CloudPassage lands $25.5M to ‘keep the bad guys out of clouds’

A few years back, Carson Sweet decided the cloud was the new wild west — so he cofounded a company focused on “keeping the bad guys out of clouds.”

Cloud security has proven a lucrative business for the San Francisco-based CloudPassage, which today announced $25.5 million in new financing. The company saw triple-digit revenue growth last year and added around 50 new customers, said Sweet, CloudPassage’s CEO.

“The goal last year was to really lock down the product for enterprise customers, and we’ve been able to do that,” he told VentureBeat.

CloudPassage’s “Halo” security automation platform helps companies keep their data safe and compliant in cloud environments, whether they’re public or private. It offers features like server security configuration, host-based firewalls, intrusion detection, server account auditing, and event reporting and alerting.

Above: CloudPassage CEO Carson Sweet

The company has invested about $20 million in its technology over the last three years. Halo works across a variety of vendors’ technologies, including Amazon Web Services, Windows Azure, Rackspace, VMware, and a host of others.

That broad vendor support, alongside relatively quick deployments, has proven “very important” for CloudPassage, said Sweet. Customers might start with Amazon EC2, but as they grow, many have to deal with multiple public clouds — and CloudPassage can follow them across services.

Replicating a model common among cloud infrastructure vendors, CloudPassage sells its service based on usage over time. It’s been tough for competitors to follow suit, especially if they weren’t built from the ground up for the cloud, said Sweet.

“Security companies like McAfee and Trend Micro have sold licenses for servers for years,” he said. “Suddenly, they have to take these existing products and mash them into these cloud environments.”

CloudPassage protects roughly 400 cloud application deployments for around 100 customers. Some of those end up paying a few thousand dollars per year, while larger customer pay as much as a half million dollars, according to Sweet.

CloudPassage is also compliant with PCI and HIPAA standards. Sweet highlighted CloudPassage customer Citrix, which was able to get HIPAA compliance for its ShareFile app in 10 days using Halo.

“Security has become a revenue problem, which is game changing, and we really like that,” he said, laughing.

Shasta Ventures led CloudPassage’s $25.5 million funding round, which also included participation from Meritech Capital Partners and Stephen Luczo, the CEO of Seagate. Existing investors Tenaya Capital, Benchmark Capital, and Musea Ventures also contributed to the new financing, bringing CloudPassage’s total capital raised to $53 million.