Getting to Scale as a Specialist: Lessons from Semperis Reaching $100M ARR
There’s no shortage of debate in cybersecurity circles about securing enterprises in an increasingly complex digital landscape. In particular, one often hears about the need for consolidation and the discussion around “one platform for all” and “best-in-breed” solutions. At 1011vc, we believe the size of the opportunity for “best-in-breed” solutions can be massively overlooked. Under the right circumstances, these specialized solutions can grow into huge companies, helping enterprises worldwide address a specific attack vector more effectively and comprehensively.
Our investment in Semperis, a leading provider of identity-driven cyber resilience solutions for hybrid Active Directory (AD) and Entra ID environments, demonstrates how this specialized strategy can lead to immense growth and scale. Since our initial investment in 2022, Semperis has achieved a significant milestone – $100M in annual recurring revenue (ARR) – solidifying its place as a cybersecurity “centaur.” Many additional signs exist that there is much further to go:
- 250%+ customer growth over the last three years, predominantly in the US and Europe, but quickly expanding into APAC, LATAM, and other markets
- Growing a global employee base, 25% increase in 2024 alone (particularly impressive during a year of sweeping tech layoffs)
- Hitting the Deloitte Fast 500 list five years in a row (remarkably consistent double and triple-digit growth year after year)
Background on 1011vc’s Initial Investment
In our previous post, “Why We Invested in Semperis,” we discussed how Microsoft Active Directory (“AD”) was a prevalent but overlooked attack vector. We referenced the statistics that AD was (and still is), according to Gartner, used in 90% of enterprises for authentication, access control, and policy management, and “if AD is breached, an attacker gets virtually unrestrained access to the organization’s entire network and resources.” Attacks such as SolarWinds highlighted AD’s critical role in enabling attackers to escalate privileges and maintain persistence in enterprise networks. Semperis was a first-mover in fully understanding and solving the problem – there at the right place, right time – during a critical chapter for the industry. As cyber specialists, we also recognized this opportunity and were thrilled to invest in a company specializing in the solutions we knew were needed.
However, many other strengths of the Company have been made clear since our original investment, a few of which we would like to highlight today to celebrate Semperis reaching the significant milestone of $100M ARR. In these lessons, we see a path forward for other cyber specialists to grow to the size, scale, and success that Semperis has.
Lesson 1: Look for new opportunities in underestimated problems, and solve them with purpose.
Tremendous opportunities often lie in underestimated problems. AD was an older technology not built with security in mind, and provided a weak link for many attackers looking for a way to execute large-scale attacks (an estimated nine out of ten attacks exploited vulnerabilities inside of AD). Despite its flaws, the technology was too central and integrated into all architectures to be replaced. Semperis had a unique understanding of the technical complexity needed to safeguard it. And while most competitors focused on repairing AD after operational issues and natural disasters, only Semperis’ backup-and-recovery tool prioritized cyber resilience, ensuring environments are restored without reinfection risks.
Their specialized expertise in tackling this overlooked but very specific problem has made Semperis indispensable to companies worldwide. Forrester’s Total Economic Impact™ study of Semperis customers unveiled impressive ROI metrics, totaling an average of $9.5M in economic benefits for enterprises, including:
- 90% faster AD recovery
- 25% reduced likelihood of successful AD attacks
- 90% speedier object- and group-level recovery
- 40% reduction in time spent monitoring the hybrid AD environment
Lesson 2: Find leaders who are born to solve a particular problem and who can build a team with unmatched subject matter expertise, scaling that expertise over time.
Semperis sets itself apart with founders who deeply understand their market. Mickey Bresman’s experience provided him with an inside track on the scope of AD vulnerabilities. This firsthand knowledge helped the team solutions that feel custom-fit — intuitive for users but robust enough to tackle advanced threats.
Furthermore, scaling as a specialist requires building a team with similar insider expertise and operational know-how. Semperis embodies this principle. The company’s various security teams include former Microsoft engineers and Microsoft MVPs who bring unparalleled experience in managing and protecting sensitive AD environments. This collective expertise allows Semperis to deliver solutions that are not only innovative but also profoundly aligned with the real-life challenges facing security professionals.
The Semperis story teaches emerging specialists that achieving scale starts with assembling a team whose expertise strongly aligns with the problem they’re solving, having a clear POV about improving the world, and then continuing to differentiate with talent that understands this singular approach over time.
Lesson 3: Don’t be scared to define and lead emerging categories that will shape your industry.
Creating a product is one thing. Defining and owning an entirely new category is another. Semperis didn’t just develop Identity Threat Detection and Response (ITDR) solutions; they shaped the very category of ITDR.
When Gartner coined ITDR approximately three years ago, it was an emerging concept and not broadly understood. Today, it’s one of the fastest-growing priorities for security leaders. By being in the position as first movers in ITDR with an already mature product offering and established customer base, Semperis has been instrumental in validating this space and demonstrating its importance to the broader cybersecurity ecosystem.
Lesson 4: Prioritize ease of use and integrations to help your specialized solution fit with the other tools that customers already have in their toolbox.
When teaching people how to solve a problem that has been unsolved before, product leaders need to make sure their product is easy to understand and use so that adoption can thrive. Semperis consistently refines its products, achieving an impressive Net Promoter Score (NPS) of 85—a testament to its unwavering commitment to innovation and customer experience, even as it scaled from 100 to almost 1000 customers. Whether continuously scanning AD for hundreds of potential indicators of attack or automating lengthy AD recovery processes with just five clicks, their solutions prove that even the most sophisticated new technology can be intuitive and user-friendly.
Also, product leaders at companies like Semperis must prioritize seamless integration points when building a best-of-breed solution to scale. Semperis excels in connecting its specialized solutions with existing tools like EDR, SIEM, enterprise backup products, and broader IT infrastructures, adding more value to existing security investments.
Finally, partnerships are key. Semperis actively collaborates with other security vendors to ensure seamless integration and enhance the overall security posture. For aspiring specialists hoping to scale, the emphasis should be on building solutions that enhance—not overhaul—a customer’s existing processes.
Lesson 5: Look for the opportunity to create specialized services around your specialized product (that often cannot be found elsewhere!)
Specialized products can pave the way for a range of specialized services, unlocking opportunities for incremental revenue and overall stickiness with the customer. As part of Semperis’ effort to hire experts who deeply understand their market, the team brought Todd Weber, former CTO at Optiv and Ten Eleven alum, on board to build out its services arm. This now offers breach preparedness and response (BP&R), a specialized identity IR team, AD migration services, and more. Throughout his career, Todd had seen all shapes and sizes of services and knew how desperately needed the Semperis offering was. Now, the world’s most prominent incident response companies routinely call Semperis for specialized help when AD has been compromised in customer environments.
Lesson 6: Recognize that solving specific problems can create a huge overall impact for the customers who buy them.
Being a specialist doesn’t mean being small. Specialists can address universal pain points by solving a specific problem exceptionally well and building a scalable, global business. The need for AD security transcends industries, geographies, and company sizes. 50% of organizations have experienced AD-targeted attacks in the past 1-2 years, while 86% plan to increase their investment in protecting AD. Semperis’ client base spans verticals like healthcare, financial services, energy, and professional services, showing how a focused solution can serve diverse enterprises. Semperis is also rapidly increasing its product offerings to protect other identity services outside of Microsoft, including Okta, and support all customer environments with SaaS and on-premise deployment options. Semperis is finding many opportunities to grow and expand its offerings and customer base within its specialty.
What’s Next?
Semperis’ $100M ARR achievement is an outstanding example of what’s possible for cyber specialists. And given their current growth statistics and product roadmap, we know there’s much more to come. For other companies developing bold, specialized solutions to overlooked problems, Semperis provides a compelling case study for reaching new heights and achieving enterprise-wide, global impact. We are thrilled for the team, and can’t wait to see what’s next.
About The Author
