top of page

Zombiecorns and Scattered Spiders, OH MY!


May 2024

Now that we’ve recovered from RSA it’s time to discuss Zombiecorns.

Lacework had a valuation of $8.3B on their last fundraise, and according to reporting, they still have $800M in the bank. So why on earth would their board be interested in an acquisition by Wiz for $200M?!?

The quick answer is, the investors would get their $800M back, plus some of the $200, maybe. So, if PitchBook is correct and the last round was $1.3B then they’d be getting more than 75% of their capital back.

Now that Wiz has backed out of that deal, the company could continue to soldier on, spending that $800M to grow into their valuation. The issue is that they haven’t been very efficient in the past, and the likelihood of them being able to fix that is low. Enter the Zombiecorn.

A Zombiecorn is a unicorn that has enough money to continue operating but no realistic path to growing into its last valuation.

According to, there are 61 Cybersecurity Unicorns, and #2 was Lacework.

Some of these companies are clearly fine and have revenues that will support their lofty valuations, but others are walking dead and we won’t know who until their boards cry uncle.

Now that the tide is going out, it will be interesting to see who has been swimming naked.

Have you ever wondered where all those great names for hacking groups come from? Names like: Fancy Bear, Deep Panda, Scattered Spiders, A Fish Called Wanda...

Ok, that last one isn’t real; it’s just a great movie. Totally worth rewatching.

Did you know that different organizations have their own naming schemes for when they discover a new threat actor?

  • Microsoft keeps professional with names from the periodic table.

  • Symantec likes it creepy, using insect names.

  • Crowdstrike is releasing a line of plushies: Russians get “Bear,” Chinese get “Panda,” and just to throw a wrench in the teddy bear theme, Iranians get “Kitten.”

  • Palo Alto uses constellation names. Nothing funny to say about that.

We’ve put a lot of thought into this—well, not really a lot, but a bit—and we’d use 80s references.

  • We have seen a lot of activity from St. Elmo’s Fire recently.

  • The Wonder Years have been really active as of late.

  • The leader of Fraggle Rock was just arrested in a sting operation.

It would be most excellent!

Below are a few of the articles that caught our attention this month. Moreover, we’ve inserted one or two sentences in italics, summarizing each article’s importance. We hope you enjoy and appreciate the material.


Here's a curated list of things we found interesting.

OpenAI Releases GPT-4o, a Faster Model That’s Free for All ChatGPT Users

For those that don’t follow OpenAI closely, this is pretty big news. The new model is much improved and freely available. The ability to work multi-modal is also impressive, just remember, it still hallucinates from time to time.

OpenAI is launching GPT-4o, an iteration of the GPT-4 model that powers its hallmark product, ChatGPT. The updated model “is much faster” and improves “capabilities across text, vision, and audio,”

Financial Statement Analysis with Large Language Models

AI is coming for finance bros. But surely VCs are safe. No?

Even without any narrative or industry-specific information, the LLM outperforms financial analysts in its ability to predict earnings changes. The LLM exhibits a relative advantage over human analysts in situations when the analysts tend to struggle.

AI Threats, Cybersecurity Uses Outlined by Gartner Analyst

Gartner held their Security & Risk Management Summit in National Harbor this week. The focus was on the obvious, AI and how it will affect the industry. It’s nice to see patch management getting a bit of love.

Deepfakes and patch management are two AI security uses that could hurt – or help – cyber defenders.


Deals that caught our eye.

Palo Alto Networks agrees to buy QRadar assets from IBM

Palo Alto Networks has made a deal with IBM to buy QRadar. Wait, what? Why would they buy that dying platform?!? It appears that Palo Alto and IBM are teaming up to migrate QRadar users to Palo’s Cortex XSIAM. This appears to be more of a way for PANW to buy some customers and for IBM to put QRader to a dignified end.

Palo Alto Networks announced its plan to acquire IBM’s QRadar software-as-a-service assets to bolster its Cortex XSIAM platform, CRN reports.


What we're listening to.

Cyber Thoughts Podcast: Episode 6 with Justine Bone

In this episode of the Cyber Thoughts Podcast, Lucas interviews Justine Bone, a ballet dancer turned spy who became the first CISO of Bloomberg. Justine's experience as a founder of multiple cybersecurity companies also comes to the forefront, offering a rare insight into the industry's dynamic landscape.


Lytical Ventures is a New York City-based venture firm investing in Enterprise Intelligence, comprising cybersecurity, data analytics, and artificial intelligence. Lytical’s professionals have decades of experience in direct investing generally and in Corporate Intelligence specifically.


Commenting has been turned off.
bottom of page