Announcing Twingate’s Series B Funding Round
Earlier this week, Twingate announced their $42 million Series B, led by BOND. It has been an absolute pleasure working with the Twingate team since day one when we co-led their seed and Series A rounds. It has been wonderful watching the team bring the zero trust vision to network security and we wanted to share some of the thinking around why we believe the opportunity and Twingate’s approach are truly special.
Zero Trust Transition
For some time now, we’ve been undergoing a paradigm shift in network security from a castle and moat approach to a zero trust world. In the castle and moat concept, companies don’t trust any traffic coming from outside, but once an actor is inside your own network, they are assumed to be on the same team, working together to repel the enemy.
The problem, of course, is that once bad actors are inside your network, they can move around freely, with few barriers to information access. As a result, a common theme in data breaches is that gaining access to one part of a network enables the attacker to extract critical data from another part of the network — this is known as lateral movement.
In terms of moderating access, there has never been more complexity to manage. The cloud, for all its positives, also means multiple environments to keep track of. There are more devices, and applications, than ever, as the difference between a computer and smartphone rapidly approaches a matter of size. Remote work means people are working from anywhere with connectivity, and you can no longer assure a colleague is on the same network by default or using company hardware. There is also significantly more underlying complexity across applications and infrastructure management, including Microsegmentation, Multi-Factor Authentication, Identity and Access Management (IAM), and so on.
The notion of Zero Trust was first introduced by Google’s BeyondCorp paper back in 2014 in the aftermath of the Snowden case. This new paradigm relies on three principles:
- All resources are accessed in a secure manner, regardless of location.
- Adopt a least-privileged strategy, and strictly enforce access control.
- Inspect and log all traffic — from any source to any destination.
In short, you can’t trust your employees any further than you can throw — or rather, observe — them. It’s not enough to guard against outright attacks; all activity represent potential threats.
Reality Behind Zero Trust
If truly achieving zero trust sounds difficult, well, it is. The main issue is that there are now more stakeholders than ever deciding which security products to implement. And while these stakeholders do overlap in some of their requirements, they fundamentally want different things. The three main categories of stakeholders are IT, security, and engineering. Traditionally there has been little overlap between their preferred security providers, and they each have notable limitations:
- Legacy providers primarily target IT and security. Because they were built before most modern infrastructure, they tend to be difficult to deploy, force sub-optimal traffic flow, and don’t allow you to put access controls on device. Think old-school VPNs sitting in between traffic. It’s straightforward, but also introduces a single point of failure.
- Newer providers are primarily built for engineering teams but don’t satisfy IT requirements. Everything is built in dev UI, and to specify access controls you’d have to use something like JSON rules definition. The breadth of resources that needs to be covered is beyond infrastructure, and understandably, IT doesn’t want to deploy that level of complexity for web access.
Fortunately, there is another way: Twingate. Twingate is, in a sense, the anti-VPN, designed for today’s distributed, increasingly remote-first workforce. Twingate’s infrastructure allows enterprises to route all traffic directly and securely to the desired resources (SaaS apps, infra, cloud environments etc.), rather than going through a single point of contact, as a legacy VPN would require. It’s as easy as 1–2–3:
- Map resources on your network.
- Assign resources to users.
- Connect securely from anywhere.
Twingate is the first product that meets the combined needs of all three groups of stakeholders — without forcing any group to make painful tradeoffs between lower friction and higher security.
- It is the easiest product in the market to deploy — Twingate can be up and running in as little as 30 minutes.
- Deep granularity of access — ensure users only touch resources they’re meant to from the right set of devices.
- Broad coverage of resources across SaaS apps, cloud/on-prem environments, and network.
- API-first approach means that Twingate can be programmatically deployed and managed, which integrates seamlessly with modern engineering practices like Infrastructure-as-Code.
As a result, Twingate’s customers enjoy:
- Improved security through a truly zero trust approach.
- Better network performance: high throughput, no additional latency…and best of all, no more getting kicked off Zoom calls because your VPN failed.
- Programmatic definition of access rules, which new resources can plug into directly as soon as they’re spun up.
In short, it’s zero trust security with a maximum trust user experience. Applying consumer user experience principles to the enterprise, Twingate makes accessing resources feel like a prime dinner reservation, effortlessly arranged by a master concierge, not a grilling from the security desk.
The Right Team to Make the Vision Happen
We were as sold on the founding team as much as the product, beginning with CEO Tony Huie. Tony built and led various operational teams for Dropbox during their hypergrowth years, and saw firsthand the inherent problems around remote access and network security for remote work in the future. Chief Product Officer Alex Marshall was previously the product leader for Dropbox’s push into the enterprise market, and has a unique passion for bringing the power of simplicity through thoughtful design into enterprise capabilities at Twingate. CTO Lior Rozner is a veteran engineering leader, including his time as CTO at Wondermall, which was acquired and subsequently led the innovation group of Rakuten.
As early backers of Twingate, we’ve been thoroughly impressed by the clarity of vision, the pace of their growth, and the quality of execution — each of which belies the incredible technical difficulty of what they’ve built. Arthur C. Clarke famously wrote that “Any sufficiently advanced technology is indistinguishable from magic,” and Twingate embodies this concept by making something that has traditionally been both hard and painful to achieve simply happen. Their Series B is yet another major vote of confidence for a company that has made a habit of earning them.