Overview

Sqreen was an application security platform founded in Paris in 2015 by Pierre Betouin and Jean-Baptiste Aviat, two former members of Apple's offensive security Red Team. The company built a lightweight microagent — analogous to an APM agent — that instrumented web applications from the inside, detecting and blocking attacks at runtime without the friction of traditional perimeter-based security tools. It operated from 2015 until its acquisition by Datadog in April 2021, having raised approximately $16–18M across three rounds and grown to roughly 800 customers.

Sqreen's core failure as an independent company was structural, not operational: the architecture that made its product technically superior — an in-app agent surfacing security telemetry to a central platform — was identical to the architecture that observability platforms like Datadog were already deploying at scale. When the market began converging observability and security into unified platforms, Sqreen's standalone value proposition became a feature rather than a category.

Datadog acquired Sqreen in April 2021 for a reported ~$220M (unconfirmed officially). ^[1] The technology became the foundation for Datadog's Application Security Management product. Jean-Baptiste Aviat joined Datadog post-acquisition. ^[2] For investors who backed a ~$18M total raise, the outcome — if the $220M figure is accurate — represented a strong multiple, though the company never reached the independent scale its Series A suggested was possible.

Founding Story

Pierre Betouin joined Apple in 2006 and spent nine years leading the Red Team for Apple's Internet Services department — the internal group responsible for offensive security assessments, finding vulnerabilities before adversaries did, and designing protections for Apple's web-facing products. ^[3] Jean-Baptiste Aviat worked alongside him in the same organization. By the time they left to found Sqreen in 2015, both had accumulated a depth of applied security knowledge that few startup founders in the space could match: they had spent nearly a decade thinking about how attackers actually exploit production web applications, not how security vendors marketed protection against them.

The founding insight was direct: the security tools available to web application developers in 2015 were architecturally wrong. Traditional Web Application Firewalls sat in front of applications, inspecting traffic without understanding application context. They generated false positives, slowed development cycles, and required dedicated security teams to operate. The founders had seen this failure mode from the inside at Apple and believed the correct approach was to instrument the application itself — to put security logic where the code ran, not in front of it.

What they built was conceptually analogous to what New Relic had done for performance monitoring: a lightweight library that developers could add in a few commands, which would then instrument application internals and surface signals to a central platform. The security analogue to APM was not a new idea in academic circles, but no company had executed it as a developer-native, self-serve product.

The founders were candid about their limitations. "We were 2 geeks passionate about security and challenging the security status quo, but we had no experience of startups," they wrote in a post-acquisition reflection. ^[4] That self-awareness shaped their early strategy: rather than hire salespeople and build a GTM motion they didn't understand, they spent the first two years entirely on product. "For the first two years, we focused our efforts only on the product, without the sales or go to market," Betouin said. "This approach allowed us not to bias the go-to-market and the geography." ^[5]