Skip to content
Aziz · Saif   Investor Research
Report 19 · Cybersecurity · Enterprise

Identity Threat Detection & Response (ITDR) Platform
82% of breaches involve identity — the gap legacy EDR can't close

Region: North America · EMEA enterprise · APAC SI partnerships Stage: Series B Ask: $35M (Series B led by enterprise CVC)

Investor Dashboard

Key financial KPIs at a glance — % against revenues in QuickBooks-statement style.

Y1 Revenue
$15M
Initial scale
Y3 Revenue
$72M
↑ Year-3 target
Y5 Revenue
$220M
↑ Year-5 target
Gross Margin
88%
% vs Revenue
EBITDA Margin
-15%
% vs Revenue
CAC Payback
18 mo
Time to recoup
LTV / CAC
7.2x
Unit economics
Capital Ask
$35M
Series B

Revenue Mix · % of Top Line

Cost Structure · % of Operating Cost

Use of Funds · % of $35M Raise

Problem & Solution

82% of breaches involve identity — the gap legacy EDR can't close

The Problem

82% of breaches involve compromised identities — Okta tokens, AD service accounts, OAuth tokens — but existing EDR and SIEM tools weren't built to detect identity-layer threats. Average dwell time for identity compromise: 197 days. Detection gap creates the single largest enterprise security exposure of 2025–2030.

Our Solution

A purpose-built ITDR platform that ingests identity signals from 40+ identity providers (Okta, Azure AD, Workday, GitHub), correlates with endpoint and SaaS activity, and runs ML detection for anomalous identity behavior. Median detection: 4 hours vs 197 days industry baseline.

Market Opportunity

$28B ITDR + IAM Security addressable today

ITDR sub-segment growing 41% CAGR through 2028 — fastest in cyber

Annual per-identity subscription ($24–$60/identity/yr) + premium incident response retainer ($50K–$500K). Tiered packaging by detection depth. ~88% gross margin; 142% net dollar retention.

Financial Statements · % vs Revenue

QuickBooks-style readout — every line shown as percentage of its parent total.

Revenue Mix

Revenue Stream% of RevenueShare
Platform Subscriptions75.0%75%
Premium IR Retainers15.0%15%
Professional Services6.0%6%
Marketplace Integrations4.0%4%
Total Revenue100.0%100%

Cost Structure

Cost Line% of CostShare
Engineering & Threat Research42.0%42%
Enterprise Sales28.0%28%
Customer Success & SE12.0%12%
Cloud Infrastructure8.0%8%
Compliance / SOC 2 / FedRAMP5.0%5%
G&A5.0%5%
Total Operating Cost100.0%100%

Use of Funds — $35M Raise

Allocation% of RaiseShare
Enterprise Sales Expansion40.0%40%
Engineering & Research30.0%30%
EMEA & APAC GTM18.0%18%
FedRAMP Compliance8.0%8%
Working Capital4.0%4%
Total Use of Funds100.0%100%

Valuation, Capital Structure & Forward View

An investment is a bet on the forward plan, so a trailing snapshot isn't enough. These are derived from this report's own ask and projections — not external estimates.

Rev CAGR (Y1→Y5)
~96%
Forward growth
Capital Efficiency
6.3×
Y5 rev per $ raised
Rule of 40
~81 ✓
Growth + EBITDA margin
Implied Valuation
n/d
not disclosed
Entry Multiple
Valuation ÷ Y3 revenue

Capital Structure & Funding

An equity round with no structural debt disclosed — capital-structure risk is dilution and runway rather than credit or covenants. Any future expansion or working-capital debt would change this profile and should be tracked.

How to read these

Rule of 40 sums forward revenue growth and EBITDA margin — ≥40 is healthy; below it flags growth bought at the cost of profit. Capital efficiency is Year-5 revenue per dollar raised. Entry multiple divides the disclosed cap / pre-money / asking price by Year-3 revenue, shown only where disclosed (n/d = not derivable). Verify against primary diligence.

Traction & Proof Points

Moat & Exit Strategy

Defensible Moat

Proprietary identity-threat detection models trained on 4B+ identity events/day from 38 Fortune-1000 customers — competitors with smaller deployments can't reach equivalent precision. Deep integrations with 40+ identity systems create switching costs. FedRAMP / SOC 2 Type II compliance is a 12–18 month barrier for new entrants.

Exit Path

Strategic acquisition by Palo Alto Networks, CrowdStrike, Microsoft, or a cyber consolidator at 12–18x ARR — typical late-stage cyber exit. IPO path open at $200M+ ARR with sustained 60%+ growth.

Key Risks

When the Thesis Breaks

Read this before trusting the forward numbers. This company is still pre-profit (EBITDA margin -15%). The plan assumes growth funds a path to breakeven — it breaks if growth stalls before unit economics turn: burn keeps climbing while net retention and CAC payback don't improve.

If any of the Key Risks above materialise, the forward projections in this report should be treated as suspended until the model is re-underwritten. The single most material trigger to watch: Identity-provider (Okta, Microsoft) bundling native ITDR — partner-vs-competitor risk.