The Cambrian Explosion of SaaS: In Conversation with Sarah Guo, General Partner, Greylock


Last year,  Sarah Guo made news by becoming the youngest General Partner at Menlo Park firm Greylock Partners, and we were delighted to host her at our most recent Data Driven NYC.  

Greylock is one of the oldest firms in venture capital, notable in particular for its investments in Facebook, LinkedIn and AirBnB.  Greylock has also actively invested in the data ecosystem, including in a number of companies that presented at Data Driven NYC over the years: Cloudera, Sumo Logic, Trifacta, Instabase, etc.

Sarah is mostly focused on enterprise, SaaS and security investments, and we got into a bunch of interesting topics during this conversation.

Here’s the video, and below are some notes.


Following talent where it is:

  • Historically, talent around scale and GTM has been most accessible in Silicon Valley, but it only takes a generation or two of great companies for that talent to go everywhere
  • These days, Greylock reacts to where the talent is, and half of Sarah’s personal portfolio is not in the Bay Area – she invested in companies located in Southern California, Paris and Dublin 
  • Also, people these days are building teams that are different, from a geographical standpoint:- they have engineering offices outside Silicon Valley, or build completely distributed companies  
  • New York has been an up and comer for a while, with a lot of growing SaaS players today.  Only takes a few companies of massive scale like Datadog to encourage people to be more entrepreneurial, and choose startups over the many other professional options one gets in New York. 

What is the current market sentiment?

  • Very cognizant  of having only operated in a bull market
  • At Greylock, we are technology optimists, and we focus on trends that are secular, and we’re believe we’re in the early innings of a big phase of market cap creation ahead
  • At the same time, Sarah is a bit nervous… valuations have skyrocketed, particularly at the mid-stage where it is well understood what metrics indicate success.  This cannot go on forever. 

The cambrian explosion of SaaS:

  • We’re going through a cambrian explosion of enterprise software, which is getting broadly democratized
  • Today, the market is much wider than it used to be in terms of type of customers SaaS can serve, ranging from big enterprise customers to now SMBs, if you can figure out Internet distribution (Shopify being an extreme example of that). 
  • Another “W” is the width of the user base touched by SaaS products within each company.  It used to be the case that only a small group of IT administrators would interact with the software.  Now, software is much more broadly adopted across various types of users across the enterprise. 
  • This opens many opportunities for SaaS companies.  However, how one builds a successful startup in that context is not solved science, as the pioneering companies leading that trend that are only 5-10 years old.   Some problems you face are very human (and organizational). For example, if your software is used by both HR and finance within an organization, whose budget should be used to pay for it? 

Cybersecurity as a “data problem”

  • Sarah feels vindicated that Cybersecurity has become such a hot topic these days – an $70-80B industry that is “growing in multiples” 
  • The macro thesis here is simple – the need for Cybersecurity is “attached to the growth of the Internet”: as more critical enterprise systems (transaction systems, customer data etc) move online, the risks increase 
  • The government has also highlighted cyber as a new frontier for war 
  • Another driver for the industry is the fact that technology-aware consumers have become more privacy focused, raising expectations on companies about how they handle and protect that data 
  • Out of $70-$80B, about half is in services and half in software, but the software part is growing faster in part because of the lack of cyber talent 
  • Most of the software is still spent on more traditional environments (on prem) and well-known categories (network, endpoint, etc)
  • But as more customers, partners and employees interact with the enterprise through the Internet constantly, this is going to need to be re-architected, which is a big opportunity
  • The big opportunity is to design security architectures to make the cloud a strength… very few companies are there, not clear what architecture is going to work
  • Within security, we are particularly interested in a) solutions for hybrid cloud environments and b) solutions that leverage AI
  • Some examples in our portfolio: 
    • Obsidian — user identity ML to understand user activity patterns
    • Awake security – uses ML to inspect network traffic (on prem or in cloud)
  • AI is particularly interesting if you think of Cybersecurity as a data problem.  Instead of re-architecting a whole system, you can inspect massive amounts of data to figure out what’s going on
  • There’s been a lot of talk about providing better explainability in AI – that need is particularly strong in cybersecurity, which is at the forefront of that trend 

Leave a Reply

Your email address will not be published. Required fields are marked *