Second Front Raises $40M to Support More Classified NetworksSeries B Funding Will Help Second Front Pursue US Civilian, International Business
A veteran-founded vendor focused on fast-tracking government access to commercial software closed its Series B funding round Tuesday to support more classified and regulated environments.
The Wilmington, Delaware-based firm said the $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. defense and national security space as well as pursue U.S. civilian, state and local government, and foreign government opportunities. The funding puts Second Front on the path to profitability and means the firm won't need to raise more money going forward.
"As we continue to focus on expansion into classified and other regulated environments, making sure that we're scaling security and we're scaling the compliance side of the house to parity with our technical builds and our sales is critical," Second Front Systems CEO Tyler Sweatt told Information Security Media Group.
Second Front was established in 2014 by Marine Corps veterans Peter Dixon, Mark Butler and Nate Hughes and has raised $80.1 million in outside funding. Sweatt - a former Army officer - was promoted in July from chief revenue officer to CEO, and longtime CEO Dixon became executive chairman. The Series B funding was led by NEA, which can assist with hiring, partnerships and business development (see: Financial Sector Security: Critical Assets Must Be Protected).
Extending Support to Bespoke Federal Networks
The company employs nearly 100 people today, and Sweatt expects Second Front's headcount to exceed 140 a year from now as the company hires more security practitioners, DevSecOps engineers, senior engineering managers and customer success, marketing and partnership personnel. The company competes directly against Coalfire and Palantir as well as niche consulting and services teams.
As Second Front works in more classified or regulated environments, Sweatt said, a different body of evidence is needed to achieve the technical fit or acceptable baseline criteria. The variance among what's allowed in different classified environments should be transparent to application developers within a single design framework, while at the same time abstracting away complexity for end customers, he said.
"Services that are available inside boundaries differ pretty wildly from environment to environment," Sweatt said. "So, what works in one classified environment may not work in another classified environment."
Second Front wants to abstract the body of evidence and artifacts required and the different cloud-native services available down to a single design pattern so that independent software vendors only have to conform to one pattern rather than six or seven forked deployments, according to Sweatt. He said the company's Series B funding will help simplify the deployment process for ISVs.
"You build once, deploy once and then you can sell many inside the global national security defense markets, versus a whole bunch of single one-off on-prem deployments," Sweatt said.
Pursuing Civilian, International Opportunities
The process of bringing commercial software to classified networks in the United Kingdom and Australia is similar to the United States from a technical standpoint but differs from a policy standpoint when it comes to sovereignty and localization, according to Sweatt. Second Front opened offices in the U.K. earlier this fall and will push its public sector team into Australia and NATO to align the policy and technical sides.
Getting boots on the ground outside the United States will help Second Front roll local policies into the company's technical road map and allow the company to build and test the application of local policies within the company's technology early in the application development life cycle, Sweatt said. The firm hopes to extend corporate governance functions from the C-Suite to the vice president and director levels, he said.
"What works in one classified environment may not work in another."
– Tyler Sweatt, CEO, Second Front Systems
To date, Second Front has primarily focused on defense and national security organizations given the budget availability and demand levels, but it now plans to expand into the federal civilian market as well as state and local governments. Sweat said civilian agencies have different security artifact requirements as well as a different policy and control mapping process, compared with the U.S. defense sector.
From a metrics standpoint, Sweatt said Second Front, will focus primarily on annual recurring revenue, customer net promoter scores and the number of unique users each month. The latter will help Second Front understand which organizations are using which applications and help the company assess to what extent it's making the right technology available to the national security community.
"I've been in 100 different conversations where we've talked about, 'How do we get security into the boardroom? How do we get security in a meaningful way into the C-suite? How do we really transform that relationship?'" Sweatt said. "That's what we're trying to do."