Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Fortune
Fortune
Allie Garfinkle

Exclusive: Chainguard raises $140 million Series C

three men lean towards one another for a photo while sitting at a dinner table (Credit: Chainguard)

All nice places are alike, but every dive bar is divey in its own way. 

That’s what Chainguard CEO and cofounder Dan Lorenc once said, invoking Tolstoy’s Anna Karenina to explain his affinity for Hi-Dive, a dive bar on San Francisco’s Embarcadero. Walking into Hi-Dive feels vaguely like stepping into a submarine—the ceiling’s low, the water’s near, and the lights are dim or neon, even in the dead of a Friday afternoon. 

“It's my favorite place in San Francisco,” said Lorenc, who was at Google for nearly a decade and frequently brought colleagues to Hi-Dive, laptops in tow. 

Now, Hi-Dive—with its faded blue floors and concrete umbrella-ed patio—is the unofficial Silicon Valley home of Chainguard, the software supply chain security startup that Lorenc cofounded in 2021 with now-CTO Matthew Moore, now-CPO Kim Lewandowski, and Ville Aikas. Though in certain ways a product of the pandemic—the company is fully remote, for example—Chainguard has seemingly jumped from COVID-19 into a full-fledged growth spurt. In the first six months of this fiscal year, Chainguard’s ARR has shot up by more than 175% and its customer base has grown by more than five times year over year. 

I suspect you can see where this is headed: Chainguard recently raised a $140 million Series C, led by Redpoint, Lightspeed Venture Partners, and IVP, Fortune can exclusively report. Amplify, Mantis VC, Sequoia Capital, and Spark Capital, all existing investors, also participated in the round. The company’s now valued at $1.12 billion, but that valuation, Lorenc says, is a promise rather than an endpoint—from here, the task of scaling the company will be in full force. 

“We haven’t won anything yet,” said Lorenc. “Our quarter’s about to end, and every quarter we start back over at zero.”

I met Lorenc and the Chainguard crew at the bar, with some folks joining virtually and engineering manager Priya Wadhwa (she’s worked for Lorenc three times) right next to me. They’re almost all sporting cowboy hats (more on that later), and recounting tales of karaoke triumphs and seafood boils. 

“We do serious work, but we don’t take ourselves too seriously,” said Lewandowski. “That’s one of our core values.”

Okay, so what exactly is this “serious” work? 

Here’s an attempt to sum it up in plain English: Most software today relies on open-source components called container images, which are the standard packaging format generally used to deploy software in the cloud. These container images require constant updating and vigilance to be secure. Chainguard manages this process, taking a real-world headache away from businesses while providing them with more confidence about their software’s security. In the words of Moore, the CTO, the company takes away the “toil” of removing vulnerabilities in base container images. This offsets the “doom cycle of iteration” that frequently kicks off when “developers discover numerous vulnerabilities,” Moore said. 

Categorizing Chainguard (and its potential) isn’t necessarily easy. Sai Senthilkumar, Redpoint partner, said via email that Chainguard’s bull case is as a “next-gen” VMware, while the bear case is that it’s a complementary tool. On a Zoom call, Lightspeed partner Arsham Memarzadeh says that the firm initially struggled to put Chainguard in a bucket. 

“We almost got caught up thinking: Oh, is this another supply chain security tool? But if you think about it, it is this supply chain, equal parts infrastructure company and cybersecurity company,” Memarzadeh said, who says that he thinks about Chainguard as a category-creator. 

“Anytime you’re creating a category, there’s a little bit of a risk that the budget doesn’t necessarily exist,” Memarzadeh continued. “But the reason we got comfort was that talking to customers.” One Fortune 500 customer Memarzadeh talked to said that using Chainguard freed up an entire engineering team’s resources. “The love was palpable.”

“Customers were saying that this is becoming part of their standard operating procedure,” IVP general partner Tom Loverro said. “That’s the difference between being just satisfied and fully embracing something.”

On the subject of hats: I heard at some point that Lorenc pitched all these VCs wearing a cowboy hat. That, as it turns out, is an understatement—after all, like any startup founder, Lorenc wears many hats. 

"Dan was actually in one of those Kangol-style flat caps that my grandfather wore,” Loverro clarified for me. “He must have a myriad of hats to choose from…He may have a stovepipe hat in his closet for all I know.”

I did some very serious investigative journalism on this topic. Lorenc kindly went to his closet and counted hats for me: Four Golden State Warriors caps, plus a cowboy hat, Newsies-esque cap and Carhartt beanie, making for a total of at least seven. There’s also evidence of, at least once, a velvet wizard hat

Yes, I know: I’m fixated on the hats and the dive bar, but I think it’s because they get at something I’ve been considering for some time. VCs may be obsessed with pattern recognition, and I won’t question the value of that. But I also have started to think, in my own take on the first line of Anna Karenina

All decent companies are alike, but every company that stands out from the pack does so in its own way.

Elsewhere…Fortune’s Michal Lev-Ram has just published her profile of Sequoia Capital’s Roelof Botha. Botha sounds off on handling the FTX debacle, LPs, and rugby—and Patrick Collison even makes an appearance. Read the whole story here.

Scoop…Fortune’s Jessica Mathews scooped the news that Carta’s COO has left the company after less than a year. Read the whole story here

See you tomorrow,

Allie Garfinkle
Twitter:
@agarfinks
Email: alexandra.garfinkle@fortune.com
Submit a deal for the Term Sheet newsletter here.

Joe Abrams curated the deals section of today’s newsletter.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.