Onapsis Raises $55M Growth Round


BOSTON--(BUSINESS WIRE)--Onapsis, the leader in mission-critical application cybersecurity and compliance, today announced it raised $55 million in Series D financing led by Caisse de dépôt et placement du Québec (CDPQ) and NightDragon with strong participation from existing investors .406 Ventures, LLR Partners and Arsenal Venture Partners. The investment will be used to significantly scale the company through rapid expansion into the mission-critical SaaS applications market, starting with protection and compliance for Salesforce and SuccessFactors applications.

This new support for mission-critical SaaS applications enables Onapsis to execute its vision of protecting the intelligent enterprise and accelerating digital transformation initiatives by delivering cybersecurity and compliance solutions for all mission-critical applications running on-premises and hosted on cloud Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), as well as the API-based integrations between them.

“As a long-term investor, we’re pleased with the quality of the company’s partnerships with leading business software providers and its recognition as an organization at the forefront of cyber threat detection and remediation,” said Alexandre Synnett, Executive Vice President and Chief Technology Officer at CDPQ. “We look forward to supporting the new growth initiatives put forward by the Onapsis management team and contributing, through this investment, to improving global cybersecurity.”

Company Momentum and Performance

Onapsis is trusted by more than 300 of the largest global enterprises, including more than 20% of the Fortune 100, to protect their cloud, hybrid and on-premises mission-critical applications. This latest round of funding builds solid momentum after a strong performance year-to-date in 2020 for Onapsis. Highlights include (see Onapsis momentum infographic):

  • Over 145% growth in net new annual recurring revenue (ARR); recognized three consecutive years by the Deloitte Technology Fast 500 publication as one of North America’s fastest-growing technology companies
  • Outstanding customer satisfaction with 98% retention rate and one of the industry’s highest NPS scores
  • Recently announced strategic partnership with SAP, by which The Onapsis Platform is the SAP-endorsed application for cybersecurity and compliance
  • World-class cyber threat research lab – over 800 zero-day vulnerabilities discovered; multiple critical global CERT alerts based on Onapsis’ novel research
  • Established partnerships with leading system integrators and consulting firms including Accenture, Deloitte, IBM, PwC, Verizon, Optiv and others
  • Global operations in the United States, Argentina and Germany with more than 380 employees, recognized as a Top 3 Great Place to Work
  • New support for mission-critical SaaS applications to protect the intelligent enterprise

“Legacy security solutions don’t meet the requirements of today’s business applications – especially in the SaaS world,” said Dave DeWalt, who founded NightDragon and was named Vice Chairman of the Onapsis board of directors earlier this year. “These applications, which are at the core of every enterprise’s digital transformation and have accelerated due to the global pandemic, are facing the perfect storm, yet the tools used to protect them aren’t purpose-built for the job. The expansion into SaaS applications opens a huge market opportunity for Onapsis and fills a much-needed gap for enterprises in the cybersecurity and compliance space.”

New Support for Mission-Critical SaaS Applications

As part of today’s announcement, Onapsis is launching an early access program for The Onapsis Platform for Salesforce and The Onapsis Platform for SuccessFactors. With support for these mission-critical SaaS applications, The Onapsis Platform enables customers to quickly discover, assess, prioritize and eliminate application misconfigurations, vulnerabilities and malicious activity that can impact an organization’s interconnected mission-critical application ecosystem and sensitive business data. Next up for Onapsis will be introducing early access program support for Workday, Oracle ERP Cloud and Oracle HCM Cloud, and other SaaS applications to be released in the coming months.

“As critical business processes and functions, such as HCM, CRM and ERP, extend to the cloud and SaaS environments, enterprises need a way to reduce the risk of their hybrid business platforms, enforce security and compliance baselines from the core to the cloud, and monitor application security, user activity, and threats from development to production,” said Mariano Nunez, CEO and Founder of Onapsis. “This funding only builds on our continued strong momentum as we stay hyper-focused on being the standard for mission-critical application security and compliance across cloud, hybrid and on-premises environments. We are honored to have the trust of new outstanding investors such as CDPQ and NightDragon, and the continued support of our existing partners. We’ll now further scale Onapsis to new heights and help even more organizations around the globe ensure all their critical information and processes are protected.”

To learn more, visit the Onapsis website: https://onapsis.com/.


Onapsis protects the mission-critical applications that run the global economy, from the core to the cloud. The Onapsis Platform uniquely delivers actionable insight, secure change, automated governance and continuous monitoring for critical systems—ERP, CRM, PLM, HCM, SCM and BI applications—from leading vendors such as SAP, Oracle, Salesforce and others.

Onapsis is headquartered in Boston, MA, with offices in Heidelberg, Germany and Buenos Aires, Argentina. We proudly serve more than 300 of the world’s leading brands, including 20% of the Fortune 100, 6 of the top 10 automotive companies, 5 of the top 10 chemical companies, 4 of the top 10 technology companies and 3 of the top 10 oil and gas companies.

The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 800 zero-day vulnerabilities in mission-critical applications. The reach of our threat research and platform is broadened through leading consulting and audit firms such as Accenture, Deloitte, IBM, PwC and Verizon—making Onapsis solutions the standard in helping organizations protect their cloud, hybrid and on-premises mission-critical information and processes.

For more information, connect with us on Twitter or LinkedIn, or visit us at https://www.onapsis.com.


Caisse de dépôt et placement du Québec (CDPQ) is a long-term institutional investor that manages funds primarily for public and parapublic pension and insurance plans. As at June 30, 2020, it held CA$333.0 billion in net assets. As one of Canada’s leading institutional fund managers, CDPQ invests globally in major financial markets, private equity, infrastructure, real estate and private debt. For more information, visit cdpq.com, follow us on Twitter @LaCDPQ or consult our Facebook or LinkedIn pages.


NightDragon is an investment firm focused on investing in growth and late-stage companies within the cybersecurity industry. Its flexible model allows it to lead or co-invest alongside leading venture capital and private equity firms in the pursuit of driving growth and increasing shareholder value. NightDragon is unique in providing deep operational expertise in cybersecurity gained by its founders Dave DeWalt and Ken Gonzalez from years serving as senior executives leading technology companies such as Documentum, EMC, Siebel Systems (Oracle), McAfee, Mandiant, Avast, and FireEye. For more information, visit NightDragon.com.

Recent Deals

Interested in advertising your deals? Contact Edwin Warfield.