Question: How did a company that is essentially an API raise $8.2 million? Answer: by smartly targeting a fat market (identity access management in the cloud) that has great need, according to the press release,
"Stormpath is targeting a large and fast-growing market at the intersection of identity and cloud development. According to Forrester Research, the IDM (Identity Management) market will grow to $12 billion in 2014, with cloud adoption growing at 24 percent annually according to 451 Research. Almost half of applications built in the cloud are externally facing, and require robust user management and security infrastructure. Stormpath fills that gap with a secure service that is simple for development teams to deploy and maintain."
The Stormpath REST API is aimed at enterprises managing security for thousands of users, groups and roles across multiple applications. It's easy to deploy security workflows like account verification and password reset. The documentation for the REST API provides support for Java, PHP, and Ruby SDKs.
Meghan Kelly at Venturebeat raises an important question, do you really need to outsource this function to a separate company? As she puts it,
"Companies like Stormpath may actually make a lot of sense. As a business-owner, you might have the desire to control your company’s security landscape completely on your own. But employing a dedicated company that is putting all of its resources into that one security product might actually make it stronger and more reliable."
But wait a sec. $8.2 million? An incredibly powerful entry on Stormpath's blog nicely outlines what is at stake. It makes no mention of the funding, but indirectly leaves no doubt that Stormpath adds value. In a piece titled Password Breach? That'll be $172,000,000 Please, Claire Hunsaker gives a chilling run through of what that famous security breach in 2011 at Sony Playstation cost the company. The tip of the iceberg was the fine levied by UK courts: $400,000. As she notes,
"Sony reported an estimated outlay of $171M for insurance, customer support, and rebuilding their user management and security systems. Since the breach, partially due to a drop in customer confidence, Sony’s stock price has dropped from $30 to $13."
I suspect that Sony's share price fall from 2011 to the start of 2013 she mentions had other, much bigger factors in the mix, like its losing battle with...everybody. But that doesn't detract from the incredible damage done by the attack. Hunsaker reports that, of course, it will cost smaller companies a lot less money, yet the average is $5.5 million per attack.
Stormpath's value may be rising. But there's no mystery as to why.