What’s Behind the SaaS Spending Slowdown?
And what does it mean for SaaS vendors and resellers? Plus: Rewst shows the way to SaaS fund-raising success, SaaS Alerts craves vendor APIs, and Veeam makes data resilience magic.
It’s an all cloud, all the time world, right?
And more specifically an all SaaS, all the time world. With offices slowly vanishing, 29% of paid work days happening at home, and the tech world re-tooling networks to suit businesses with little to no on-prem infrastructure, is it any surprise that Gartner believes SaaS outlays globally will climb 20% this year and Analysys Mason expects SaaS solutions to account for some two-thirds of SMB business app spending in the same timeframe?
And yet…The average number of SaaS apps per business declined in 2023 for the first time in over a decade, according to SaaS management vendor BetterCloud, from 130 to 112, and posts like this by venture capitalist/razor-sharp industry observer Jamin Ball are far from outliers. It’s been a tough year for SaaS vendors.
“Growth has been slowing down a bit,” says Sofia Faustino, senior manager of insights at SaaS analytics specialist ChartMogul. For example, she notes, startups below $1 million ARR that were growing 60 to 70 percent a year on average before are now growing more like 20%, about the same as bigger, more mature peers.
“It’s the first time that’s happening,” Faustino says.
This is all somewhat predictable, of course. A pullback from pandemic times, when businesses crammed several years of long-anticipated cloud adoption into a handful of quarantine-filled months, was bound to happen eventually. Now it has.
“A lot of revenue got pulled forward for a lot of those SaaS vendors,” says Tom Holahan (pictured), a partner at venture capital firm OpenView Venture Partners, citing Zoom as an example. “Now we’re starting to see companies really examine their spend closely.”
And not just because they’re less worried about Covid. They’re also more worried about a recession, and cutting back accordingly. Unemployment, which was 3.5% last July, stood at 4.3% a year later, according to the Bureau of Labor Statistics, resulting in less “addressable surface area” for vendors that price their software per seat, Holahan notes. “There are just fewer individuals to ultimately sell to.”
AI projects are crowding out other technology investments too, adds Patrick Moorhead, CEO and chief analyst at Moor Insights & Strategy. “If IT groups are putting big spend into generative AI and there’s a fixed IT budget, then they’ve got to pull from something,” he says. Sometimes it’s SaaS licensing.
Relatively recent issues like that don’t fully explain what’s going on here, however, as this chart from Ball’s blog illustrates.
Median next-twelve-month revenue growth has been declining in the SaaS space for close to a decade at this point. Is it possible the swelling ranks of cloud software vendors have surpassed what even a growing market can bear? Ball, for one, suspects there are a lot of SaaS “zombies” with no realistic path to an IPO out there.
Today, there’s something like ~1,400 private unicorns. I have no idea how many are software, but let’s assume ~60% (that could be way off, I’m just guessing). So call it ~850 private software unicorns. Today, there are ~100 public software companies. If the universe of public software companies were to DOUBLE, that implies only ~10% of the current universe of private unicorns make it public. I’d guess the reality is closer to 5% or lower end up making it public.
Six steps to SaaS success
Let’s be clear on two things: 1) None of this impacts SaaS resellers directly, with one potential exception I’ll discuss in a moment, and, 2) None of this spells anything close to doom for the future of SaaS.
“The long term is absolutely ultimately SaaS growth,” says Moorhead, noting that while AI might be a headwind for SaaS spending today it will be a tailwind over time as vendors continue building AI-based functionality into their products, and charge more as a result.
“They’re going to get a kind of revenue bump,” he says, and especially at the lower end of the market where buyers are more urgently in need of automation. “SMB doesn’t have as many resources as enterprises have,” Moorhead (pictured) observes.
In the meantime, he and others have advice for vendors on coping with the SaaS slump:
1. Think suite, not solution. It’s not just MSPs looking to get more software from fewer suppliers. The same goes for increasingly cost-conscious end users hoping to cash in on volume purchasing discounts. “We’re seeing more of an appetite to go with a consolidated platform and concentrate spend on a single vendor,” says Holahan, adding that the best performing vendors in OpenView’s portfolio have long been those with a consolidated platform capable of satisfying that appetite.
“Becoming a multi-product company is typically an important portion of their journey,” he says, citing cloud observability vendor and former OpenView holding Datadog as an example. “They started out with purely infrastructure monitoring,” Holahan notes, before adding log management, application performance monitoring, and other tools. They IPOed at an $8.7 billion valuation five years ago.
2. Build a channel. I won’t belabor a point I’ve made before elsewhere, but for all the success software makers have had with product-led growth strategies, in which end users discover and deploy cloud software on their own, smart vendors follow up to ensure businesses running self-serve trials become paying subscribers. Faustino agrees.
“They are more successful, and their customers that are bigger are more likely to convert, if they have a PLG strategy combined with a sales strategy,” she says.
Or rather, a sales channel strategy, I’d argue, unless you want to recruit and retain an expensive in-house sales team of your own.
3. Look for targets of opportunity. SaaS growth may be slowing overall, but it’s accelerating for vendors with great solutions for targeted use cases. Holahan cites OpenView holding Chargeflow, which helps e-commerce merchants streamline chargebacks, as evidence.
“That work required a lot of manual intervention and a lot of humans in the loop,” he says. “Through advances in AI over the last couple of years, they’ve been able to largely automate that entire process.”
4. Communicate ROI. With businesses getting choosier about SaaS spending these days, savvy vendors are continually showing customers the total value their products provide in sometimes subtle ways, Holahan says. “An ability to just reinforce those things, to help give your end customer the tools that they need to go and be the champion for those solutions internally, is a recipe for success now more than ever.”
5. Invest in adoption. Some 40% of SaaS licenses end up going to waste, according to Productiv. High-growth vendors don’t just talk about value but deliver it too through post-sale customer success programs, like the one security vendor Sophos launched just this week.
6. Don’t skimp on innovation. Here’s that one potential way slumping SaaS growth can affect SaaS resellers that I alluded to before: it can motivate short-sighted management teams to cut back on R&D. Moorhead doesn’t expect to see a lot of that but warns partners to keep a close eye on their vendors just the same.
“If you see R&D as a percentage of revenue decline,” he says, “run away.”
Rewst shows the fund-raising way
At least one SaaS vendor—hyperautomation software maker Rewst—won’t have to worry about R&D budget anytime soon, thanks to the $45 million funding round it completed last week with participation by OpenView, which was part of Rewst’s earlier Series A and B rounds as well. Holahan, in fact, sits on the company’s board.
The investment brings the total sum Rewst has raised since birth to $104 million,
including $76 million in the last 12 months alone. CEO Aharon Chernin (pictured) won’t specify Rewst’s current valuation except to note that it’s “approximately 300%” bigger now than a year ago.
Other numbers have been climbing briskly as well. The company, for example, had about 700 partners when it announced its last raise in January, and now has over 900. Those companies ran more than 274,000 automations over 101 million times in the last 30 days, moreover, versus 46 million over the same timespan late last year.
Rewst plans to power even more automations going forward by applying some of its new funds to expanding a previously introduced team of dedicated integration developers. “All they do is build integrations,” says Chernin, noting that links to Addigy, N-able’s Cove data protection platform, GitHub, ServiceNow, and Webroot, among others are coming shortly.
Additional development dollars will presumably flow toward App Platform, the automation builder Rewst rolled out last November to help MSPs create do-it-yourself interfaces for their customers. About 90 partners are running a beta of the new system at present, with general availability currently scheduled for Q4. Chernin has been impressed by the creativity testers have exhibited so far.
“People are building stuff on there that I never could have imagined,” he says, including sales enablement and license consumption reporting systems as well as end user portals with far more functionality than such tools normally provide.
“Basically, all you’re doing is opening a ticket in most cases in the MSP’s PSA,” Chernin notes of typical portals. “There’s no reason why clients couldn’t be doing self-service and interacting with your automations and getting real-time feedback.”
There’s a larger lesson for vendors in Rewst’s fund-raising success, Chernin believes. Get your numbers right and you can raise capital despite sluggish funding activity by both venture capital and private equity firms.
“They’re looking at revenue, they’re looking at burn, they’re looking at efficiency, they’re looking at product-market fit,” he says. “If you have all of that correct, then you can get an investment today.”
The product-market alignment part is especially critical, Chernin adds, and investors won’t take your word for it. “VCs are constantly calling our customers, whether they’re our VCs or not, and asking them how they like the platform, what they’re doing with it, what they think the future is,” he says. The answers they get, more than anything else, determine how likely they are to fund you.
“They’re not investing in us just because they think the tech is cool,” Chernin says. “They’re investing in us because they’ve seen the product-market fit.”
They share Rewst’s conviction about what’s behind that fit too, he adds. With competition in managed services intensifying and enormous MSPs hungry for efficiency rapidly coming into being, VC and PE firms (along with Atera, ConnectWise, N-able, and Syncro, among many others) appreciate just how big a priority technician productivity has become.
“They see the vision that we see, and it’s automation,” Chernin says.
It’s all about APIs for SaaS Alerts
We know there are a lot of SaaS apps out there. We know as well, thanks to recent research from Thales, that SaaS apps are the number one target for cyberattacks and that 44% of organizations have experienced a cloud data breach. So what’s preventing SaaS security vendors from protecting end users from all that threat activity?
Setting aside the fact that there aren’t a ton of SaaS security vendors to begin with (a curious fact in itself), the answer is APIs. As I wrote last December in a story about SaaS Alerts, one of the few pure-play SaaS security specialists out there, you can’t spot SaaS threat activity without access to relevant telemetry, you can’t access relevant telemetry without an API equipped to provide it, and precious few vendors (SaaS Alerts integrates with about two dozen of them at present) have such an API.
That frustrating truth, in fact, is precisely why SaaS Alerts ran a petition some months back designed to demonstrate how badly channel partners want cloud software makers to share security data with security vendors. Some 550 MSPs with 20,000 SMB clients ultimately signed on, according to SaaS Alerts CEO Jim Lippie (pictured), and a lot of others probably would have joined them if they’d heard about the campaign in time.
“They all say it’s important,” he notes.
This issue came (back) to mind for me last week when SaaS Alerts announced that its platform now integrates with Microsoft Defender for Endpoint to give MSPs broader, more unified visibility into danger signals affecting their customers, something Lippie says they desperately want.
“MSPs in general suffer from work fatigue because they have all these different tools and they’re getting alerts from all these different places and very, very little of it is actually correlated,” he observes.
Why was Defender the first EDR solution SaaS Alerts integrated with rather than SentinelOne, even though 51% of SaaS Alerts partners use the latter solution and 23% use the former? Lippie was far too diplomatic to say, but you can intuit an explanation from comments like this: “Defender’s API is good enough for us to start seeing the data, therefore we can bring it into the SaaS Alerts platform, do the correlations, and provide greater visibility to MSPs working on behalf of their customers.”
SaaS Alerts is actively pursuing similar integrations with additional EDR systems. “I can give you a list of five or six right now that I think a lot of people will be happy with,” says Lippie, who declined to name them for fear of making promises he can’t keep without assistance from the vendors in question.
“I can’t speak to the level of cooperation we’re going to get from various companies,” Lippie says. “If it was all up to us, it would be much, much easier.”
SaaS Alerts can control integration with its own software, of course, and plans to arm its Respond module to remediate issues exposed by Defender soon. “That’s on the roadmap and probably six, eight weeks away,” Lippie says.
(Note: SaaS Alerts is a client of Channel Mastered, the consultancy I work with. Their agreement with us does not, explicitly or implicitly, include coverage of any kind in Channelholic).
Veeam reaps the rewards of data resilience
Disappointed by how few SaaS solutions have security-ready APIs? Here’s more cause for discouragement: Just 15% of businesses consider backing up SaaS data a spending priority at present. Do the other 85% think—wrongly—that SaaS vendors take care of this for them? Not clear, but good to know that 75% of organizations will call SaaS backup a critical requirement by 2028.
All of this data is courtesy of Gartner’s recently published 2024 Magic Quadrant for Enterprise Backup and Recovery Software Solutions, which I got (as can you) from Veeam. A quick glance at the chart below will suffice to explain why Veeam is so eager to share this year’s standings with people like me too. On a grid in which the more up and to the right you are the better, no one is further up the axis for ability to execute than Veeam and only four vendors are further right along the axis for completeness of vision.
Here, meanwhile, is why I’m eager to share the report: turns out I wasn’t out of my mind last October when I suggested that “stand-alone BDR and security software could soon be obsolete.” Fully 90% of enterprise BDR solutions will be capable of detecting and identifying cyberthreats four years from now, Gartner predicts, versus less than 45% today.
Like many others, I usually refer to solutions combining backup and security as “cyber resilience” products. Veeam, being a data protection vendor I suppose, prefers “data resilience,” and believes how much of it a given company offers best explains where they placed on the grid in 2024 versus 2023.
“That’s what we saw directionality year over year,” says Dave Russell, Veeam’s senior vice president of enterprise strategy. “Those vendors that aren’t keeping pace with overall data resiliency trends were not evaluated as favorably year over year.”
Good news for Veeam, which has allied with Sophos to provide coordinated backup and MDR, introduced support for the syslog logging standard to make integration with other security vendors easier, and acquired incident response vendor Coveware just within the last year. Bad news, I continue to believe, for anyone offering backup but not security too.
Also worth noting
N-able has added five vendors (including Hudu and AlertOps) to its Technology Alliance Program.
Malwarebytes’s ThreatDown business security suite now supports ARM-based endpoints.
Another week, another security service provider alliance for TD SYNNEX. Last time it was Securonix. This time it’s eSentire.
vCISO platform provider Cynomi (which you’ve read about here before) is now partnering with attack surface management vendor Cavelo.
All-in-one security platform maker Guardz has rolled out a free “Community Shield” plan to help MSPs secure themselves.
NIST, in a bid to get ahead of the curve on the scary security implications of quantum computing, has introduced its first quantum-era encryption standards.
Ivanti has added risk-based prioritization to its Ivanti Neurons for Patch Management solution.
Steve Farmiloe is the new director of channels development at Granite Telecommunications.
Tim Mackie is the new vice president of worldwide channels and alliances at Claroty.
Sandler Partners is now part of SASE-as-a-service vendor Aryaka’s elite DRIVE program for strategic partners.
GoTo has deepened its alliance with auto dealer call handling vendor Car Wars.
HPE is acquiring hybrid cloud management and ops vendor Morpheus Data.
Mega MSP alert: New Charter Technologies (remember them?) has acquired Dynamic Edge, an MSP with offices in Ann Arbor, Mich. and Nashville, Tenn.
Former channel exec and current career leadership coach Rema Lolas will keynote the Alliance of Channel Women’s ACWConnect Live! networking event next month at the Channel Futures MSP Summit.