Strengths
- BlueVoyant appears on Wikipedia and CB Insights unicorn lists at US$1B+.
- BlueVoyant sells an AI-driven cyber defense platform spanning MDR, third-party risk management, digital risk protection, and professional services.
BlueVoyant Startup Diligence Research Report
BlueVoyant has credible public unicorn-status and operating evidence, plus meaningful product/customer metrics, but diligence must verify recurring revenue mix, gross margin, SOC capacity, customer retention, and security-claim substantiation.
BlueVoyant Startup Diligence Research Report
BlueVoyant has credible public evidence of private-unicorn status and an operating public product footprint, but the highest-value diligence questions remain private: financial quality, customer economics, contract exposure, team retention, and legal/IP completeness.
Audited financials, ARR, gross margin, cash burn, debt, backlog, and AR aging were not public.
Diligence request: Request audited financial statements, management reports, ARR bridge, cohort retention, cash runway, AR aging, debt, and board materials.
Public customer/marketplace signals do not disclose revenue concentration, net retention, churn, or cohort economics.
Diligence request: Request customer-level revenue, renewal, churn, top-customer contracts, and reference calls.
Latest public valuation anchor is US$1B+ around 2022-02; post-round performance and secondary pricing are not public.
Diligence request: Request latest 409A, financing documents, option repricings, secondary transactions, and board-approved plan.
Public competitors have overlapping products and/or distribution advantages.
Diligence request: Benchmark win/loss data, discounting, competitive displacement, and CAC payback.
Public roadmap/R&D signals are directional; shipping cadence, cost, model/vendor dependencies, and quality metrics are private.
Diligence request: Request roadmap, release history, incident/quality metrics, engineering headcount, and architecture/subprocessor review.
Public biographies do not disclose full org chart, compensation, incentive plans, succession, or turnover.
Diligence request: Request current org chart, employment agreements, option plans, hiring/attrition data, and retention-risk analysis.
Public review did not establish litigation inventory, IP ownership, insurance coverage, or material contract obligations.
Diligence request: Request litigation schedule, IP assignment records, trademark/patent list, insurance policies, regulatory correspondence, and material contracts.
Cloud, AI/model, payments, data, SOC, or marketplace vendor dependencies are not fully disclosed publicly.
Diligence request: Request vendor concentration, subprocessors, SLAs, data-processing agreements, BCP/DR tests, and security attestations.
Public sources support BlueVoyant's unicorn valuation anchor (US$1B+) but not audited financial quality, revenue, cash burn, debt, or cap-table detail.
not publicly verifiable confidence: low
Public sources did not disclose full financial statements or management reports for BlueVoyant.
| metric | public value | source | verification status | private data request |
|---|---|---|---|---|
| Customers disclosed | 1000+ customers | More than 1,000 customers in 45 countries. | verified | Map metric to paid accounts and revenue. |
| ARR / revenue / gross margin | not disclosed | reviewed public sources | not_publicly_verifiable | Audited financials, ARR bridge, gross margin by product, and cohort retention. |
| Cash runway / burn | not disclosed | reviewed public sources | not_publicly_verifiable | Cash balance, monthly burn, board plan, debt schedule, and runway sensitivity. |
not publicly verifiable confidence: low
Growth drivers can be inferred from product/market signals, but projections and assumptions are private.
not publicly verifiable confidence: low
Founder and select investor names are public, but ownership percentages and debt terms are private.
| stakeholder | public position | public evidence | diligence caveat | verification status |
|---|---|---|---|---|
| Founders | Jim Rosenthal, Chris Meissner, Jim Thompson, and Arun Sankaran are listed by Wikipedia as founders; BlueVoyant leadership page lists James Rosenthal as Co-Founder and Chairman. | Wikipedia founder row | Share ownership, vesting, and founder employment terms are private. | partially_verified |
| Select investors | 8VC, Liberty Strategic Capital, and Eden Global Partners are listed by CB Insights as select investors. | CB Insights select investor row | Ownership percentages, liquidation preferences, and notes/warrants are private. | partially_verified |
| Employees/options | not public | No option schedule found in reviewed sources. | Request current option plan, grants, exercise prices, and repurchase rights. | not_publicly_verifiable |
partially verified confidence: medium
Current public lists anchor valuation at US$1B+; updated financing history requires company documents.
| date | round | amount | post money valuation | lead or investors | source | verification status |
|---|---|---|---|---|---|---|
| 2022-02-23 | Series D | $250M | $1B+ | 8VC, Liberty Strategic Capital, and Eden Global Partners are listed by CB Insights as select investors. | Wikipedia reference to TechCrunch | partially_verified |
| 2022-02 | CB Insights current unicorn-list valuation | not disclosed in list row | US$1B+ | 8VC, Liberty Strategic Capital, and Eden Global Partners are listed by CB Insights as select investors. | CB Insights | verified |
| 2026-06-12 | current public eligibility check | not applicable | US$1B+ | not applicable | Wikipedia and CB Insights current lists | partially_verified |
Public product pages describe active product offerings; pricing is partly disclosed while enterprise economics and product profitability remain private.
partially verified confidence: medium
BlueVoyant sells an AI-driven cyber defense platform spanning MDR, third-party risk management, digital risk protection, and professional services.
| product | audience | public features | verification status |
|---|---|---|---|
| Managed Detection & Response | Security operations teams | Protect networks, cloud instances, containers, endpoints, and improve EDR/SIEM/cloud tools | verified |
| Third-Party Risk Management | Risk/security teams | Continuous monitoring, questionnaire management, point-in-time assessments, vendor risk consulting | verified |
| Digital Risk Protection | Brand/fraud/security teams | Brand protection, dark web watcher, executive cyber guard | verified |
| Professional Services | Enterprise security leaders | Strategic advisory, offensive operations, proactive defense, respond/DFIR | verified |
| offering | public price or model | public evidence | verification status |
|---|---|---|---|
| MDR / TPRM / DRP suites | Quote-based / not public | Website directs to request a demo or talk to an expert | not_publicly_verifiable |
| Microsoft security services | Quote-based / not public | MDR for Microsoft and Microsoft deployment/assessment services are public | partially_verified |
| Professional services retainers | Not public | DFIR and vCISO economics require contracts and rate cards | not_publicly_verifiable |
Public traction/customer signals exist, but customer-level revenue concentration, churn, contract terms, and supplier spend are not public.
partially verified confidence: medium
More than 1,000 customers in 45 countries.
| customer or segment | use case | public evidence | verification status |
|---|---|---|---|
| More than 1,000 customers | Cross-product customer base | Homepage says more than 1,000 customers in 45 countries | verified |
| State of California | MDR / onboarding case quote | Homepage quotes OIS Security Operations Chief Conrad Long about onboarding speed | partially_verified |
| Snappi Neobank | Financial services security case study | Homepage quotes Snappi on SOC confidence and scalability | partially_verified |
| Europe largest cinema operator | Case-study teaser | Homepage says a cinema operator unified security across 8 countries | partially_verified |
partially verified confidence: medium
Public partnership signals exist, but revenue contribution and contract terms are not public.
| partner | relationship nature | public evidence | verification status |
|---|---|---|---|
| Microsoft | Technology and go-to-market partner | Homepage says BlueVoyant is recognized by Microsoft 10x including Worldwide Security Partner of the Year and Security MSSP of the Year | verified |
| Channel/technology partners | Partner ecosystem | Site navigation includes channel partners and technology partners | partially_verified |
| Government solutions | Public-sector offering | Leadership page lists President, BlueVoyant Government Solutions | partially_verified |
not publicly verifiable confidence: low
Customer-level revenue and concentration are not public.
not publicly verifiable confidence: low
No comprehensive public list of severed customer, partner, or supplier relationships was found in reviewed sources.
not publicly verifiable confidence: low
Supplier, cloud, subprocessor, and vendor-spend concentration are not fully public.
| supplier or dependency | role | public evidence | verification status |
|---|---|---|---|
| Microsoft Sentinel / Microsoft security stack | Core integration dependency | Homepage says 1,200+ Microsoft Sentinel deployments and MDR for Microsoft | verified |
| SOC staffing and threat-intelligence operations | Service delivery dependency | Homepage emphasizes experts, SOC monitoring, and threat intelligence | partially_verified |
| Cloud/data vendors | Not public | Request subprocessor list, cloud regions, and data-retention controls | not_publicly_verifiable |
The company competes in a market with credible alternatives; public evidence supports overlap but not win/loss or share.
partially verified confidence: medium
Public alternatives overlap target workflows and create pricing/distribution pressure.
| competitor | segment | product overlap | differentiator |
|---|---|---|---|
| CrowdStrike | Endpoint/XDR/MDR cybersecurity | MDR and managed security overlap | Endpoint platform scale |
| Palo Alto Networks Unit 42 / Cortex | Security platform and services | Incident response and managed detection overlap | Platform breadth |
| Mandiant / Google Cloud | Threat intelligence and incident response | Professional services and MDR overlap | Incident-response reputation |
| Arctic Wolf | MDR/SOC-as-a-service | Managed detection and response overlap | Focused MDR channel motion |
| axis | target position | competitor pressure | evidence status |
|---|---|---|---|
| Product breadth | Managed Detection & Response, Third-Party Risk Management, Digital Risk Protection, Professional Services | Multiple adjacent competitors overlap core workflows. | partially_verified |
| Distribution | Direct enterprise sales, Microsoft ecosystem, Channel partners, Thought leadership/resources | Competitors may have stronger bundled or search distribution. | partially_verified |
| Price / unit economics | Not fully disclosed | Discounting and CAC payback require win/loss data. | not_publicly_verifiable |
Owned-channel and GTM signals are visible, but CAC, quota, payback, pipeline, and channel-mix data are private.
partially verified confidence: medium
Public GTM channels are visible but channel weights and CAC are not.
| channel | public evidence | public weight | verification status |
|---|---|---|---|
| Direct enterprise sales | Request demo / talk to expert CTAs across platform pages | not disclosed | partially_verified |
| Microsoft ecosystem | MDR for Microsoft, Sentinel deployments, Microsoft awards | not disclosed | verified |
| Channel partners | Partner navigation lists channel partners | not disclosed | partially_verified |
| Thought leadership/resources | Resources, webinars, reports, Gartner TPRM content links | not disclosed | verified |
| signal | public evidence | verification status |
|---|---|---|
| Platform metrics | 10x Microsoft award winner, 1,200+ Sentinel deployments, 24x7 SOC monitoring | verified |
| TPRM metrics | 18x faster remediation, 98% accuracy, 3.5-hour response for zero-day vulnerabilities, 1,600 vulnerabilities remediated in last 30 days | verified |
| Customer reach | More than 1,000 customers in 45 countries | verified |
partially verified confidence: medium
Major customer trends and pipeline quality require private CRM and renewal data.
partially verified confidence: medium
Public pages show owned channels and CTAs; lead source attribution is private.
not publicly verifiable confidence: low
Sales compensation, quota, cycle length, and hiring plan were not public.
not publicly verifiable confidence: low
Budget sufficiency cannot be assessed from public sources.
Public roadmap/R&D signals exist, but R&D spend, staffing, and technical dependencies require company records.
partially verified confidence: medium
Public personnel/product signals exist, but R&D org design and staffing are incomplete.
| name or role | public role | public evidence | verification status |
|---|---|---|---|
| John Hernandez | Chief Executive Officer | Leadership page lists CEO | verified |
| Ravi Subramanian | Chief Financial Officer | Leadership page lists CFO | verified |
| Sebastian Sobolev | Chief Product Officer | Leadership page lists CPO | verified |
| Jim Bieda | Global Chief Technology Officer | Leadership page lists Global CTO | verified |
| John Harbaugh | Chief Information Security Officer | Leadership page lists CISO | verified |
| James Rosenthal | Co-Founder and Chairman of the Board | Leadership page lists co-founder/chairman | verified |
partially verified confidence: medium
Public roadmap/product initiatives exist, but timing, cost, and dependency risk need internal review.
| project | status | public evidence | verification status |
|---|---|---|---|
| BlueVoyant AI | Announced / live CTA | Homepage positions agentic SecOps and AI built in the SOC | verified |
| Cyber Defense Platform | Live platform | Platform page describes integrated MDR, TPRM, DRP and professional services | verified |
| Microsoft optimization | Live service line | Platform page lists continuous optimization for Microsoft solutions/security | verified |
Founder or leadership signals are public, but org chart, compensation, option plans, and turnover are not public.
not publicly verifiable confidence: low
No complete public org chart with reporting lines was found.
not publicly verifiable confidence: low
Historical and projected headcount by function/location are mostly not public.
| function or metric | public value | public evidence | verification status |
|---|---|---|---|
| Named executive/advisor roster | 15 | Leadership page lists a broad executive and advisor roster | partially_verified |
| Total employees | not disclosed | Not disclosed in fetched public sources | not_publicly_verifiable |
| SOC regional coverage | not disclosed | Homepage says 24x7 in-regional SOC monitoring across Europe and the US but does not disclose staffing | partially_verified |
partially verified confidence: medium
Public founder/leader signals support basic management identification.
| name | role | source detail | verification status |
|---|---|---|---|
| John Hernandez | Chief Executive Officer | Leadership page lists CEO | verified |
| Ravi Subramanian | Chief Financial Officer | Leadership page lists CFO | verified |
| Sebastian Sobolev | Chief Product Officer | Leadership page lists CPO | verified |
| Jim Bieda | Global Chief Technology Officer | Leadership page lists Global CTO | verified |
| John Harbaugh | Chief Information Security Officer | Leadership page lists CISO | verified |
| James Rosenthal | Co-Founder and Chairman of the Board | Leadership page lists co-founder/chairman | verified |
not publicly verifiable confidence: low
Compensation and employment agreements are not public.
not publicly verifiable confidence: low
Option/incentive stock plan documents are not public.
not publicly verifiable confidence: low
Employee-relations issues, if any, require HR/legal records.
not publicly verifiable confidence: low
Turnover data is not public.
| item | public evidence | verification status | diligence request |
|---|---|---|---|
| Executive departures last two years | No comprehensive departure list in reviewed sources. | not_publicly_verifiable | Request executive-change log and references. |
| Voluntary/involuntary turnover | Not disclosed. | not_publicly_verifiable | Request monthly attrition by function and geography. |
| Retention programs | Not disclosed. | not_publicly_verifiable | Request compensation, option refresh, and retention plans. |
Public legal/trust surfaces are limited; litigation, regulatory, IP, insurance, and material-contract schedules require counsel-led diligence.
not publicly verifiable confidence: low
Pending lawsuits against the company require counsel confirmation and docket search.
| case | court or source | status | verification status |
|---|---|---|---|
| Public litigation inventory | Not found in reviewed company/list sources | Requires counsel confirmation and docket search | not_publicly_verifiable |
| Customer/vendor disputes | Not public | Request legal schedule | not_publicly_verifiable |
not publicly verifiable confidence: low
Company-initiated litigation requires counsel confirmation and docket search.
| defendant or matter | court or source | status | verification status |
|---|---|---|---|
| Public offensive litigation inventory | Not found in reviewed company/list sources | Requires counsel confirmation and docket search | not_publicly_verifiable |
| IP enforcement / collections | Not public | Request legal schedule | not_publicly_verifiable |
not publicly verifiable confidence: low
Environmental/safety exposure appears limited for software/service operations but employee safety policies are private.
not publicly verifiable confidence: low
IP ownership and assignment chain are not verifiable from reviewed public sources.
| asset or surface | jurisdiction or scope | public status | verification status |
|---|---|---|---|
| Company brand / trademarks | Not independently searched | Brand use visible on company website | partially_verified |
| Product IP / code / model rights | Private records required | Not disclosed in reviewed public sources | not_publicly_verifiable |
| Terms/privacy/trust surfaces | Public website | Public legal or trust links/pages reviewed where available | partially_verified |
not publicly verifiable confidence: low
Insurance coverage and exclusions are private.
not publicly verifiable confidence: low
Material customer, vendor, and financing contracts are private.
not publicly verifiable confidence: low
Regulatory history and correspondence require company/counsel records.
| agency or area | public action | verification status | diligence request |
|---|---|---|---|
| Privacy/data protection | No enforcement action identified in reviewed sources | not_publicly_verifiable | Request privacy incidents, DSR metrics, DPIAs, and regulator correspondence. |
| Sector-specific compliance | Business model creates possible regulatory obligations depending on customers and jurisdictions | inconclusive | Request compliance matrix and counsel memo. |
| Insurance/material exposure | Not public | not_publicly_verifiable | Request insurance policies, claims history, and exclusions. |
| ID | Claim | Status | Sources |
|---|---|---|---|
| EC-001 | BlueVoyant appears on current public unicorn lists at US$1B+. | verified high | SRC-001SRC-002 |
| EC-002 | BlueVoyant sells an AI-driven cyber defense platform spanning MDR, third-party risk management, digital risk protection, and professional services. | verified high | SRC-003 |
| EC-003 | BlueVoyant publicly discloses selected pricing or go-to-market mechanics but not full contract economics. | partially verified medium | SRC-004 |
| EC-004 | BlueVoyant discloses customer or marketplace traction signals. | verified high | SRC-003SRC-005 |
| EC-005 | BlueVoyant has public founder, investor, or leadership signals but not a full cap table. | partially verified medium | SRC-001SRC-002SRC-005 |
| EC-006 | BlueVoyant public research did not reveal full financial statements, ARR, gross margin, backlog, AR aging, or debt schedules. | not publicly verifiable high | SRC-001SRC-002 |
| EC-007 | BlueVoyant operates in a competitive market with credible public alternatives. | partially verified medium | SRC-003 |
| EC-008 | BlueVoyant public GTM evidence identifies channels but not CAC, payback, quota, pipeline, or channel mix. | partially verified medium | SRC-003SRC-004SRC-006 |
| EC-009 | BlueVoyant publicly discloses product roadmap or R&D-oriented initiatives, but not R&D spend or staffing detail. | partially verified medium | SRC-003SRC-004 |
| EC-010 | BlueVoyant has public management/personnel signals but private compensation, turnover, and incentive plans remain undisclosed. | partially verified medium | SRC-001SRC-005 |
| EC-011 | BlueVoyant has public legal/privacy/trust surfaces, but litigation, insurance, material contracts, and IP ownership require direct legal diligence. | partially verified medium | SRC-003SRC-005SRC-006 |
| EC-012 | BlueVoyant remained eligible for this run based on current unicorn-list inclusion and operating website evidence. | partially verified medium | SRC-001SRC-002SRC-003 |
| ID | Publisher | Title | Accessed |
|---|---|---|---|
| SRC-001 | Wikipedia | Wikipedia: List of unicorn startup companies | 2026-06-12 |
| SRC-002 | CB Insights | CB Insights: The Complete List Of Unicorn Companies | 2026-06-12 |
| SRC-003 | BlueVoyant | BlueVoyant homepage | 2026-06-12 |
| SRC-004 | BlueVoyant | BlueVoyant Cyber Defense Platform page | 2026-06-12 |
| SRC-005 | BlueVoyant | BlueVoyant leadership page | 2026-06-12 |
| SRC-006 | TechCrunch via Wikipedia references | TechCrunch reference cited by Wikipedia | 2026-06-12 |
This report is a public-evidence diligence snapshot, not investment advice. Important financial, legal, technical, and contractual facts remain non-public and should be verified directly with management and primary documents before any investment decision.