years after Counterpane was acquired, the growing MSSP market itself was in need of disruption. When I was angel investing from Baltimore, I got to hear Dave Merkel (former CTO of Mandiant and FireEye) describe his plans to build a de novo MSSP with modern tools that could scale scarce expert security talent and provide significantly better margins than first-generation MSSPs. My small angel checks did not have a role to play in Dave’s $7.5m first round, but I was pleased to be a sounding board for him in early days. The space Dave helped create is now called (in-part) Managed Detection and Response (MDR), and Expel is a clear leader in the industry, having raised $288m to address this massive opportunity. While I am not a personal investor in Expel, a few years later I was able to convert Dave into a Strategic Limited Partner of Inner Loop Capital, and I am deeply appreciative of his friendship and support.
What I saw at Tamnoon immediately reminded me of the opportunities that Counterpane and Expel created and capitalized upon in their own times of transition in the security industry in 1998 and 2016, respectively. There are massive platform shifts under way for enterprise IT. There are great tools to manage operations, but due to complexity, constantly changing needs, and a talent shortage, no cloud security manager is comfortable with their ability to meet their responsibilities today.
The Cloud Native Application Protection Platform (CNAPP) sector has been one of the hottest product spaces in recent years. Wiz ($921m raised), Orca Security ($640m raised), Lacework ($1.8 billion raised), and others are product companies competing to create and lead a new industry sector as large as network security (Palo Alto Networks, $74 billion market cap), and endpoint security (Crowdstrike, $36 billion market cap). Because these companies raised their early rounds before Inner Loop Capital was in market, we have not had exposure to the CNAPP market. However, with Tamnoon, I have become convinced that there is an opportunity to rapidly scale a new business on the managed services side of this market. Indeed, Tamnoon has announced an active partnership with Wiz to generate and serve joint customers.
Tamnoon is founded by Marina Segal (CEO) and Idan Perez (CTO), who worked together at container security pioneer Dome9, which was acquired by Check Point in 2018. Cloud Security trailblazer and Dome9 founder, Zohar Alon, is also the Founding Chairman of Tamnoon. At Check Point, Marina, Idan, and Zohar all worked with an exited Inner Loop founder (from my angel investing days) TJ Gonen of Protego, which Check Point also acquired. I am deeply appreciative to TJ for introducing me to Marina with his strong recommendation, and thereby generating the opportunity for Inner Loop to invest in and work with Tamnoon!
In addition to introducing you to Tamnoon, I hope that this overview also provides some insight into how Inner Loop does its work and finds, evaluates, and closes new investments. Frankly, it is a subtle alchemy of personal experiences, pre-existing perspectives (the “Prepared Mind”), an extensive trusted personal network, and a whole lot of kissing frogs. (I haven’t shown much of that in this story, but believe that I have been seeking a rational way to get exposure to CNAPP since at least 2017!)
I am beyond excited to work with Marina, Idan, and Zohar; to be co-invested with TJ; and to have learned from Dave and countless other trusted friends in the security field which let us get to this place. Congratulations to the Tamnoon team on publicly launching their managed service during the RSA Conference in April. We look forward to great things!
Other Firm and Portfolio News
Welcome to our newest Strategic Limited Partner! I am very pleased to announce that my friend Bill Karpovich is the latest addition to the Inner Loop Capital Strategic Limited Partner community. Inner Loop SLPs are accomplished founders, executives, and investors who are invested in Inner Loop funds.
Strategic LPs have an interest in getting more involved in our investments, and are available to me and our portfolio companies on an opt-in basis to help with identifying, assessing, and diligencing opportunities, winning allocations, managing investments, and advising founders and companies. Among our SLPs are the former CISOs of Google, Salesforce, and Cisco. The group (full list here) has been a formidable asset as Inner Loop has grown our portfolio and our reach.
Bill Karpovich is a tremendous addition to our SLP community. For 25 years Bill has been building cloud companies from start-up through IPO. Bill has been working in cloud businesses since the industry’s earliest days, as an executive with the initial cloud service providers Digex and USi. Bill has been the co-founder/CEO of Zenoss, a pioneer in AIOps; the GM of IBM Cloud and Watson; an EVP at Sonatype; and the lead investor and CEO of sister Maryland tech companies Synaptic Advisors and Youreka. Today Bill focuses on investing and strategic advising for a select group of cloud companies as CoFactor Ventures. Bill and I have been collaborating in cloud innovations and Maryland tech companies since 2019, and I am honored that he has agreed to join the Strategic LP program at Inner Loop. Welcome, Bill!
TrustLab (internet trust and safety as a service) has closed a $15m Series A led by US Venture Partners and Foundation Capital. Inner Loop Capital Fund I has been invested in TrustLab since 2020 and has made three separate investments into the company. Congratulations to Tom, Benji, and Shankar on all of their accomplishments leading up to this milestone.
DNSFilter recruited Duo co-founder Jon Oberheide to its Board of Directors. Jon is a successful founder (Duo was acquired by Cisco for $2.35 billion) and deeply respected cybersecurity professional. Watch Jon’s onboarding interview here! Additionally, DNSFilter released their second annual DNS Security report, which is increasingly a staple of the threat intelligence firmament.
Sublime Security co-founder Josh Kamdjou ran an “email detection engineering and threat hunting” workshop at DEF CON and BSidesLV in early August. I am told attendees were plentiful and highly engaged. Don’t worry, as you can see, the abstract says, “Skill Level: Beginner”.
AppOmni released a free SaaS Data Leakage Detection Scanner to grow the number of companies that can access its market-leading SaaS Security Posture Management technology. Inner Loop believes that “freemium” and other low-friction go-to-market models are required for success in today’s software markets, and we have been saying so publicly since our own launch.
xtype, not to be outdone, has also released its freemium product, the world’s first ServiceNow Store application to provide multi-instance visibility. CMO Ralf Paschen succinctly explains the vision. While I cannot share details here, I can confirm that the freemium approach, launched in May has already yielded at least two newly-closed enterprise customers in record-short sales cycles.
GreyNoise Intelligence, which has long let its product lead its sales motion, was named to the PLG Rising 40 List by OpenView and PeerSignal, as one of just five companies in the Cybersecurity division. Additionally, GreyNoise’s Donna Becerra, Director of User Experience, was featured in this profile piece.
Digma (observability data for developers) has been shipping! In May they shipped their IDE plugin to private beta, and in August they released their Docker extension in conjunction with Docker itself!
Status Hero has likewise released a raft of new features, and also newly crystallized their mission with a stirring manifesto on Modern Work.
Clear Skye (Identity Governance built on ServiceNow) was honored to have major customer ABB present a keynote on their successful collaboration at the Enterprise Identity Conference in Berlin. We love seeing testimonials for our portfolio companies, especially delivered in person by the customer!
Base Operations has launched a new website with a compelling message for enterprise physical security teams: “Increase your knowledge of every corner of the world”, and was named one of D.C.’s “Red Hot Companies”. Near to my heart, they also launched a new webinar on “Cutting Through the Noise in AI”. Even better (but with details redacted), Base Operations has shown stellar year-over-year ARR growth and recently landed a Fortune 5 company as a new customer!
GigaSheet and SecurityTrails: Could anything be better than having two Inner Loop portfolio companies partner up to compound their powers? Even though we had to say goodbye to SecurityTrails when they were acquired by Recorded Future, it warms our hearts to see GigaSheet and SecurityTrails launch a new collaboration.
And that is all just a sampling of the activity in the Inner Loop Capital family of portfolio companies!
Please Be in Touch
Thank you for reading this far! Now that you are all caught up on Inner Loop activities, please reach out any time. I welcome:
- Discussions about any of the companies, technology sectors, or investment themes above.
- Introductions to founders or future founders in Digital Infrastructure, including Cybersecurity, Cloud Tech, DevOps, DevTools, Data Science, and AI.
- Connections to potential co-investors or collaborators in these sectors.
- And drop-ins to Baltimore (or the greater Washington D.C., area) any time.
Do not hesitate to reach out if you see something or have some ideas on ways we can collaborate more closely. I appreciate your interest in and support of Inner Loop Capital, and I wish you and your families a fulfilling end to the summer season.
Justin Label
Managing Director
Inner Loop Capital
Related Posts
