Security Experts:

Connect with us

Hi, what are you looking for?


Cybersecurity Funding

Illumio Raises $125 Million to Expand Adaptive Segmentation Business

Data center and cloud segmentation firm Illumio announced today that it has raised a further $125 million in a Series D funding round. This adds to the $100 million Series C financing raised in April 2015, and brings the firm’s total funding to $267 million.

Data center and cloud segmentation firm Illumio announced today that it has raised a further $125 million in a Series D funding round. This adds to the $100 million Series C financing raised in April 2015, and brings the firm’s total funding to $267 million.

New and existing investors, including Andreessen Horowitz, General Catalyst, 8VC, Accel and Data Collective (DCVC) all participated — buoyed by the firm’s annualized bookings growth of 400 percent from the first to second year in market. Illumio’s customers now include nine of the largest 15 financial companies in the U.S., and four of the top seven SaaS providers.

Illumio LogoThe new capital will be used to expand Illumio’s global reach in field sales, marketing and customer support; and continuing R&D. The purpose, said Illumio in a statement today, is to “enable the company to accelerate its vision of making adaptive segmentation the foundation for cybersecurity in every enterprise data center and public cloud.”

Segmentation is not a new security concept. In its most basic form, company computers are segmented from the public internet, and OT is segmented from IT, with firewalls. But as cyber attackers have become more sophisticated, and data center infrastructures more complex, the need for internal segmentation has grown. It is the most effective method for containing the insider threat, and for preventing the lateral movement of attackers who breach the firewall perimeter defense.

Indeed, segmentation is increasingly required for compliance and regulations. For example, PCI DSS v3.2 (1.3.6) states, “Place system components that store cardholder data (such as a database) in an internal network zone, segregated from the DMZ and other untrusted networks.” Such requirements are only likely to increase both as part of compliance and as a means of demonstrating best security practices to regulators.

“Given the exponential growth of cybersecurity risks, it’s clear that segmentation is now one of the largest market opportunities in enterprise software,” said Larry Unrein, Global Head of J.P. Morgan Asset Management’s Private Equity Group.

But the traditional methods for segmentation — firewalls and router-enforced zoning — are difficult, complex and expensive in modern dynamic data centers and public clouds. This is the market and approach that Illumio seeks to disrupt. Rather than imposing rules on separate routers and firewalls around the infrastructure, Illumio provides a platform that invokes the inherent security already available within individual devices.

The segmentation is controlled and enforced from a central policy compute engine (PCE) that activates and manages the enforcement capabilities in existing assets. It doesn’t require additional hardware or software that add complexity, become performance chokepoints, and increase costs. Illumio’s approach is to allow the right degree of segmentation to precisely where it is needed: a granular and adaptive method.

Using this approach, Morgan Stanley reduced its firewall rules by 90 percent with Illumio, while another customer has reduced 15,000 firewall rules to 40 security policies — all defined in, contained in, and controlled by the PCE. 

“The security segmentation market is already a multi-billion-dollar opportunity,” said Andrew Rubin, CEO and co-founder of Illumio; “and Illumio’s traction with customers such as Salesforce, Morgan Stanley and Workday demonstrates that the Illumio Adaptive Security Platform can solve these challenges at scale. Illumio is uniquely suited to address the needs of large and small organizations as they shift focus away from the perimeter and towards having complete visibility and control inside the data center and cloud compute environments.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


More than 450 cybersecurity-related mergers and acquisitions were announced in 2022, according to an analysis conducted by SecurityWeek


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Twenty-one cybersecurity-related M&A deals were announced in December 2022.


Forty cybersecurity-related M&A deals were announced in January 2023.