high high likelihood
R-004: Competition and pricing pressure can compress growth and retention
The company competes with Snowflake, Databricks, Dremio and adjacent incumbents with larger distribution or procurement leverage.
Diligence request: Run win/loss, pricing, discount and renewal benchmarks against direct and suite competitors.
high medium likelihood
R-001: Financial quality, ARR retention and margins are private
Public evidence does not include audited statements, current ARR, gross margin, cash, debt, CAC/payback, NRR or cohort retention.
Diligence request: Request audited financials, KPI pack, cash/debt schedule, revenue bridge, cohort retention and board-approved forecast.
high medium likelihood
R-002: Headline valuation may be stale or unsupported by current market multiples
Latest public valuation anchor is $3.35B from February 2022; public sources do not prove current post-money, liquidation stack or investor preferences.
Diligence request: Request financing documents, cap table, preference stack, option pool, 409A marks and any down-round or secondary transaction evidence.
high medium likelihood
R-003: Customer concentration, renewal health and logo quality are opaque
Public customer logos and case studies do not disclose ARR by account, renewal status, churn, NRR or contract obligations.
Diligence request: Request top-customer ARR by cohort, renewal schedule, churned accounts, contract terms and independent references.
high medium likelihood
R-009: Open-source commoditization and IP defensibility risk
Trino is Apache-licensed and publicly available; Starburst must prove proprietary differentiation, conversion and IP/OSS compliance.
Diligence request: Review proprietary code, connectors, performance IP, OSS contribution/assignment records and customer conversion from OSS to paid.
high medium likelihood
R-010: Security and data-access blast radius
Starburst products connect to many sensitive data sources; misconfiguration, SaaS isolation issues or connector vulnerabilities could create broad data exposure.
Diligence request: Review SOC 2 Type II, ISO scope, pen tests, incident history, architecture, tenant isolation, RBAC/ABAC, audit logs and customer security exceptions.
medium medium likelihood
R-005: Product, technical and security claims need independent validation
Public product materials do not provide architecture review, incident history, uptime, security attestations, model-quality evidence or technical debt analysis.
Diligence request: Request roadmap, architecture review, SOC/security reports, incident history, SDLC controls and product-quality metrics.
medium medium likelihood
R-008: Operational dependencies may create implementation or scalability bottlenecks
Public product depends on Trino and Apache Iceberg ecosystem health, AWS/GCP/Azure cloud costs and marketplaces, Enterprise data-security approvals; operational concentration and vendor terms are not public.
Diligence request: Request vendor dependency map, integration SLAs, supplier/customer implementation data and concentration analysis.